Instead of one simple click to approve cookies, you had to decline more options in order to stop the website to track your data.
Additionally, neither the first-level information banner nor the context of the choice interface available after clicking on a link in the banner adequately informed users of the objectives of the cookies.
"These findings relate to past practices that we addressed last year, including making it easier to reject non-essential cookies and providing additional information about the purposes of certain cookies. The CNIL itself highlighted our cooperation during the course of the investigation and user privacy remains a top priority for TikTok," a spokesperson for TikTok said.
The CNIL claimed that between May 2020 and June 2022, it conducted a number of inspections of the company's website and that the “Reject All” button was not available until February 2022.
CNIL also fined Google, Microsoft, and Facebook for not having a transparent cookie consent banner.
TikTok is at the center of several privacy debates across the globe, particularly in the United States.
Its use on government equipment is prohibited by the federal government and about 20 states in the United States. In November, FBI Director Christopher Wray stated that the bureau has several issues with TikTok.
"They include the possibility that the Chinese government could use it to control data collection on millions of users or control the recommendation algorithm, which could be used for influence operations if they so chose, or to control software on millions of devices, which gives it an opportunity to potentially technically compromise personal devices," Christopher Wray said.
With GDPR coming into effect along with other data privacy laws, every company should pay attention to its consent cookie banner. Or they should try cookieless tracking to avoid huge fines.