TikTok sought to reassure US senators this week that it is taking all necessary steps to limit access to users’ data from outside the United States, including by employees of its parent company, the Chinese group ByteDance.
The social media company responded by letter Thursday to questions from nine Republican US senators about its data storage and access policies.
The letter was initially published by the New York Times, but TikTok has since confirmed its content to AFP.
In response to earlier inquiries from US authorities, TikTok had indicated in mid-June that all of its data on US-based users were now stored on US-based servers operated by the American company Oracle.
In its letter on Thursday, TikTok confirmed claims made in a BuzzFeed article that employees based in China had access to US users’ data, but only within “robust cybersecurity controls and authorization approval protocols” overseen by the company’s “U.S.-based security team.”
The company reiterated to the senators that the Chinese Communist Party (CCP) had never requested data on American users.
“We have not provided US user data to the CCP, nor would we if asked,” it said.
TikTok officials also said that while ByteDance engineers could work on the platform’s algorithms, the new protocol ensures that they can only do so in Oracle’s computing environment, without extracting data from it.
The popular social media platform is currently being evaluated by the Committee on Foreign Investment in the United States (CFIUS), an inter-agency government review board that assesses risks of foreign investments on US national security.
