TikTok Hit With New US Lawsuit for Unauthorized Collection of Children’s Data
Published on June 21, 2024
- TikTok and its parent company face a fresh lawsuit in the US for collecting children’s data without parent consent.
- The investigation focused on a service the company acquired in the meantime and incorporated it into TikTok.
- Said service has already received a hefty fine for violation of children’s online privacy in 2019.
The Federal Trade Commission (FTC) referred a complaint regarding children's privacy against the popular social media app TikTok and its parent company, ByteDance, to the US Department of Justice. The FTC's investigation, which has now led to this lawsuit, initially focused on the Musical.ly service.
ByteDance acquired this service in November 2017 and later integrated it into TikTok. As a result of a 2019 settlement with the company, Musical.ly was fined a substantial $5.7 million for its violations of the Children’s Online Privacy Protection Act (COPPA).
COPPA requires websites and services like Musical.ly, TikTok, and others to receive parental consent before harvesting personal information from children under the age of 13.
These violations included the unauthorized collection of personal information from children without parental consent, as Musical.ly did not require the user’s age upon account creation and failed to request age information later on for registered users.
In September 2016, the service received over 300 complaints from parents asking to delete their children’s Musical.ly accounts. However, standard privacy practice also requires removing user content and data from the company’s servers besides invalidating user accounts on the platform, which COPPA asks for as well. The company failed to deal with these complaints properly and did not delete kids’ videos and profiles from the Musical.ly servers.
TikTok has been a privacy and security concern for years. In 2022, it received a $28 million fine for failing to protect children’s privacy in the UK and paid $92 million in 2021 to settle dozens of lawsuits alleging that it harvested personal data from users and unauthorized use of facial recognition technology and sharing of data with third parties.
The ByteDance-owned app recently made the news for a zero-click exploit targeting brand and celebrity accounts.
