TikTok has announced a data security regime for protecting user information across Europe, as political pressure increases in the US to ban the social video app.
The plan, known as Project Clover, involves user data being stored on servers in Ireland and Norway at an annual cost of €1.2 bn 1.1 bn, while any data transfers outside Europe will be vetted by a third-party IT company.
TikTok is under pressure in the US and Europe over its links to China via its Beijing-based parent, ByteDance. The White House gave its backing to a Senate bill that would give the administration the power to ban TikTok.
TikTok, which stores its global user data in the US and Singapore, has denied that its data or algorithms can be accessed or manipulated by the Chinese government.
The Chinese government never asked us for data, and if they would we wouldn't do so, said Theo Bertram, TikTok's vice-president of government relations and public policy in Europe. TikTok would store data in two servers in Ireland, but announced on Wednesday that it would also use a data centre in Norway for the same purpose under Project Clover. TikTok will cost €1.2 billion a year for the use of Irish and Norwegian data servers.
Under Clover, TikTok's data controls and transfer of data outside the continent will be monitored by a third-party European cybersecurity firm, although the company has yet to reveal its identity.
TikTok said it would introduce pseudonymization of personal data so that an individual could not be identified without additional information.
Last year, TikTok confirmed that employees outside the continent could access user data to make sure their experience with the platform was consistent, enjoyable, and safe. It said European user data could be used to conduct checks on the performance of its algorithms, which recommend content to users and track vexatious automated accounts.
TikTok's European proposals mirror a plan to reassure the US about user data, called Project Texas. TikTok will store data from American users in the US on servers run by tech firm Oracle, according to the US plan.
Oracle will also look at TikTok's algorithms and source code to try to assuade concerns that the Chinese state could influence what people see on the app as well as vetting updates and delivering them to the Google and Apple app stores.
The proposals haven't received political sign-off from the White House, despite the tensions between Washington and Beijing over the shooting of a Chinese spy balloon off the US east coast. Last year, TikTok's credibility was damaged when ByteDance admitted employees had tried to spy on reporters.
Concerns about TikTok's data have been heightened by fears that companies could be legally compelled to hand over data from the Chinese government, citing examples such as China s National Intelligence Law of 2017, which states that all organisations and citizens must support, assist and cooperate with national intelligence efforts.
The EU's executive body banned TikTok from work phones and devices last month, while the European Parliament banned the app from staff phones.
The UK has ruled out similar moves despite lobbying from Conservative politicians, including former Tory leader Iain Duncan Smith. Michelle Donelan, secretary of state for science, innovation and technology, said last month there was no grounds for a ban.
We don't have any evidence to suggest that there is a need to ban people from using TikTok. That would be a very, very forthright move that would require a significant evidence base to be able to do that, she said.