TikTok said it has completed migrating information on its US users to servers at Oracle, in a move that could address US regulatory concerns over data integrity on the popular short video app.
The move, which Reuters first reported, comes nearly two years after a US national security panel ordered parent company ByteDance to divest TikTok because of fears that US user data could be passed on to China’s communist government.
TikTok is one of the world’s most popular social media apps, with more than 1 billion active users globally, and counts the US as its largest market.
The United States has been increasingly scrutinising app developers over the personal data they handle, especially if some of it involves US military or intelligence personnel.
The order to sell off TikTok was not enforced after Joe Biden succeeded Donald Trump as US president last year.
However, the panel, known as the Committee on Foreign Investment in the United States (CFIUS), has continued to harbor concerns over data security at TikTok that ByteDance is now hoping to address, Reuters previously reported.
The White House did not immediately comment, while the US Treasury declined to comment.
In March, Reuters reported that TikTok was nearing a deal for Oracle to store its US users’ information.
Oracle had discussed acquiring a minority stake in TikTok in 2020 when ByteDance was under US pressure to sell the app. The cloud computing giant now stores all of TikTok’s US user data on Oracle data servers in the United States under the new partnership, TikTok said.
Oracle declined to comment.
Data security team
TikTok had previously stored its US user data at its data centers in Virginia, with a backup in Singapore. It said it will now delete private data on US users from its data centers and rely fully on Oracle’s US servers.
The company said the Virginia and Singapore centers are still being used to back up the data.
TikTok has also set up a dedicated US data security team known as “USDS” as a gatekeeper for US user information and ringfencing it from ByteDance, a company spokesperson told Reuters.
Led by Andrew Bonillo, an executive at TikTok’s global security department, the USDS currently reports to TikTok CEO Shou Zi Chew, the spokesperson said.
The company is discussing a structure under which the team would operate autonomously and not be under TikTok’s control or supervision; a source told Reuters.
Another senior executive at USDS is Will Farrell, who was previously working under TikTok’s Chief Security Officer Roland Cloutier. The USDS team includes content moderation personnel, engineers, and members from user and product operations.
ByteDance is one of China’s fastest-growing startups. It owns the country’s leading news aggregator, Jinri Toutiao, and TikTok’s Chinese counterpart Douyin.
In June 2021, Biden withdrew Trump-era executive orders that sought to ban new downloads of WeChat and TikTok. The Commerce Department is writing new rules on app data security that could lead to restrictions on how apps based abroad use US user data or even ban apps deemed serious security risks.
Commerce Secretary Gina Raimondo said last year the administration is “very serious about protecting Americans’ data” but criticized Trump’s approach.
“Doing some executive order that’s meaningless on TikTok is not the way to do it,” she said.
