The X and TikTok apps on a smartphone screen on April 10, 2025
TikTok faces one of the largest fines ever issued under European law for unlawfully transferring users’ personal data from the EU to China.Jens Büttner/picture alliance via Getty Images

  • EU regulators hit TikTok with a $600 million fine for unlawful data transfers to China.

  • They said TikTok failed to ensure EU-level data protection under Chinese law.

  • The social media giant said on Friday that it disagreed with the fine and planned to appeal.

European regulators have fined TikTok $600 million after concluding that the social media giant unlawfully transferred users’ personal data from the EU to China and failed to meet key transparency obligations under European data privacy laws.

Ireland’s Data Protection Commission, which acts as the lead EU watchdog for many global tech firms headquartered in Dublin, led the investigation.

It said TikTok failed to ensure that data accessed by employees in China was protected at a level “essentially equivalent” to EU standards, as required under the General Data Protection Regulation (GDPR).

Regulators also said the company misled users by failing to name China as a data destination and not disclosing the extent of remote access from countries like China, breaching GDPR’s transparency rules.

“As a result of TikTok’s failure to undertake the necessary assessments, TikTok did not address potential access by Chinese authorities to EEA personal data under Chinese anti-terrorism, counter-espionage, and other laws identified by TikTok as materially diverging from EU standards,” Deputy Commissioner Graham Doyle said.

The $600 million penalty includes about $550 million for unlawful data transfers and about $50 million for transparency violations. The penalty is the third-largest ever under the GDPR and part of a growing European scrutiny targeting Big Tech’s data practices.

TikTok may face a suspension of data transfers to China if it doesn’t comply within six months.

Last month, TikTok acknowledged that limited European user data had been stored on servers in China, contrary to previous claims, and that it has since been deleted.

However, in a statement on Friday, the social media giant said it disagreed with the decision and plans to appeal.

Christine Grahn, TikTok’s head of public policy and government relations, said the ruling overlooks significant reforms introduced under its “Project Clover” data security initiative.

She added that TikTok has never received or complied with a request for European user data from Chinese authorities.

This isn’t TikTok’s first major penalty. In 2023, Ireland’s Data Protection Commission fined it $368 million for failing to protect children’s data.

That same year, Meta was fined $1.3 billion over concerns that Facebook data transferred to the US could be used to spy on European citizens in violation of the EU’s privacy laws.

Read the original article on Business Insider