European Union:
French Privacy Regulator Investigating TikTok For GDPR Violations
02 September 2020
Pearl Cohen Zedek Latzer Baratz
To print this article, all you need is to be registered or login on Mondaq.com.
A spokesperson for the French data protection authority
("CNIL") has confirmed that CNIL launched an
investigation against the social media platform TikTok, after
receiving a data subject's complaint alleging that TikTok
violated the EU General Data Protection Regulation (the
"GDPR").
The CNIL investigation was initiated following a data
subject's complaint relating to a request to delete a video on
the social platform. The data subject alleged that TikTok has
violated the GDPR right to be forgotten. But the investigation has
since expanded to include issues related to transparency
requirements about how TikTok processes user data; users' data
access rights; transfers of user data outside the EU; and steps
taken to ensure the data of minors is adequately protected.
TikTok is currently attempting to set its principal European
establishment in Ireland. If successful, the investigation may be
transferred to the hands of Ireland's Data Protection
Commission.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
POPULAR ARTICLES ON: Privacy from European Union
Metaverse As A Business
KP Law
Noting that the metaverse will not be built overnight by a single company, Meta said that many of the products to be designed for Meta's concept will only be fully realized within the next 10-15 years.
Regulating Cybersecurity Across The EU And The UK
McDermott Will & Emery
On November 28, 2022, the Council of the European Union formally adopted the Network and Information Security 2 Directive (NIS 2 Directive), replacing the current NIS Directive (Directive 2016/1148/EC).
Better Late Than Never: Slovenia Last EU Member State To Adopt GDPR Implementing Act
Schoenherr Attorneys at Law
On 15 December 2022, the Slovenian Parliament finally adopted the Data Protection Act (Zakon o varstvu osebnih podatkov, ZVOP-2, "ZVOP-2"), a national law implementing the EU General Data Protection Regulation ("GDPR"). The act had been several years in the making, with the earliest draft released for public consultation back in 2017.