TikTok gave US lawmakers more details in a letter Thursday about how it plans to keep data about its US users separate from ByteDance, its Chinese parent company, with the aim of allaying concerns that the video app poses a national security risk. .
In a letter to nine Republican senators, TikTok CEO Shou Zi Chew explained how the company would operate the app from servers operated by Oracle, the US cloud computing giant. TikTok would be managed from the US company’s machines and controlled by a third party, Mr Chew said. He also reiterated a plan to store US users’ personal information with Oracle, rather than on TikTok’s servers.
“We know we are one of the most researched platforms from a security perspective, and we strive to remove any doubt about the security of US user data,” wrote Mr. Chew in the letter, obtained by The New York Times.
TikTok, which is very popular for its short and viral meme videos, is trying to refute concerns that it is a national security risk. Critics of the app have been concerned for years that the Chinese government would request data from Americans directly from ByteDance and that TikTok was under the influence of the Chinese Communist Party.
In 2020, President Donald J. Trump cited those concerns and demanded that ByteDance sell TikTok if the app remained in US app stores. His government later announced a deal in which ByteDance would sell at least a portion of TikTok to Oracle, though the transaction never came to fruition.
TikTok will continue to be overseen by the United States Committee on Foreign Investment, a group of government agencies that vets foreign purchases from U.S. companies.
Last month, BuzzFeed News reported that ByteDance employees had only been able to access the app’s data this year, and that employees were struggling to shield information collected by the app.
Following the report, nine Republican senators — including Tennessee’s Marsha Blackburn and South Dakota’s John Thune — wrote to TikTok asking questions about the practices. Last month, a member of the Federal Communications Commission also said that Apple and Google should remove TikTok from their app stores.
In Mr. Chew’s letter to Republican senators, he said ByteDance employees in China can access TikTok data only if “subject to a set of robust cybersecurity controls and authorization approval protocols overseen by our US-based security team. “
He also reiterated the company’s hopes that it would soon be able to remove US data from its servers and store the information entirely with Oracle. (Some details of the plans were first reported by BuzzFeed.)
“We have not discussed these plans publicly out of respect for the confidentiality of the agreement with the US government, but circumstances now require that we share some of that information publicly in order to clarify the errors and misconceptions in the article and to address some lingering concerns related to other aspects of our business,” he said.
But Mr. Chew also made it clear that ByteDance employees in China would still be working on TikTok. Those employees can still develop the algorithm that provides personalized video recommendations to TikTok users, he said, although Oracle would “ensure that training of the TikTok algorithm” takes place only on its servers.
And certain information — such as public videos and comments — would remain available to ByteDance employees under terms approved by the U.S. government, he wrote, to “ensure global interoperability so that our U.S. users, makers, brands and sellers share the same rich and secure TikTok experience as global users.”