Advertisement

We need your help now

Support from readers like you keeps The Journal open.

You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.

If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.

€2 a Month €5 a Month One-off amount
privacy breach

Irish data protection watchdog slaps TikTok with €530 million fine over data transfers to China

The penalty was over TikTok transferring European users’ personal data to China.
11.40am, 2 May 2025
14.3k
32

TIKTOK HAS BEEN hit with a €530 million fine by Ireland’s data data protection regulator for breaching privacy rules.

The hefty penalty was over TikTok transferring EU users’ personal data to China, where the information could be “remotely accessed by staff” at the company’s global headquarters.

In its ruling, the Data Protection Commission (DPC) made an order requiring TikTok to bring its processing of users’ data into compliance within 6 months.

The decision also includes an order suspending TikTok’s transfers to China if processing is not brought into compliance within this timeframe.

DPC Deputy Commissioner Graham Doyle said that the EU’s General Data Protection Regulation (GDPR) requires the same level of protection provided within member states where personal data is transferred to other countries outside of the bloc.

“TikTok’s personal data transfers to China infringed the GDPR because TikTok failed to verify, guarantee and demonstrate that the personal data of EEA users, remotely accessed by staff in China, was afforded a level of protection essentially equivalent to that guaranteed within the EU,” Doyle said.

“As a result of TikTok’s failure to undertake the necessary assessments, TikTok did not address potential access by Chinese authorities to EEA personal data under Chinese anti-terrorism, counter-espionage and other laws identified by TikTok as materially diverging from EU standards.”

The DPC said in its decision that TikTok had submitted “erroneous information” to the inquiry, having initially informed the regulator that it “did not store EEA User Data on servers located in China”.

But the DPC said this position changed last month, when TikTok informed investigators of an issue that it had discovered in February where “limited” user data had “in fact been stored on servers in China”, contrary to previous evidence.

“TikTok informed the DPC that this discovery meant that TikTok had provided inaccurate information to the Inquiry,” the DPC said.

While the fine is sizable, it’s dwarfed by a €1.2 billion fine against Meta and also not as high as a €746 million penalty levied on Amazon.

Readers like you are keeping these stories free for everyone...
A mix of advertising and supporting contributions helps keep paywalls away from valuable information like this article. Over 5,000 readers like you have already stepped up and support us with a monthly payment or a once-off donation.
Learn More Support The Journal

Author
View 32 comments
Send Tip or Correction
Close
32 Comments
This is YOUR comments community. Stay civil, stay constructive, stay on topic. Please familiarise yourself with our comments policy here before taking part.
Leave a Comment
    Submit a report
    Please help us understand how this comment violates our community guidelines.
    Thank you for the feedback
    Your feedback has been sent to our team for review.

    Leave a commentcancel

     
    JournalTv
    News in 60 seconds
    The Journal supports the work of the Press Council of Ireland and the Office of the Press Ombudsman, and our staff operate within the Code of Practice. You can obtain a copy of the Code, or contact the Council, at https://www.presscouncil.ie, PH: (01) 6489130, Lo-Call 1800 208 080 or email: mailto:info@presscouncil.ie