Last week, Apple and Google were ordered by an FCC
Commissioner to remove TikTok from their app stores due to the FCC’s suspicion
that the Chinese government uses TikTok for surveillance purpose. Following the
order, TikTok stepped up to reassure that the data it obtains from US users is
kept secure.
“The security of the data our community entrusts us with is
a top priority at TikTok, despite recent reports questioning that commitment.
We have sent a letter to Congress addressing these issues and others,” TikTok said
in its statement.
The social company further shared details of its data
security measures and claimed that with its recent system updates, all of the
US users’ data is routed through Oracle Cloud Infrastructure, meaning that the
data is contained within the US only.
TikTok went on to add that it is also developing a new system “in which access to US user data by anyone outside of USDS will be limited by, and subject to, robust data access protocols with monitoring and oversight mechanisms by Oracle.”
To provide further transparency, TikTok explained that the
engineering team from parent company ByteDance can access US user data, in
limited capacity for the requirement of engineering functions. However,
according to TikTok, that access, too, is subject to “a series of robust
controls, safeguards like encryption for certain data, and authorization
approval protocols” that are overseen by its US-based leadership/security team.
TikTok also claimed in its statement that it has an internal
data classification system as well that detects the sensitivity of the data and
therefore, the level of approval required for its access.
So, it seems like TikTok is not entirely denying the
accessibility of the US users’ data, but is also assuring people that due to
limited access of the data, it is kept safe and secure nonetheless.
