Last Tuesday, TikTok released updates to its privacy policy. It was explicitly aimed at European users. Their privacy policy now clearly states that employees can view personal data from the app in China. The company notified that the update should provide more transparency regarding users from the European Economic Area, the United Kingdom, and Switzerland, but not the United States. However, TikTok said it stores data of European users in the United States and Singapore.
In addition to employees in China, employees in countries including Brazil, Canada, Israel, Japan, Malaysia, the Philippines, Singapore, South Korea, and the United States can also access the data, the company said. The update says access to this data is allowed to “certain employees in our corporate group” and “based on a demonstrated need to do their jobs.”
The company assures that they have “robust security controls” over employee access to users’ personal information. These controls are implemented “through methods that the GDPR recognizes,” the European Union’s privacy law.
“To run a global platform designed to share joyful content, we rely on a global workforce to ensure a consistent, enjoyable, and secure experience for our community on TikTok,” Elaine Fox, TikTok’s head of privacy for Europe, wrote in a company statement.
However, U.S. politicians are increasingly criticizing TikTok because the Chinese government could pressure TikTok or its parent company, ByteDance, to hand over users’ personal information under national security laws.