TikTok is spelling out to its European users that their data can be accessed by employees outside the continent, including in China, amid political and regulatory concerns about Chinese access to user information on the platform.
The other countries where European user data could be accessed by TikTok staff include Brazil, Canada and Israel as well as the US and Singapore, where European user data is stored currently.
TikTok’s head of privacy in Europe, Elaine Fox, said: “Based on a demonstrated need to do their job, subject to a series of robust security controls and approval protocols, and by way of methods that are recognised under the GDPR [the EU’s general data protection regulation], we allow certain employees within our corporate group located in Brazil, Canada, China, Israel, Japan, Malaysia, Philippines, Singapore, South Korea, and the United States, remote access to TikTok European user data.”
Data could be used to conduct checks on aspects of the platform, including the performance of its algorithms, which recommend content to users, and detect vexatious automated accounts. TikTok has previously acknowledged that some user data is accessed by employees of the company’s parent, ByteDance, in China.
In a letter to Republican senators disclosed in July, TikTok’s chief executive, Shou Zi Chew, said a “narrow set of non-sensitive” US user data could be viewed by foreign employees if approved by a US-based TikTok security team. He added that none of the data were shared with Chinese government officials.