TikTok says it will not share UK user data with Chinese government

TikTok has said it has not shared UK user data with the Chinese government and will not if they are asked.

Liz Kanter, the video-sharing platform’s director of government relations said the company is “committed to being transparent about where requests for data have been made by countries around the world”.

There have long been concerns around TikTok over its links to China because its parent company, ByteDance, was founded in the country and critics have raised fears data could be passed to the Chinese state.

In her letter to Tory MP Alicia Kearns, chairwoman of the Foreign Affairs Committee, Ms Kanter said TikTok is “separate” from a ByteDance subsidiary incorporated in China and its employees “do not have access” to TikTok users’ personal data.

“For the avoidance of doubt, we have not been asked for TikTok UK user data by the Chinese government or the CCP, we have not provided such data to the Chinese government or the CCP and we would not do so if asked,” she said.

“We recognise the need for scrutiny about the way in which companies handle user personal data.

“As a company, we prioritise ensuring strong protections and governance when handling our users’ data and we strive to create public transparency around our data practices, including issues such as data storage and access.

“We believe that being transparent about data storage and access is important not just for Government and regulators, but also for our users.”

Scrutiny on the social media giant increased last month when, as part of an update to its privacy policy, the platform confirmed in specific circumstances some TikTok staff in China and other countries were allowed to access UK and EU user data “based on a demonstrated need to do their job”.

In her letter, Ms Kanter said such access “is limited and subject to strict security controls and authorisation approval protocols”.

“For UK users’ personal data that is accessed by any employee, including anyone based in China (or anywhere in the world), we employ a range of system access controls, encryption, and network security protocols to prevent the employee sharing the data with anyone without permission to access it, either within the company or externally,” she said.

“TikTok data is divided into different levels of confidentiality according to the degree of sensitivity; the higher the level of confidentiality, the stricter the approval process.”

Ms Kanter reaffirmed the company’s plans to begin storing UK and wider European user data in Europe, with a data centre in Dublin expected to become operational in 2023.

TikTok user data is currently stored in the US and Singapore.

“As with any large international company, international data flows remain necessary to operate a global business,” Ms Kanter said.

“At the same time, we are continuing to work towards our goal of minimising data flows outside of Europe and reducing remote access even further, both in terms of the scope of access required and the number of business functions with access in the first place.”