The popular video-sharing platform TikTok has been fined €530 million (approximately $600 million) by the European Union for transferring EU citizens’ personal data to China. The platform has been accused of failing to safeguard this data from Chinese authorities.
According to AFP from Dublin, an investigation by Ireland’s Data Protection Commission (DPC) revealed that TikTok initially denied but later admitted that some data of European users had been hosted in China. This led to one of the largest fines ever imposed by the EU.
DPC Deputy Commissioner Graham Doyle stated that TikTok failed to demonstrate, verify, and ensure that the data accessed remotely by employees based in China was protected to the same level guaranteed by EU standards. He further noted that TikTok acknowledged being subject to Chinese anti-terror and anti-espionage laws, which deviate from EU standards and could allow Chinese authorities to request user data — a risk TikTok did not address adequately.
TikTok’s European representative Christine Graham responded by saying, “The Chinese authorities have not requested access to European users’ data, and we have not provided any. We disagree with the decision and will appeal.”
The DPC concluded that TikTok violated the General Data Protection Regulation (GDPR) by transferring personal data to China. The platform was also fined an additional €45 million for lack of transparency, as it did not inform users between 2020 and 2022 that their data could be accessed from China.
TikTok has been given six months to bring its data processing activities into compliance with EU law, or face a suspension of data transfers to China.
This penalty is expected to increase pressure on TikTok in the United States as well. In 2024, the US Congress passed a law requiring ByteDance, TikTok’s parent company, to divest its US operations. Although former President Donald Trump extended the deadline, the platform must now be sold by June 19.
TikTok has also faced bans in several countries, including Pakistan, Nepal, and New Caledonia in France, due to concerns over misinformation, violent or explicit content, and opaque algorithms.
In response, TikTok launched the “Clover Project” with a €12 billion investment to strengthen data protection in Europe. The company stated that user data is typically stored in Norway, Ireland, and the United States. However, in April 2025, TikTok admitted that some European data had been stored in China until recently — contradicting its earlier claims.