TikTok has been hit with a €5 million (around AU$7.8 million) penalty by the French data protection watchdog CNIL over cookie consent flow on its tiktok.com website.
The offending cookie notice appeared in June 2021 but was replaced by a “Refuse All” button on the site in February 2022.
“During the check carried out in June 2021, the CNIL noted that while the companies TikTok United Kingdom and TikTok Ireland did offer a button allowing cookies to be accepted immediately, they did not put in place an equivalent solution (button or other) to allow the Internet user to refuse their deposit just as easily. Several clicks were necessary to refuse all cookies, against only one to accept them,” the watchdog notes in a press release (translated by Google).
Plus, CNIL found that TikTok had not informed users in a “sufficiently precise manager” about the purpose of the cookies on either the information banner and within the “choice interface” that was accessible after clicking on a link in the banner.
“These findings relate to past practices that we addressed last year, including making it easier to reject non-essential cookies and providing additional information about the purposes of certain cookies. The CNIL itself highlighted our cooperation during the course of the investigation and user privacy remains a top priority for TikTok,” said a TikTok spokesperson.