TikTok ads policy is ‘clear abuse’ of European law GDPR
TikTok said it would change its policy next week to allow data to be gathered from over-18s in Europe whether or not they had consented, claiming the move was allowed under Europe's data protection law (GDPR).
But digital rights group Access Now wrote to the company asking for clarity on the legal basis, calling it a “clear abuse” of several European laws, including the GDPR.
“TikTok wants to strip away the rights of people who use the platform to bump its ad revenue,” said Ms Estelle Masse of Access Now.
Ms Masse said other social media platforms also had problems with their consent mechanisms, but TikTok was “taking a step further” by “effectively suggesting that we should not have a say in deciding how our information is used”.
Social media firms gather vast troves of data on individuals' online habits and use it to sell highly targeted advertising. But the GDPR forces firms to give detailed justifications for gathering data, something social media platforms have struggled to do.
TikTok has said its policy change relies on a principle in the GDPR called “legitimate interest”, which allows companies to process data without giving a specific justification.
However, regulators have already begun to limit the use of legitimate interest. They ruled in February that websites relying on the principle to opt-in users to targeted advertising were acting illegally.
TikTok, whose parent company ByteDance is Chinese, is also under pressure from lawmakers in the United States over its use of data after reports suggested it allowed its staff in China to access data on US-based users.
The social media company confirmed the reports last week in a letter to US Congress but said it would never allow Communist Party officials to access data on US users.