TikTok tells European users that its staff in China has access to their data | ICT Tac

TikTok tells its European users of the platform that their data may be accessed by employees outside the continent, including in China, amid political and regulatory concerns over Chinese people’s access to user information on the site.

The Chinese-owned social video app updates its privacy policy to confirm that staff in countries including Chinaare authorized to access user data to ensure that their experience of the platform is “consistent, enjoyable and safe”.

Other countries where European user data may be viewed by TikTok staff are Brazil, Canada and Israel as well as the United States and Singaporewhere European user data is currently stored.

TikTok Europe’s Chief Privacy Officer, Elaine Fox, said: “Based on a demonstrated need to do their job, subject to a series of robust security checks and approval protocols, and at using methods recognized by the GDPR. [the EU’s general data protection regulation]we allow certain employees of our group of companies located in Brazil, Canada, China, Israel, Japan, Malaysia, the Philippines, Singapore, South Korea and the United States to remotely access European TikTok user data.

The data could be used to perform checks on certain aspects of the platform, including the performance of its algorithms, which recommend content to users and detect vexatious automated accounts. ICT Tac previously acknowledged that some user data is accessed by employees of parent company, ByteDance, in China.

In a letter to republican senators leaked in July, TikTok chief executive Shou Zi Chew said a “restricted set of non-sensitive U.S. user data” could be accessed by foreign employees if approved by a TikTok-based security team. in the USA. He added that none of the data had been shared with Chinese government officials.

Privacy policy update, which applies to the UK, European Economic Area and Switzerland, and will go live on December 2, comes amid political and regulatory pressure on the use of data generated by the application, which has more than one billion users worldwide.

US President Joe Biden overruled the executive orders of his predecessor, Donald Trump, ordering the sale of TikTok’s US operations, but in their place, he asked the US Department of Commerce to produce recommendations to protect the data of people in the United States from “foreign adversaries”. The U.S. Foreign Investment Committee, which reviews business deals with non-U.S. companies, is also conducting a security review of TikTok.

Ireland’s data watchdog, which has jurisdiction over TikTok across the EU, has also launched an investigation into “TikTok’s transfers of personal data to China”.

Michael Veale, associate professor of digital rights at University College London, said that under a recent EU ruling, data transfers between the bloc and China should be controlled for security reasons. . “It is extremely difficult to regularly send EU user data to China, as contracts between a Chinese company and a European company cannot prevent state access.”

According to a judgment of the European Court of Justice dubbed Schrem IIcertain data transfers outside the EU must take into account the “level of protection”, with particular emphasis on access by state authorities, granted to user data at the other end.

Veale said China’s data laws could raise questions about the security of even limited data transfers. However, he added, “I am not convinced that the Chinese government is currently focused on spying on individuals’ TikTok data. They have other ways to get private information. Developing and deepening an influential platform is a powerful goal in itself.

In a blog post last year TikTok said it was “aligned” with the regulatory direction set by the Schrems II ruling.

In the UK, the Information Commissioner’s Office, the country’s data watchdog, is consulting on new guidelines for post-Brexit data transfers. However, the government put a new data reform bill on hold.

In October TikTok refused a report in the economic publication Forbes that it was used to “target” American citizens. Forbes had announced that it planned to track the location of at least two people through the video-sharing app.

In the privacy policy update, Fox said TikTok does not collect “precise location information” from users in Europe, whether based on GPS technology or otherwise. In its current version, the privacy policy states: “With your permission, we may also collect precise location information (such as GPS).”

Comments are closed.