business

TikTok Tells U.S. Lawmakers It's Working to Stop User Data From Being Accessible to Chinese Employees

Drew Angerer | Getty Images News | Getty Images
  • TikTok acknowledged in a letter to senators that its non-U.S. employees had access to data of U.S. users.
  • The company, which is owned by China's ByteDance, told lawmakers on Thursday that it's working to protect that data.
  • TikTok said it's now storing all U.S. data by default in Oracle's cloud infrastructure.

TikTok, a unit of China's ByteDance, told U.S. lawmakers that it's working to safeguard data in response to concern that its Chinese employees have been able to access information on its U.S.-based users.

The social media company sent a letter on Thursday to U.S. senators acknowledging that employees outside the country could see data on U.S. users, confirming reports of such practices. TikTok said in the memo that it's now working with Oracle on more advanced data security tools that it hopes to finish building at an unspecified date in the near future. 

"Employees outside the U.S., including China-based employees, can have access to TikTok U.S. user data subject to a series of robust cybersecurity controls and authorization approval protocols overseen by our U.S.-based security team," TikTok CEO Shou Zi Chew wrote in the memo. 

CNBC reported last year that former TikTok employees were concerned about ByteDance's influence on the popular short video service, noting the risk that Chinese workers could examine American user data.

TikTok said it's currently undertaking a major initiative, dubbed Project Texas, intended to "fully safeguard user data and U.S. national security interests." The company said it's now storing all U.S. data by default in Oracle's cloud, reiterating comments made in a recent blog post, which said "100% of US user traffic is being routed to Oracle Cloud Infrastructure."

"That work puts us closer to the day when we will be able to pivot toward a novel and industry-leading system for protecting the data of our users in the United States, with robust, independent oversight to ensure compliance," Chew said in the memo.

The agreement with Oracle was set in 2020, after former President Donald Trump had threatened to ban the TikTok app in the U.S.

Chew said that while ByteDance developed the underlying algorithms that power the app and its Chinese sibling Douyin, the bulk of TikTok's core technology infrastructure is "separate from Douyin." 

"Our solution with Oracle will ensure that training of the TikTok algorithm only occurs in the Oracle Cloud Infrastructure and will also ensure appropriate third-party security vetting and validation of the algorithm," Chew wrote.

He added that the Chinese Communist Party (CCP) has not asked the company for access to the data of its U.S.-based TikTok users and that the company would not provide that data upon such a request. 

WATCH: TikTok should be booted from app stores

Copyright CNBCs - CNBC
Contact Us