TikTok Says Staff In China Can Access UK And EU User Data
Chinese video-sharing platform TikTok has told users that some of its workers in China have access to the data of accounts in the UK and European Union.
It has come under scrutiny from authorities around the world, including the UK and US, over concerns data could be passed to the Chinese government.
Earlier this week, a US official called for the app to be banned in America.
TikTok said the policy applies to “the European Economic Area, United Kingdom and Switzerland”.
Elaine Fox, the platform’s head of privacy for Europe, said in a statement on Wednesday that a global team helped to keep the user experience “consistent, enjoyable and safe”.
Although TikTok currently stores European user data in the US and Singapore, “we allow certain employees within our corporate group located in Brazil, Canada, China, Israel, Japan, Malaysia, Philippines, Singapore, South Korea, and the United States remote access to TikTok European user data,” Ms Fox said.
“Our efforts are centred on limiting the number of employees with access to European user data, minimising data flows outside of the region, and storing European user data locally,” she added.
She also said the approach was “subject to a series of robust security controls and approval protocols, and by way of methods that are recognised under the GDPR (General Data Protection Regulation)”.
It came in the same week that a top official at the US communications watchdog said TikTok should be banned in America.
“I don’t believe there is a path forward for anything other than a ban,” said Brendan Carr, a commissioner at the Federal Communications Commission (FCC).
He added that he believed there was not “a world in which you could come up with sufficient protection on the data that you could have sufficient confidence that it’s not finding its way back into the hands of the [Chinese Communist Party].”
TikTok’s owner ByteDance has repeatedly denied it is controlled by the Chinese government.
The app has come under intense scrutiny by authorities in the UK, EU and US.
The UK Parliament closed down its TikTok account in August after MPs raised concerns about the risk of data being passed to the Chinese government.
Senior MPs and peers had called for the account to be removed until TikTok gave “credible assurances” that no data could be handed to Beijing.
The app has also been investigated by The Irish Data Protection Commission – its lead regulator in the EU – over two privacy-related issues.
The watchdog is looking into TikTok’s processing of children’s personal data, and whether it has acted in line with EU laws over transferring personal data to other countries, such as China.
Meanwhile in 2020, a US national security panel ordered ByteDance to sell its American operation over concerns that users’ data could be shared with Chinese authorities.
In June this year TikTok said it had migrated US users’ information to servers run by American software giant Oracle in Austin, Texas.
Last month, TikTok denied a report that a China-based team at ByteDance planned to use the app to track the locations of US citizens.
TikTok said it had never been used to “target” the American government, activists, public figures or journalists.
On Wednesday, Ms Fox also said the app does not collect precise location data from users in Europe.
TikTok is the world’s fastest-growing social media app and has been downloaded almost 4 billion times.
It has made more than $6.2bn (£5.4bn) in gross revenue from in-app spending since its launch in 2017, according to analytics company Sensor Tower.