TikTok Fined $600M for Sending European User Data to China -

Ireland’s Data Protection Commission has fined TikTok €530 million ($600 million) and ordered it to bring its operations into compliance with the EU’s General Data Protection Regulation following an investigation into the transfer of European user data to China.

The DPC, acting as TikTok’s lead EU regulator, found the social media company in breach of GDPR rules related to transferring personal data from users in the European Economic Area to China, and for failing to provide sufficient transparency to users about these transfers.

The decision, issued by Data Protection Commissioners Des Hogan and Dale Sunderland, concluded that TikTok had not adequately assessed or demonstrated that the data protection rights of EEA users, whose data was accessed by employees in China, were protected at a level equivalent to EU standards.

The DPC also found that TikTok’s former privacy policies failed to clearly disclose which countries user data was transferred to, and the nature of the data processing involved.

TikTok Failed to Guarantee EU-Level Data Protection

“TikTok failed to verify, guarantee and demonstrate that EEA personal data, remotely accessed in China, received protection equivalent to that within the EU,” said Deputy Commissioner Graham Doyle. “This undermines core safeguards of the GDPR.”

The €530 million fine comprises €485 million for violations of Article 46(1) GDPR — relating to the lawfulness of international data transfers — and €45 million for breaching Article 13(1)(f), which governs transparency obligations.

In addition to the fine, TikTok has been given six months to bring its data transfer practices into full compliance. If it fails, data transfers to China will be suspended.

The DPC noted that while TikTok made changes under its internal “Project Clover” to address compliance issues, these were insufficient to prevent enforcement action.

TikTok Admits to Misleading Inquiry

The regulator also expressed serious concern over new revelations provided by TikTok in April 2025, which disclosed that limited EEA user data had been stored on servers in China, contrary to earlier submissions made during the inquiry.

“The DPC is considering what further regulatory action may be warranted in light of TikTok’s admission that inaccurate information was provided during the inquiry,” Doyle said.

The ruling follows a pan-European consultation process under GDPR rules, with no objections raised by other EU data protection authorities.

Trending News

STAY CONNECTED

Subscribe

Student's Corner

Editor’s Note

Dr Murali Thummarukudi Launches ESG TIMES

DHL Express, World Energy Partner To Decarbonize Aviation

Products & Innovations

Blind Boy’s Blooming Pens

Subscribe Now

Trending News

TikTok Fined $600M for Sending European User Data to China

Reliance NU Suntech, SECI Ink 25-Year PPA Pact for 930 MW Solar-Battery Project

EU Regulator Proposes New Rules to Boost ESG Rating Transparency

Nirmal Menon

Related posts

EU Regulator Proposes New Rules to Boost ESG Rating Transparency

Trump Withdraws US from Paris Climate Agreement, Challenging Global ESG Progress

Odisha’s Green Economy Push Could Create 1M Jobs, Boost GDP by 23% by 2030

The LEGO Group Expands Sustainability Efforts with Carbon Removal Investments

India’s Green Credit Policy: Preserve Environment and Prosper Your Pocket

GRI Launches Service to Bridge EU Sustainability Reporting Gap