Overview
- TikTok violated EU data privacy laws by transferring and storing European user data on Chinese servers, contradicting its earlier claims.
- The Irish Data Protection Commission (DPC) levied a €530 million fine and mandated compliance with GDPR within six months.
- ByteDance, TikTok's parent company, admitted in April 2025 to the unauthorized storage of EU data in China and has since claimed the data has been deleted.
- EU regulators are evaluating additional measures, citing TikTok's failure to ensure EU-level data protection and the potential access of Chinese authorities to user data.
- ByteDance has launched 'Project Clover,' including a data center in Norway, to address compliance concerns, while it plans to appeal the fine.