The sale of TikTok in the U.S. continues to drag on.  Back in 2024 the U.S. Department of Justice had alleged that TikTok shipped personal information to China and allowed profiling of the short video app's users made. Hence the reason for forcing a sale of TikTok in the U.S. if you had doubts about TikTok sending user data to China, look no further than a new ruling issued in Ireland today.

Today, Ireland’s Data Protection Commission announced its final decision following an Inquiry into TikTok Technology Limited (“TikTok”). This Inquiry was launched by the DPC, in its role as the Lead Supervisory Authority for TikTok, to examine the lawfulness of TikTok’s transfers of personal data [1] of users of the TikTok platform in the EEA to the People’s Republic of China (“China”). In addition, the Inquiry examined whether the provision of information to users in relation to such transfers met TikTok’s transparency requirements as required by the GDPR.

The decision, which was made by the Commissioners for Data Protection, Dr Des Hogan and Mr. Dale Sunderland, and has been notified to TikTok, finds that TikTok infringed the GDPR regarding its transfers of EEA User Data to China [2] and its transparency requirements [3]. The decision includes administrative fines totaling €530 million (US$603) and an order requiring TikTok to bring its processing into compliance within 6 months.

The decision also includes an order suspending TikTok’s transfers to China if processing is not brought into compliance within this timeframe.

(Click on image to Greatly Enlarge)

For full details, review the report issued by Ireland’s Data Protection Commission.