TikTok as of late has come under fire for potential data sharing concerns, with FCC Commissioner Brendan Carr last week calling for TikTok’s removal from Apple and Google app stores. The company also faces legislative scrutiny, with TikTok CEO Shou Zi Chew rebuffing allegations that TikTok employees in China have had access to sensitive U.S. user data.
A group of U.S. senators reached out to Chew in a letter requesting answers about TikTok’s data practices in China, as well as whether parent company ByteDance ever shared user data with the Chinese government.
The senators’ questions stemmed from a June 17 Buzzfeed report, which contained several leaked recordings of China-based TikTok employees. One of whom claimed, “everything is seen in China.”
“It appears that TikTok is now taking steps to deflect from its knowing misrepresentations by changing the way in which ‘protected’ data can be accessed by its employees,” the senators wrote.
Chew’s response to the senators – dated June 30 – said the Buzzfeed article “contains allegations and insinuations that are incorrect and are not supported by facts.”
Chew pointed out the recorded meetings concerned a company initiative, dubbed “Project Texas,” to safeguard user data in accordance with U.S. national security interests. He said some of the people quoted in Buzzfeed’s article “do not have visibility into the full picture” of the project.
Chew went on to say TikTok employees outside the U.S. can access U.S. user data “subject to a series of robust cybersecurity controls.” Data defined as “protected” will be stored in TikTok’s Oracle Cloud servers, with access overseen by TikTok’s U.S.-based security team.
The letter noted protected data is being defined through the Committee on Foreign Investment in the United States.
Chew added non-U.S.-based employees – including those based in China – will have access to a “narrow” set of non-sensitive U.S. user data, such as public videos and comments. This is in order “to ensure global interoperability.”
The company had announced in June “100% of U.S. user traffic” is being routed to the Oracle servers, located in the U.S. As TikTok continues its cloud migration efforts, it said it expects to delete U.S. users’ private data from Singaporean data centers, currently used as backup storage.
TikTok’s short form video content has rapidly increased in popularity worldwide. The company last September said it had reached more than one billion monthly active users.
But TikTok’s rise has come with sizeable federal scrutiny. Former President Donald Trump tried to ban business with TikTok in August 2020, an executive order later struck down by U.S. federal courts. Some government agencies, including the U.S. Department of Defense and the Transportation Security Administration, have already disallowed the app on federal government devices.