TikTok moves U.S. user data to Oracle servers to address data security concerns
In a blog post on Friday, TikTok said it has “changed the default storage location of US user data” to Oracle. The move suggests that the viral short-video app owned by Chinese tech upstart ByteDance is grappling with U.S. concerns about its data security.
Current backups of U.S. user data continue to be kept on TikTok’s proprietary servers in Virginia and Singapore, according to the company, but it aims to delete users’ private data from these servers in order to “fully pivot to Oracle cloud servers located in the U.S. TikTok did not provide a timeline for its planned removal.
For months, TikTok and Oracle have worked on a plan to manage the social media company’s U.S. user data, including developing procedures for Oracle to audit TikTok’s handling of the data, TikTok said.
“These changes will enforce additional employee protections, provide more safeguards, and further minimize data transfer outside of the US,” said the social media platform.
TikTok was once the central front in the U.S.-China tech war. On August 6 2020, the Trump administration issued an executive order, prohibiting American companies from conducting business with ByteDance over fears the Chinese company would threaten the security of U.S. users’ private information.
The then-president also required that TikTok’s U.S. business must be sold to an American company before September 20, or it will be banned.
ByteDance had prepared for the worst, discussing sales plans with Oracle and other bidders including Microsoft and Walmart. Ultimately, Oracle, with years of ties to the Trump administration, beat out other rivals and was seen as the most likely to win the deal.
Fortunately, the sale and the ban on TikTok were eventually terminated. In December 2020, a US court rejected the Trump administration’s ban on the app. In February 2021, the new Biden administration made it official that it would not try to get TikTok to sell its company to U.S. ownership. But the successor called for a broader review of a number of foreign-controlled apps that could pose a security threat to Americans and their data.
In January, a BuzzFeed News report, citing audio recordings of 80 internal TikTok meetings it obtained, claimed that TikTok’s U.S. employees repeatedly consulted with their colleagues in China to understand how U.S. user data flowed because they did not have the “permission or knowledge of how to access the data on their own.” The report sparked a new wave of concerns about the security of TikTok users’ data.
Therefore, while the threat of a sale has gone away, data security is the most important issue TikTok must address in order to ensure operating safely and smoothly in the U.S.