TikTok says it’s achieved a “significant milestone” towards its guarantees to beef up the safety of its US customers’ information. In a brand new replace, the corporate says it has “changed the default storage location of US user data.”
As the corporate notes, it had already saved a lot of its consumer information within the United States, at a Virginia-based information middle. But below a brand new partnership with Oracle, the corporate has migrated US consumer visitors to a brand new Oracle Cloud Infrastructure.
“Today, 100% of US user traffic is being routed to Oracle Cloud Infrastructure,” the corporate wrote in a weblog publish. “We still use our US and Singapore data centers for backup, but as we continue our work we expect to delete US users’ private data from our own data centers and fully pivot to Oracle cloud servers located in the US.” Additionally, TikTok says it has made “operational changes,” together with a brand new division “with US-based leadership, to solely manage US user data for TikTok.”
The strikes are a part of a longstanding effort by TikTok to deal with US officers’ considerations over how consumer information is dealt with by TikTok and father or mother firm ByteDance. The firm has been working to separate US consumer information in order that it’s not accessible to China-based ByteDance as US lawmakers eye laws to curb the affect of Chinese tech firms.
Still, the brand new safeguards are unlikely to totally sway critics of TikTok, who say the corporate nonetheless hasn’t addressed all potential considerations about how US consumer information is dealt with. In reality, simply after TikTok revealed its weblog publish, BuzzFeed News revealed a report that raises new questions on how the corporate handles the info of its US customers.
The report, which was based mostly on hours of inside conferences leaked to BuzzFeed, says that “China-based employees of ByteDance have repeatedly accessed nonpublic data about US TikTok users.” The recordings, which cowl a time interval between final September and January 2022, supply new particulars concerning the complicated effort to chop off Bytedance’s entry to US consumer information.
The report quotes an outdoor advisor employed by TikTok to supervise a number of the work saying that they believed there was “backdoor to access user data in almost all” of the corporate’s inside instruments. It additionally quotes statements from a number of staff who say “that engineers in China had access to US data between September 2021 and January 2022, at the very least.”
It additionally notes that whereas information deemed “sensitive,” like customers’ start dates and telephone numbers, might be saved within the Oracle servers, different details about US-based customers may stay accessible to ByteDance. “ByteDance’s China-based employees could continue to have access to insights about what American TikTok users are interested in, from cat videos to political beliefs,” the report says.
That might not appear as critical as extra private data like birthdays and telephone numbers, however it’s precisely the type of particulars that some lawmakers within the US have raised considerations about. US officers have questioned whether or not the app’s “For You” algorithm could possibly be used as a method of international affect.
“We know we’re among the most scrutinized platforms from a security standpoint, and we aim to remove any doubt about the security of US user data,” TikTok mentioned in an announcement to BuzzFeed News.