Ireland fines TikTok 530 million euros for sending EU user data to China

TikTok has been fined 530 million euros ($601.3 million) by Ireland’s privacy regulator for sending user data to China.

The Irish Data Protection Commission (DPC) — which leads on privacy oversight for TikTok in the EU — said Friday, May 2, 2025, that TikTok infringed the bloc’s GDPR data protection law over transfers of European user data to China.

The regulator ordered TikTok to bring its data processing into compliance within six months and said it would suspend TikTok’s transfers to China if processing is not brought into compliance within that timeframe.

“TikTok’s personal data transfers to China infringed the GDPR because TikTok failed to verify, guarantee, and demonstrate that the personal data of EEA users, remotely accessed by staff in China, was afforded a level of protection essentially equivalent to that guaranteed within the EU,” Graham Doyle, deputy commissioner at the DPC, said in a statement Friday.

“As a result of TikTok’s failure to undertake the necessary assessments, TikTok did not address potential access by Chinese authorities to EEA personal data under Chinese anti-terrorism, counter-espionage, and other laws identified by TikTok as materially diverging from EU standards,” he added.

TikTok was not immediately available for comment when contacted by CNBC

Source: CNBC.com