Today, TikTok CEO Shou Zi Chew met with senior European Union lawmakers to discuss a range of topics related to the Digital Services Act (DSA) and existing regulations on privacy and data protection (including GDPR). They discussed how the company is preparing to comply with upcoming pan-EU rules concerning content governance and safety, as well as its approach toward current laws.
At the meetings with Chew, EU commissioners discussed child safety, Russian disinformation and political content transparency.
TikTok’s strategic interests are served by fostering a relationship with the European Commission since it will be designating core platform services and overseeing compliance for both the DMA and additional obligations for larger platforms (VLOPs), which TikTok is likely to fit into, even if it avoids being labeled as a DMA gatekeeper.
The DSA took effect in November, but most of its provisions won’t be enforced until 2024. VLOPs have a shorter timeline; platforms must comply within four months of designation, so the DSA is likely to come into force for the first wave of VLOPs by mid-year.
The Commission is taking advantage of having Big Tech CEOs in Brussels, engaging with commissioners for photo ops.
“We had a constructive discussion on the potential of TikTok as an innovative platform for creativity, expression and communication. We discussed how to ensure that users’ data is protected in line with European standards.”
TikTok CEO and EU’s EVP/head of digital strategy Margrethe Vestager held a constructive meeting, during which they discussed the platform’s potential as a source of creative expression and communication while ensuring user data security meets European standards.
The objective of the meeting with TikTok was to review how the company is preparing for complying with its obligations under the European Commission’s regulation, namely the Digital Services Act (DSA) and possibly under the Digital Markets Act (DMA). At the meeting the parties also discussed GDPR and matters of privacy and data transfer obligations with a reference to the recent press reporting on aggressive data harvesting and surveillance in the US.
At the meeting with TikTok, we reviewed their preparation for compliance with the Digital Services Act (DSA) and Digital Markets Act (DMA), as well as GDPR requirements regarding privacy, data transfer, and press reports of aggressive surveillance in the US.
The EU readout noted that Jourova appreciated TikTok’s joining the 2020 Code of Practice on Disinformation and swift implementation of sanctions against Russian propaganda outlets.
A study last spring uncovered a flourishing of Russian state propaganda on TikTok, contradicting claims that uploads had been banned.
The EU questioned Jourová about the misuse of journalists’ data to identify leakers, to which Chew replied that such actions were wrong and those responsible no longer work for the company. This stands in stark contrast with their recent warning to Musk about suspending reporters who covered his decisions on Twitter.
The EU heard from TikTok CEO on his company’s GDPR compliance and its investment in content moderation to combat hate speech and other “toxic content”.
After their meeting, Jourová said TikTok must “win back regulatory trust” without directly addressing concerns.
I count on TikTok to fully execute its commitments to go the extra mile in respecting EU law and regaining trust of European regulators. There cannot be any doubt that data of users in Europe are safe and not exposed to illegal access from third-country authorities. It is important for TikTok and other platforms to swiftly get ready for compliance with the new EU digital rulebook, the Digital Services Act and the Digital Markets Act. I am also looking forward to seeing the first report under the new anti-disinformation Code to be delivered by the end of January. Transparency will be a key element in this regard.
TikTok is currently the subject of two GDPR probes in Ireland, with the children’s data enquiry projected to be resolved by mid-year and a decision on China data transfers expected around then as well. However, due to various factors involved, a final ruling may not come until year-end.
