The Dutch Data Protection Authority (KVKK) imposed a fine on TikTok.
In the decision taken on the website of the institution ex officio on the complaints that the “explicit consent” regarding the TikTok application of the social media platform has not been obtained in accordance with the Personal Data Protection Act No. 6698 , there are illegalities in obtaining and storing personal data, and there are many security vulnerabilities in the software. reports that an investigation has been launched.
In this way, it was stated that only the videos shared by the user-approved followers can be viewed and the people who can download and comment on the videos are limited.
“CONTENT IS NOT AVAILABLE EASY TO UNDERSTAND”
The decision stated that TikTok’s non-disclosure agreement does not provide clear information about what personal data is processed for what purpose and under what processing conditions, stating that “in this context, “processing for specified, clear and legitimate purposes” and It is understood that there is a violation of the principles of relatedness, limitation and proportionality to the purpose for which they were committed.
“With regard to the processing activities of personal data carried out on the basis of explicit consent, in accordance with subparagraph (f) of Article 5 of the Communiqué on the procedures and principles to be followed in fulfilling the obligation to clarify, since it also used in place of the explicit consent text, the requirement that the explicit consent be complied with separately from the obligation to inform has proved unavailable.”
It was noted that TikTok has not obtained explicit consent from the individuals in the context of the processing of personal data carried out by using cookies for profiling purposes, and the processing of personal data carried out within this framework is also not in accordance with the law .
The decision included the following considerations: