Tech. Science. Culture.
We may earn a commission from links on this page

TikTok Hits Pause on Its Most Controversial Privacy Update Yet

The company planned to unleash targeted ads onto users, even if they didn't consent. Italy warned against it.

We may earn a commission from links on this page.
Image for article titled TikTok Hits Pause on Its Most Controversial Privacy Update Yet
Photo: Denis Charlet (Getty Images)

Early last month, TikTok users across Europe were told that, starting July 13th, the platform would begin using their on-app data to serve up targeted ads, even if those users didn’t consent to the practice. Now, less than a day before that change would have rolled out European Union-wide, it looks like the company’s reconsidering things a bit.

A company spokesperson told TechCrunch on Tuesday that TikTok is “pausing” the update while it “engage[s] on the questions from stakeholders,” about the way it handles personalized ads. And needless to say, there are quite a lot of questions about that right now—from data protection authorities in the EU, from lawmakers in the US, and from privacy experts pretty much everywhere.

For context: until this point, European users that opened the TikTok app needed to offer express consent to let the company use their data for targeted ads. This update planned to do away with the need for that pesky consent by on a legal basis known as “legitimate interest” to target those ads instead.


In a nutshell, the “legitimate interest” clause would let TikTok process people’s data, consent-free, if it was for a purpose that TikTok deemed reasonable. This means the company could say, for example, that because targeted ads bring in more money than their un-targeted equivalent, it would be reasonable to serve all users—consenting or otherwise—targeted ads. Reasonable, right?

Apparently not. Just this week, for example, Italy’s data protection authorities issued a formal warning to TikTok about the upcoming change, noting that the company’s planned privacy tweaks ran afoul of statutes within European privacy laws. The legitimate interest clause, Italy said, shouldn’t be used willy-nilly (in fact, it can only be legally used under super-specific conditions), and TikTok just didn’t have the grounds to rely on it. Aside from that, the same warning raised red flags about TikTok potentially targeting underage users if it followed through with the change—especially since it’s had a few hiccups trying to keep those younger tweens off the app and out of its targeted advertising pool.


Meanwhile, TikTok’s been undergoing a separate probe from Ireland’s data watchdog over alleged GDPR violations for nearly a year, while also battling an ongoing lawsuit over alleged GDPR violations in the U.K.

And while we don’t have anything remotely close to Europe’s data protection laws here in the U.S., lawmakers have begun calling for the FTC to open its own probe into the app’s data sharing details. An FCC commissioner called for Google and Apple to yank the app from their App StoresThis comes on the heels of the Trump administration’s fervent (and woefully misguided) crusade against the app just a few short years ago.