TikTok has laid out new measures to protect users’ data in Europe, as the Chinese-owned social media app attempts to address growing security concerns from governments around the world.
On Wednesday, the company said its European data security regime, known as Project Clover, will see it open two data centres in Dublin, and a third in Norway, to store videos, messages and personal information generated by 150mn European users of the platform.
The move comes as the fast-growing social media network is facing multiple fronts of pressure from governments, including a potential ban or divestiture of its business in the US.
The White House on Tuesday backed a bill in Congress that would give the administration new powers to ban Chinese apps that pose security threats, such as TikTok.
Testifying before the US Senate intelligence committee on Wednesday, FBI director Christopher Wray said TikTok “screams out with national security concerns”. Wray said the app was just another example of how the Chinese government was “gobbling up information” and using artificial intelligence and supercomputers to use data to identify targets for espionage and the theft of intellectual property.
“Data is the coin of the realm. Those who have the best information have the power and that’s what that enables them to do,” Wray told the committee in a hearing alongside Avril Haines, the director of national intelligence, and Bill Burns, the CIA director.
Meanwhile, the European Commission last month announced plans to ban its staff from using TikTok amid security concerns over the growing use of the app, a move the Canadian government followed.
Other new security measures announced by TikTok on Wednesday included the aggregation of data to the point that TikTok was no longer able to attribute personal data to a particular individual.
It also revealed plans to work with a European security company that will independently audit its data controls and protection, and then report to national security agencies and regulators. TikTok said it was still in discussions and could not name the third party.
TikTok has come under increasing scrutiny over its links to the Chinese government through its owner ByteDance. Regulators and security experts have voiced concerns that under local laws, Chinese companies may be compelled to disclose data to the state, as well as to restrict the transfer of sensitive information across borders.
Theo Bertram, vice-president of government relations at TikTok and former adviser to Tony Blair and Gordon Brown, said data was not stored in China but in the US and Singapore and that it would be “impossible” for the Chinese government to gain data from users lawfully by requesting it from these governments.
He added: “This is novel ground, this is difficult work. We are taking data sovereignty to a level that has not been done before by a billion-user data company.”
TikTok said it would begin transferring user data this year to its new European data centres, and expected to complete this process by 2024. It said it expected to spend €1.2bn annually on running the three data centres.
In December, the company revealed its staff in the US and China had inappropriately obtained the data of users, including a Financial Times journalist, in order to analyse their location as part of an internal leaks investigation. TikTok said the staff had now left the company.
Additional reporting by Demetri Sevastopulo