TikTok has announced a data security regime to protect user information across Europe, as political pressure mounts in the US to ban the social video app.
The scheme, known as Project Clover, involves user data being stored on servers in Ireland and Norway at an annual cost of €1.2bn (£1.1bn), while any data transfers outside of Europe will be vetted by a third-party IT company.
TikTok is under pressure in the US and Europe over its links to China through its Beijing-based parent ByteDance.
On Tuesday, the White House backed a Senate bill that would give the administration the power to ban TikTok and on Wednesday, FBI Director Christopher Wray told a Senate hearing that the app “screams” for national security concerns.
TikTok, which stores its global user data in the US and Singapore, has denied that the Chinese government can access or manipulate its data or algorithms.
“The Chinese government has never asked us for data and if they did, we would refuse to do so,” said Theo Bertram, vice president of government relations and public policy for TikTok in Europe. TikTok, which has more than a billion users worldwide, has 150 million in Europe.
TikTok had said it would store data on two servers in Ireland, but announced Wednesday that it would also use a data center in Norway for the same purpose under Project Clover. Using the Irish and Norwegian data servers will cost TikTok €1.2 billion a year.
Under Clover, TikTok’s data controls and data transfer outside the continent will be monitored by a third-party European cybersecurity firm, though the company has yet to disclose the name of its security partner.
TikTok said it would introduce “pseudonymization” of personal data so that a person cannot be identified without additional information.
Last year, TikTok confirmed that employees outside the mainland, including in China, could access user data to ensure their experience on the platform was “consistent, enjoyable and secure.” It said the data from European users could be used to run performance checks on its algorithms, which recommend content to users and track annoying automated accounts.
TikTok’s European proposals reflect a plan to reassure the US about user data, called Project Texas. Under the US plan, TikTok will store US user data in the US on servers run by technology company Oracle.
Oracle will also monitor TikTok’s algorithms and source code, to try to allay concerns that the Chinese state could influence what people see on the app, as well as vetting updates and submitting them to Google’s app stores and Manzana.
after newsletter promotion
However, the proposals have not received political approval from the White House, amid renewed tensions between Washington and Beijing over the downing of a Chinese spy balloon off the US east coast. TikTok’s credibility was also damaged last year when ByteDance admitted that employees had tried to use the app to spy on reporters.
Concerns about TikTok’s data have been heightened by fears that the Chinese government could legally force companies to hand over data, citing examples such as China’s 2017 national intelligence law, which states that all organizations and citizens must “support, help and cooperate”. with national intelligence efforts.
Last month, the European Commission, the EU’s executive body, banned TikTok on work phones and devices, while the European Parliament also banned the app on staff phones.
However, the UK has ruled out similar moves despite lobbying by Conservative politicians, including former Conservative leader Iain Duncan Smith. Michelle Donelan, secretary of state for science, innovation and technology, said last month that there were no grounds for a ban.
“We have no evidence to suggest that it is necessary to ban people from using TikTok. That would be a very, very straightforward move…requiring a significant evidence base to be able to do that,” he said.
