TikTok Promises Government That User Data Will Remain Safe

In the wake of an FCC commissioner’s call to have TikTok banned from the Apple and Android stores, company CEO Shou Zi Chew issued a letter assuring senators that the China-based company is doing all it can to “remove any doubt about the security of U.S. user data.” Responding to questions from nine Republicans — including ranking Senate Commerce Committee member Roger Wicker (R-Mississippi) — Chew reiterated the claim that TikTok maintains American user data on servers controlled by the U.S. company Oracle, with plans for third-party audits. The dust-up follows an incendiary report by BuzzFeed News.

Chew’s letter added that TikTok plans to “delete U.S. users’ protected data from our own systems and fully pivot to Oracle cloud servers located in the U.S.,” promises that have been made in the past, and seem to have done little to quell fears.

Based on details published in the recent BuzzFeed News report, FCC commissioner Brendan Carr accused TikTok of harvesting “extensive amounts of personal and sensitive data” that was being used to surveil U.S. citizens. TikTok has an estimated 85 million U.S. users as of 2022, according to Statista.

Aiming to combat concerns that TikTok poses a national security risk, Chew wrote that the company is “working with Oracle on new, advanced data security controls that we hope to finalize in the near future,” according to The New York Times, which obtained a copy of his letter.

“For years, critics of the app have worried that the Chinese government would request data belonging to Americans directly from ByteDance and that TikTok was subject to the influence of the Chinese Communist Party,” NYT reports. In its “TikTok Tapes” article, BuzzFeed reported “that China-based engineers of ByteDance, TikTok’s parent company, accessed non-public data on users in the U.S. between at least September 2021 and January 2022,” Engadget writes.

In his letter to the senators, “Chew refuted much of BuzzFeed News’ reporting, though conceded that ByteDance workers outside the U.S. can access American user data ‘subject to a series of robust cybersecurity controls and authorization approval protocols overseen by our U.S.-based security team,’” Engadget reports, highlighting Chew’s general claims of a rigorous “internal data classification system and approval process” that limits access based on the requestor’s assigned level.

TikTok says it is currently working on an initiative, called “Project Texas,” designed to “fully safeguard user data and U.S. national security interests,” according to CNBC.

In August 2020, then-president Donald Trump “signed an executive order that would have made it difficult, if not impossible,” for TikTok to operate in the U.S.” writes Engadget, noting that “a federal judge struck down Trump’s order just before it was supposed to take effect. President Joe Biden rescinded the order in January 2021, but signed a separate one that required a security review of that app and WeChat.”

Related:
Two Senators Call for FTC Probe into TikTok Over U.S. Data Access, Reuters, 7/5/22