TikTok has been fined €530 million, approximately $600 million, by an Irish court for violating the European Union’s General Data Protection Regulation (GDPR) by sending European users’ data to servers in China. The company has six months to comply with the regulation, pending any potential appeal.
The Irish Data Protection Commission (DPC) found that TikTok breached GDPR laws because it failed to guarantee that data transferred to China would be protected to a standard equivalent to the EU’s. The court specifically highlighted China’s anti-terrorism and counterespionage laws as potential risks that could allow Chinese authorities to access European users’ data.
The fine is broken down into two parts: €485 million for sending user data to China, and €45 million for its privacy policy failing to adequately explain the data transfers. TikTok updated its privacy policy in 2022, which the court deemed “compliant.” Despite the company’s promise to invest €12 billion (about $13.6 billion) in EU data centers, the court remained unswayed.
During the inquiry, TikTok maintained that user data was only remotely accessed from China and not stored on servers there. However, last month, the company informed the court that it had discovered “limited” European data had been stored in China and has since been deleted. DPC deputy commissioner Graham Doyle warned that “further regulatory action” may be necessary due to this additional breach.
This fine is the third-largest GDPR penalty to date, with only Meta and Amazon receiving larger fines. TikTok, which has its European headquarters in Ireland, had previously been fined $367 million in 2023 for its handling of children’s data.
The ruling comes as TikTok’s US business remains uncertain. The app was banned in the US due to concerns over its data security and potential control by Chinese authorities. To continue operating in the US, TikTok must find a US buyer. Last month, Donald Trump signed a second 75-day pause on the ban, as his ongoing trade war with China appears to have delayed efforts to negotiate a sale of the app’s US arm with Chinese owner ByteDance.
