EU Fines TikTok €530 Million Over Data Transfers to China

The European Union has imposed a €530 million fine on TikTok for failing to safeguard user data and allowing it to be accessed by Chinese authorities. The decision was issued by Ireland’s Data Protection Commission (DPC), which oversees TikTok in the EU under the General Data Protection Regulation (GDPR).
According to Deputy Commissioner Graham Doyle, TikTok, owned by Chinese company ByteDance, did not meet EU data protection standards and neglected to address the risk of Chinese government access under local counterintelligence and anti-terrorism laws.
The DPC noted that TikTok failed to conduct a proper risk assessment and largely ignored the legal implications of processing data of European users under foreign law. The case highlights growing concerns within the EU over the control and flow of sensitive digital information, especially involving platforms based outside Europe.
This is one of the largest GDPR-related fines issued to a tech company to date.