TikTok, has been fined 345 million euros by a European Union regulator for child data breaches. The fine, equivalent to $369 million, was imposed by Ireland’s Data Protection Commission (DPC) following a two-year inquiry into breaches it uncovered.

The DPC, responsible for enforcing EU data rules, gave TikTok a three-month deadline to implement necessary changes.

The investigation began in September 2021, focusing on TikTok’s compliance with the General Data Protection Regulation (GDPR) concerning platform settings and personal data processing for users under 18.

While TikTok’s age verification measures for users under 13 were found to be compliant, the DPC identified shortcomings in assessing risks for younger users.

Children signing up had their TikTok accounts set to public by default, allowing anyone to view or comment on their content.

ALSO READ: TikTok user sentenced to three years in jail for cyberstalking Eniola Badmus

The DPC also criticized TikTok’s “family pairing” mode, designed to link parents’ accounts to their teenage children’s accounts, as it found the company did not properly verify parent or guardian status.

Ireland, home to the European headquarters of TikTok, Google, Meta (formerly Facebook), and Twitter, plays a central role in enforcing GDPR regulations.

TikTok, a division of Chinese tech giant ByteDance, boasts 150 million users in the United States and 134 million in the European Union.

In response to the fine, TikTok stated it “respectfully disagrees” with the verdict and is evaluating its next steps, emphasizing that the criticized features and settings had been changed well before the investigation began.