The European Commission has informed social media platform TikTok of its preliminary view that it is not fulfilling its obligations under the EU’s Digital Services Act to publish an advertisement repository.
Under the Digital Services Act (DSA), such an advertising repository is seen as critical for researchers and civil society to detect scam advertisements, hybrid threat campaigns, as well as coordinated information operations and fake advertisements, including in the context of elections.
The Commission has found that TikTok does not provide the necessary information about the content of the advertisements, the users targeted by the ads, and who paid for the advertisements.
TikTok’s advertisement repository also does not allow the public to search comprehensively for advertisements on the basis of this information, thereby limiting the usefulness of the tool.
“Transparency in online advertising – who pays and how audiences are targeted – is essential to safeguarding the public interest,” said EC vice-president Henna Virkkunen: “Whether we are defending the integrity of our democratic elections, protecting public health, or protecting consumers from scam ads, citizens have a right to know who is behind the messages they see. In our preliminary view, TikTok is not complying with the DSA in key areas of its advertisement repository, preventing the full inspection of the risks brought about by its advertising and targeting systems.”
The Commission’s preliminary findings are based on an in-depth investigation that included, among others, the analysis of internal company documents, testing TikTok’s tools, and interviews with experts in the field. By sending preliminary findings, the Commission informs TikTok of its preliminary view that it is in breach of the DSA. The EU executive stresses, however, that this is without prejudice to the outcome of the investigation.
TikTok can now exercise its rights of defence by examining the documents in the Commission’s investigation file and by replying in writing to the Commission’s preliminary findings. In parallel, the European Board for Digital Services will be consulted.
If the Commission’s preliminary views were ultimately confirmed, the EU executive may issue a non-compliance decision, which may trigger a fine of up to 6% of the total worldwide annual turnover of the provider as well as an enhanced supervision period to ensure compliance with the measures the provider intends to take to remedy the breach. The Commission can also impose periodic penalty payments to compel a platform to comply.
