UK Tribunal Rules Case Against TikTok for Data-Processing Violations May Proceed
The Information Commissioner's Office (ICO) on Tuesday welcomed a ruling that it had the power to fine TikTok 12.7 million pounds ($17.2 million) for U.K. General Data Protection Regulation breaches.
Sign up for a free preview to unlock the rest of this article
Privacy Daily provides accurate coverage of newsworthy developments in data protection legislation, regulation, litigation, and enforcement for privacy professionals responsible for ensuring effective organizational data privacy compliance.
The First-tier Tribunal (General Regulatory Chamber) has jurisdiction over appeals against decisions made by ICO and other government regulatory bodies. ICO imposed the fine in April 2023, and TikTok's appeal was heard in May 2025.
The tribunal's decision means the case concerning unlawful personal data processing may proceed to a full hearing on TikTok's substantive issues, the ICO noted.
The fine against TikTok arose from infringements of U.K. GDPR clauses, the ICO said. In response, TikTok argued that its personal data processing was done for artistic purposes, so the law's "special purposes" provisions applied. Those provisions restrict ICO enforcement where personal information is processed for journalistic, artistic, academic or literary purposes, it said.
TikTok argued the ICO issued the penalty without legal authority and that the fine should be quashed. The tribunal concluded that the penalty was primarily concerned with the processing of personal information of children younger than 13, and it wasn't covered under special purposes.
TikTok may apply for permission to appeal to the Upper Tribunal on a point of law, the ICO noted. A TikTok official told us the company is reviewing the judgment.