Security News > 2022 > July > TikTok Assures U.S. Lawmakers it's Working to Safeguard User Data From Chinese Staff

Following heightened worries that U.S. users' data had been accessed by TikTok engineers in China between September 2021 and January 2022, the company sought to assuage U.S. lawmakers that it's taking steps to "Strengthen data security."

"Employees outside the U.S., including China-based employees, can have access to TikTok U.S. user data subject to a series of robust cybersecurity controls and authorization approval protocols overseen by our U.S.-based security team," TikTok CEO Shou Zi Chew wrote in the memo.

This includes what it calls a narrow set of non-sensitive TikTok U.S. user data, such as public videos and comments, to meet interoperability requirements, while emphasizing that this access will be "Very limited" in scope and pursuant to protocols developed in collaboration with the U.S. government.

TikTok, a popular social video-sharing service from Beijing-based ByteDance, has long remained in the crosshairs of U.S. lawmakers over national security risks that could arise from the Chinese government requesting data belonging to U.S. users directly from its parent firm.

TikTok further reiterated that 100% of U.S. user data is routed to Oracle cloud infrastructure located in the U.S., and that it's working with the enterprise software firm on more advanced data security controls that it hopes to finalize "In the near future."

On top of that, the ByteDance-owned company said it's planning to delete U.S. data from its own backup servers in Singapore and the U.S. and fully switch to Oracle cloud servers situated in the U.S. The latest wave of scrutiny into TikTok follows a report from BuzzFeed News that alleged frequent access by ByteDance staff, citing anonymous employees, who said "Everything is seen in China" and referenced a "Master Admin" who "Has access to everything."

News URL

https://thehackernews.com/2022/07/tiktok-assures-us-lawmakers-its-working.html