TikTok took another step to allay concerns regarding the security of its U.S. user data. In a blog post, the popular social video app stated that it has changed the default location of U.S. user data, with "100% of U.S. user traffic being routed to Oracle Cloud Infrastructure."
TikTok has been criticized for years because of national security concerns, notably the possibility that the Chinese government could gain access to user data. The app's Beijing-based parent company, ByteDance, was compelled to sell TikTok by the Trump government in 2020. The Biden administration did not enforce the sale.
Despite its repeated assurances that it does not share user data with the Chinese government, TikTok collaborated with Oracle to assuage American national security concerns.
TikTok used to keep user data in the U.S., with a backup in Singapore; however, this practice has been discontinued.
The company is still using two data centers as backups until it transitions to "Oracle cloud servers in the U.S.," according to a statement issued on Friday. According to the company, it intends to eventually remove its U.S. customers' private data from its data centers.
According to a TikTok representative, the company has taken steps to limit data availability along all regions, and in May, it established a new department with US-based leadership to provide a "higher level of attention and oversight" to protect data in the U.S.
We acknowledge that we are one of the most critiqued platforms in terms of security, and we work hard to remove any doubt about the security of U.S. user data," Albert Calamug, TikTok's U.S. manager of public policy, wrote in a blog post on Friday.
Regardless of these protections, there are still concerns about who may have access to US data, regardless of where it is stored. BuzzFeed reported on Friday that "ByteDance employees in China routinely accessed nonpublic data on U.S. TikTok subscribers, using leaked audio from company internal meetings."
According to reports, Chinese engineers had access to U.S. data between September 2021 and January 2022; however, this period may have lasted longer.
TikTok employees in the U.S. are working on Project Texas to prevent the transfer of protected data from the U.S. to China. The vast majority of TikTok recordings BuzzfeedNews has reported on come from the Texas initiative. TikTok must keep U.S. sensitive data in a data center managed by Oracle in Texas to continue operating under the CFIUS agreement.
