Irish regulators have launched a fresh investigation into TikTok following revelations that the social media giant stored some European user data on servers in China, contradicting earlier statements made by the company.
The move intensifies scrutiny over the app’s data privacy practices, especially regarding potential exposure of user data to the Chinese government.
The Irish Data Protection Commission (DPC), which serves as the European Union’s lead watchdog for TikTok and other tech giants headquartered in Ireland, confirmed Thursday that TikTok had admitted in April that “limited EEA user data had in fact been stored on servers in China” before being deleted. This admission clashes with previous assurances that such data was only remotely accessed—not stored—by employees in China.
The DPC expressed “deep concern” that TikTok had provided inaccurate information during its earlier investigation, which had already resulted in a record €530 million ($620 million) fine in May. TikTok has vowed to appeal that fine, the second largest ever issued by the DPC under the EU’s General Data Protection Regulation (GDPR).
The renewed probe will examine whether TikTok has fulfilled its legal obligations to protect the personal data of EU citizens. If violations are confirmed, the company could face even harsher penalties.
Mounting Global Pressure on TikTok
Owned by Chinese tech firm ByteDance, TikTok is under growing scrutiny worldwide due to fears that personal data could be accessed by the Chinese government — either for surveillance or propaganda. TikTok has repeatedly denied receiving any such requests and insists it operates independently of Beijing’s influence.
In Europe, TikTok has highlighted its €12 billion “Project Clover” initiative aimed at bolstering regional data security infrastructure. Under this plan, user data is meant to be stored in centers located in Ireland, Norway, and the United States, with “restricted data” such as phone numbers and IP addresses supposedly off-limits to employees in China.
However, the latest revelations suggest these measures may not have been fully implemented or adhered to.
TikTok told AFP in May that the transfer of data to China was caused by a “technical issue” and that it had “promptly” disclosed the problem to the DPC. Still, regulators are not convinced and say the company’s shifting explanations warrant further investigation.
US Eyes Ownership Change
TikTok is also facing existential challenges in the United States. In June, former President Donald Trump announced that a group of buyers had been found to acquire TikTok’s U.S. operations, potentially averting a ban. Details on the identity of the prospective buyers are expected to be made public in the coming weeks.
The U.S. government, like its European counterparts, remains deeply concerned about the potential misuse of user data and has passed legislation that could ban TikTok unless it severs ties with ByteDance.
As pressure mounts across multiple jurisdictions, TikTok’s global operations face unprecedented scrutiny, and its ability to retain user trust may hinge on the outcome of ongoing investigations and negotiations.
What You Should Know
- On July 10, 2025, Ireland’s DPC launched a probe into TikTok for transferring EEA user data to China, violating earlier claims.
- TikTok’s April 2025 admission of storing data in China led to a €530 million fine in May, which it plans to appeal.
- The investigation examines GDPR compliance, amid concerns over Chinese access to European data, despite TikTok’s €12 billion Project Clover.
- X posts like @Techmeme highlight the probe’s impact, while Trump noted U.S. buyers for TikTok to avoid a ban.
