More regulatory scrutiny is coming as this year TikTok could also face direct oversight by the European Commission itself — if it’s deemed to meet “gatekeeper” criteria under the Digital Markets Act (DMA).
The DMA, which came into force at the start of November and is set to start to apply from early May, is intended to supplement traditional ‘after the fact of abuse’ antitrust regulation by applying a proactive set of operational ‘dos and don’ts’ to the most powerful, intermediating platforms and will put some hard limits on anti-competitive practices like self-preferencing (as well as introducing some firm requirements in areas like interoperability and data portability). So EU compliance requirements for platforms that fall under the DMA regime will step up considerably.
While it’s not yet confirmed whether TikTok will be designated a core platform service subject to the DMA, there’s no doubt that fostering a solid working relationship with the bloc’s executive is in its strategic interests — as the Commission will be making designations and overseeing compliance for both the DMA and for a layer of additional obligations that will apply to a subset of larger platforms (so called VLOPs) under the DSA — a category TikTok is almost certain to fall into (even if it avoids being designated a DMA gatekeeper).
In a statement following a meeting between TikTok’s CEO and the EU’s EVP and head of digital strategy, Margrethe Vestager, the Commission said:
The objective of the meeting with TikTok was to review how the company is preparing for complying with its obligations under the European Commission’s regulation, namely the Digital Services Act (DSA) and possibly under the Digital Markets Act (DMA). At the meeting the parties also discussed GDPR and matters of privacy and data transfer obligations with a reference to the recent press reporting on aggressive data harvesting and surveillance in the US.
The EU’s read out also notes that it acknowledges TikTok “recognises that non-EU state actors try to manipulate the content on the platform to spread disinformation and puts efforts to address this issue”, adding the company informed it it is investing in Ukraine and will deliver a detailed report under the Disinformation Code.
Per the EU, the TikTok CEO also discussed TikTok’s efforts around GDPR compliance — and talked about its investment in content moderation practices, which he told it aim to limit the effect of hate speech and other “toxic content”.
In a statement after the meeting, Jourová avoided direct reference to such concerns — opting instead for more diplomatic language about the need for TikTok to ‘regain regulatory trust’:
I count on TikTok to fully execute its commitments to go the extra mile in respecting EU law and regaining trust of European regulators. There cannot be any doubt that data of users in Europe are safe and not exposed to illegal access from third-country authorities. It is important for TikTok and other platforms to swiftly get ready for compliance with the new EU digital rulebook, the Digital Services Act and the Digital Markets Act. I am also looking forward to seeing the first report under the new anti-disinformation Code to be delivered by the end of January. Transparency will be a key element in this regard.
The two current GDPR probes of TikTok in Ireland remain ongoing — with, per the regulator, the prospect of the children’s data enquiry being wrapped up by (or before) the middle of this year (depending on how quickly disputes between DPAs can be settled). While the China data transfers enquiry could also reach a decision around mid year — but, again, we understand there are a variety of factors in play that could spin out the process so a final decision might not appear until the end of the year.
TikTok was contacted for its view on the EU meetings but at the time of writing the company had not responded.
Europe quizzes TikTok on data safety, disinformation and DSA compliance by Natasha Lomas originally published on TechCrunch