TikTok is failing in its duty to protect children using its service and probably collects and spreads the private data of minors to anonymous third parties, a number of these in China, in breach of the General Data Protection Legislation (GDPR).
That’s based on Amsterdam-based Foundation for Market Information Research (Stichting Onderzoek Marktinformatie, or SOMI), a nonprofit organisation which advocates for data privacy and consumer problems in the Netherlands and about Europe.
SOMI is urging concerned parents from any place in the world to contact it through its site and enroll for a little charge as it gathers advice ahead of a potential collective lawful claim against the China-owned social networking platform.
“Europe has made the GDPR to provide users control over their personal data and also to protect minors from the electronic world,” said Cor Wijtvliet, SOMI co-founder. “TikTok consistently violates similar standards in states beyond the EU on many counts.”
“This is a significant reason for concern; not because it occurs without the consumer’s consent or even their knowledge, but particularly since the business is proven to have committed such offences before,” he explained. “Kids are insufficiently protected against undesirable contacts with unidentified adults online. That is why we chose to make a stand.
“The very first step is thorough research. Only after that can we build a possibly profitable claim. For this end, we’re currently collecting user information and study reports. On the other hand, the goal of the public activity isn’t too much to get monetary compensation; this is only the cherry on the cake. Our principal purpose is to ensure children are well protected on the web and that individual customers aren’t powerless against the manufacturers of programs that are popular. Together, we’re stronger and the promise is stronger.”
SOMI’s principle criticism is that TikTok has been warned last year that kids aren’t being adequately protected against online contact with adults that aren’t known to themand that parental oversight of this service could be”entirely insufficient”.
It stated that TikTok permits the creation of user accounts by minors by the time of age 13 and upward, which for a single thing is readily circumvented by beneath -13s, which since 13 is under the age of majority in Europe it consequently requires consent from a guardian to process the information; which TikTok procedures more sensitive information like device info, location and consumer action, even if inactive; this TikTok lacks transparency about data, communicating and principles for topics to exercise their information rights, and about what information it allows third parties accessibility, and also what and how they do on itand that TikTok’s layout and default settings don’t guarantee data security under GDPR.
SOMI also considers TikTok hasn’t taken appropriate technical and organisational measures to make sure its program is protected according to GDPR, and it is probably transferring data outside the EU — it mentioned a June 2020 research paper made by security company Penetrum which asserts that almost 40percent of IP addresses used by TikTok are out of China and may be connected to Alibaba, again a breach of GDPR since China isn’t considered a safe third country under the regulation.
“We take compliance with applicable legislation and regulations on data security , for example, GDPR, quite severely. Our un ser information is now stored at the US and Singapore, and we also have announced our intention to set up a European datacentre at Ireland. TikTok isn’t accessible China, and we’ve never supplied data to the Chinese authorities, nor would we do this when requested.”