EU launches second probe into Tiktok over allegations the social media giant illegally stored European user data in China

07/15/2025 / By Ava Grace

The EU has launched a second probe into TikTok over allegations it illegally stored European user data in China, following a record €530 million fine for similar violations earlier this year. Ireland’s Data Protection Commission cited “deep concern” over TikTok’s lack of transparency.
TikTok previously denied storing EU data in China but later admitted some information was temporarily held on Chinese servers. This inconsistency has raised doubts about its compliance with General Data Protection Regulation (GDPR), which mandates strict data localization rules.
Western governments fear TikTok’s parent company, ByteDance, could be forced to share data with Chinese authorities under China’s National Intelligence Law, despite TikTok’s denials. Remote access by China-based employees also poses security concerns.
The U.S., Canada and Australia have taken action against TikTok over security risks, with the U.S. passing a law forcing ByteDance to sell its U.S. operations or face a ban. The EU’s repeated fines signal growing distrust of TikTok’s ties to China.
If found guilty again, TikTok could face GDPR fines up to four percent of global revenue or even a Western ban. The investigation tests whether a Chinese-owned platform can operate independently of Beijing’s influence.

The European Union has opened a second investigation into TikTok over allegations that the Chinese-owned social media giant illegally stored European user data in China — just months after being hit with a record €530 million ($620 million) fine for the same violations.

Acting on behalf of the EU, Ireland’s Data Protection Commission (DPC) announced the new probe July 10, citing “deep concern” over TikTok’s failure to provide accurate information during the first investigation. Despite TikTok’s claims that European data was only accessed remotely from China, the company admitted in April that some information had in fact been physically stored on Chinese servers — a revelation that has reignited fears over Beijing’s potential access to sensitive Western user data.

A pattern of deception

This is not the first time TikTok has faced scrutiny over its data practices. In May, the DPC fined the company for failing to protect European users’ personal information, which was accessible by employees in China. At the time, TikTok insisted that no data was stored in China — only to later admit that a “limited amount” had been temporarily kept on Chinese servers before being deleted. The discrepancy has raised serious questions about the company’s transparency and whether it can be trusted to comply with Europe’s strict privacy laws. (Related: EU Commission opens public consultation on controversial data retention plan.)

The DPC’s new investigation will focus specifically on whether TikTok has since corrected these violations under the EU’s General Data Protection Regulation (GDPR), one of the world’s toughest privacy laws. GDPR requires companies to store European data within the EU or in countries deemed to have adequate privacy protections — neither of which applies to China.

Why this matters: China’s data grab

The controversy goes beyond technical compliance. Western governments have long suspected that TikTok, owned by Beijing-based ByteDance, could be compelled to hand over user data to Chinese authorities under the country’s expansive national security laws. China’s 2017 National Intelligence Law mandates that all companies assist the government in intelligence work when requested — a fact that has fueled bipartisan concerns in the U.S. and EU.

TikTok has repeatedly denied sharing data with Beijing, stating it has “never received a request” from Chinese authorities. But skeptics argue that in an authoritarian regime like China, companies have no legal way to refuse such demands. Even remote access to European data by employees in China creates a potential backdoor for exploitation.

TikTok’s defense: A question of trust

TikTok maintains that it has taken steps to localize data storage, keeping European user information in Norway, Ireland and the United States. The company has also invested billions in data infrastructure to reassure regulators. Yet these efforts ring hollow when the platform continues to face accusations of misleading authorities.

The DPC’s May fine — the second-largest in EU history — was a clear warning. But with this new probe, it’s evident that regulators no longer take TikTok at its word.

What comes next?

If TikTok is found in violation again, the penalties could be even steeper. The GDPR allows fines of up to four percent of a company’s global revenue — a figure that could reach into the billions for TikTok. More critically, another confirmed breach could accelerate calls for an outright ban in Western markets.

For now, TikTok remains one of the world’s most popular apps, with 1.5 billion users globally. But as governments grow increasingly wary of China’s digital influence, its future hangs in the balance. The latest investigation is not just about data storage—it’s a test of whether a Chinese-owned platform can ever truly operate independently of Beijing’s reach.

The stakes couldn’t be higher. If TikTok fails this test, it may find itself locked out of the West for good.

Watch this interesting commentary about what TikTok data China has access to and what it really is taking.

This video is from Truth and Stuff channel on Brighteon.com.