A company official admits Europeans’ data is accessed by China-based employees.
Two years after then-United States President Donald Trump
threatened to ban TikTok as a national security threat, growing Western concerns over TikTok’s Chinese ownership are finally threatening to boil over.
On Wednesday, a top U.S. official at the Federal Communications Commission said the U.S. government should ban the app, which has been downloaded more than 200 million times in the U.S. alone.
In an interview with Axios on November 1, FCC official Brendan Carr said he didn’t “believe there is a path forward for anything other than a ban,” citing recent revelations in BuzzFeed that China-based engineers working at TikTok accessed U.S. users' information, including phone numbers and birthdays.
In what came across as a veiled mea culpa, TikTok’s European head of privacy Elaine Fox the same day in a statement admitted that Europeans’ data is accessed by employees in China, confirming long-held suspicions in the West.
The revelations will give fresh impetus to regulators on both sides of the Atlantic. In Ireland, the data watchdog is currently probing TikTok’s transfers of millions of Europeans’ data to China and told POLITICO that it expected to issue a draft decision in early 2023. Though details of the probe are not known, it could conceivably result in a ban and a fine.
In the U.S., TikTok is currently in negotiations with CFIUS, a U.S. body that conducts national security reviews of foreign companies' deals, to determine whether it can remain operational in the country via divestments to a U.S.-based company.
According to the FCC's Carr, though, there simply isn't "a world in which you could come up with sufficient protection on the data that you could have sufficient confidence that it’s not finding its way back into the hands of the [Chinese Communist Party].” In response, TikTok said Carr had no role in its discussions with the U.S. government and that it was “confident” it could reach an agreement that satisfies national security concerns.
Over in Europe, the revelation that data is accessed in China is likely to cause alarm on the Continent, which has strict requirements about how companies handle people’s personal information under the General Data Protection Regulation.
“We allow certain employees within our corporate group located in Brazil, Canada, China, Israel, Japan, Malaysia, Philippines, Singapore, South Korea, and the United States remote access to TikTok European user data. Our security controls include system access controls, encryption and network security," TikTok’s Fox said in her statement Wednesday.
Fox said employees are only allowed access based on a demonstrated need to do their jobs, and are subject to a series of robust security controls and approval protocols that are compliant with the GDPR.
Yet the revelations are likely to lead to fresh questions about whether the Chinese government is able to use TikTok to spy on people. TikTok has long sought to downplay its links to the repressive state and has insisted that no European or U.S. data is stored in China.