Can Oracle keep TikTok’s US data safe?
When TikTok was almost banned in the US by former President Trump, the app approached Microsoft for a potential partnership to deal with concerns on national security.
Owned by Chinese tech company ByteDance, there were huge concerns on the app reported being used for spying and espionage purposes by China on the US. However, the deal with Microsoft did not go through and TikTok soon found itself going for Oracle instead. Oracle had also previously discussed acquiring a minority stake in TikTok in 2020.
WeChat, part of Chinese tech giant Tencent, is a “super app” that includes social networking, messaging, e-commerce, and more. TikTok revealed late last year that it had a billion users worldwide.
US-based social media companies like Meta have tried to mimic TikTok’s platform but have not been able to reach the desired outcome and still find themselves trailing behind the short video service app.
Now, TikTok has announced that Oracle will store all the data from its US users, in a bid to allay fears about its safety in the hands of the China-owned platform.
The announcement came as the popular video snippet-sharing service fended off concerns about the ability of engineers in China to access information about US users that isn’t public.
ByteDance employees have repeatedly accessed information about US TikTok users, according to a Buzzfeed news report citing leaked audio from TikTok in-house meetings.
It is common for some engineers at internet firms to be granted access to data, and TikTok told AFP it is trying to minimize that kind of system privilege.
“Similar to industry peers, we will continue to drive our goal of limiting the number of employees who have access to user data and the scenarios where data access is enabled,” TikTok chief information security officer Roland Cloutier said in a blog post highlighted by the company.
“Our goal is to minimize data access across regions so that, for example, employees in the (Asia Pacific) region, including China, would have very minimal access to user data from the EU and US.”
TikTok adamant US data not shared with Chinese government
TikTok has been adamant that it has never given US user data to Chinese officials and that it would refuse if asked to do so.
Last month, TikTok created a new US data security devoted to strengthening protection policies and protocols to safeguard user information, a TikTok spokesperson told AFP.
“We’ve brought in world-class internal and external security experts to help us strengthen our data security efforts,’ the spokesperson said.
TikTok will continue to use its own data centers in Virginia and Singapore to backup information as it works to “fully pivot” to relying on Oracle in the United States, it said in a post.
“We know we are among the most scrutinized platforms from a security standpoint, and we aim to remove any doubt about the security of US user data,” said Albert Calamug, who handles US security public policy at TikTok.
President Joe Biden last year revoked executive orders from his predecessor Donald Trump seeking to ban Chinese-owned apps TikTok and WeChat from US markets on national security concerns.
Trump had given his blessing to a plan that would have given TikTok to US tech giant Oracle with investments from retail powerhouse Walmart, but that deal failed to win approval in Beijing.
Biden’s new executive order nixed the unimplemented ban and called for “an evidence-based analysis to address the risks” from internet applications controlled by foreign entities.
“Today, 100% of US user traffic is being routed to Oracle Cloud Infrastructure,” Calamug said.
“In addition, we’re working closely with Oracle to develop data management protocols that Oracle will audit and manage to give users, even more, peace of mind.”
At the same time, Calamug also said that TikTok is making operational changes in line with this, with US-based leadership to solely manage US user data for TikTok. He pointed out that these changes are expected to enforce additional employee protections, provide more safeguards, and further minimize data transfer outside of the US.
“We’re dedicated to earning and maintaining the trust of our community and will continue to work every day to protect our platform and provide a safe, welcoming, and enjoyable experience for our community,” the post concluded.
With additional reporting from © Agence France-Presse
- Barricading the modern business against rising ransomware
- Securing and managing multi-tenant Microsoft 365 environments
- Friction builds up between India and China as Vivo offices raided
- Semiconductor industry faces another snag with rising raw material prices
- Measuring sustainability with a carbon management solution