The 530 million euro fine by Ireland’s Data Protection Commission against TikTok could mark a watershed moment in data transfer enforcement under EU GDPR. The DPC issued the fine after an investigation found the company did not comply with GDPR data transfer obligations as TikTok’s remote access practices allowed European Economic Area user data to be shared with employees located in China. The move served as the first data transfer fine from an EU member state to China. Read more about DPC Deputy Commissioner Cian O’Brien’s comments regarding the decision.
