TikTok has taken a significant step in addressing concerns regarding data privacy and Chinese state surveillance by establishing its inaugural European data centre in Dublin. This move is part of the company’s ongoing efforts to distance itself from data sharing with China and bolster data protection for its European user base.
TikTok, under the ownership of Chinese company ByteDance, vehemently asserts that it has never shared user data with Beijing. However, critics remain wary, fearing that the Chinese government could potentially demand access to this data at any point in time.
To build trust and enhance security measures, TikTok has initiated “Project Clover,” signifying the importance of Ireland in this endeavor. This initiative aligns with “Project Texas,” where similar commitments were made to US authorities in 2020.
Earlier this year, TikTok faced a series of governmental restrictions due to cybersecurity and privacy concerns. Several institutions, including the UK government, the European Parliament, the European Commission, and the EU Council, banned the app from officials’ devices. A primary apprehension among European security officials is the risk of Chinese state access to user data through the app.
To alleviate these concerns, TikTok is now storing European user data locally. The Dublin data centre is operational, with plans for additional centres in Ireland and Norway’s Hamar region. These centres will manage the data of TikTok’s vast European user base, which exceeds 150 million users.
In a bid to enhance transparency and security, TikTok has engaged a European security company, NCC Group, to independently audit its data controls at the data center. The NCC Group will scrutinise TikTok’s operations, detect and respond to any suspicious access attempts, and collaborate on strengthening security measures.
TikTok intends to engage with European policymakers in the coming months to elucidate the practical implementation of this security system. By taking these measures, TikTok aims to demonstrate its commitment to safeguarding user data and assuage concerns about potential data sharing with the Chinese state.