TikTok on mobile phone

TikTok privacy chief: China’s not the only country that can access your data

Controversial social media platform TikTok is in the limelight once again after its head of privacy in Europe, Elaine Fox, revealed in a TikTok Privacy Policy update that China isn’t the only country that accesses UK and EU TikTok account data. Other countries do, too.

“Based on a demonstrated need to do their job, subject to a series of robust security controls and approval protocols, and by way of methods that are recognised under the GDPR, we allow certain employees within our corporate group located in Brazil, Canada, China, Israel, Japan, Malaysia, Philippines, Singapore, South Korea, and the United States remote access to TikTok European user data.” 

This updated policy applies to “the European Economic Area, United Kingdom and Switzerland”.

Last week, Federal Communications Commissioner (FCC) Brendan Carr called for TikTok to be banned in America, months after deeming it an “unacceptable security risk” and calling for Apple and Google to remove the app from their respective stores. 

“I don’t believe there is a path forward for anything other than a ban,” Carr said.

TikTok received criticism about its security risk as early as 2020. Amazon even discouraged its employees from using the app based on the same security risk Carr raised. In England, the UK Parliament closed down its official TikTok account when senior MPs raised concerns about data being passed on to China. 

On top of this, the lead privacy regulator in the EU, the Irish Data Protection Commission (DPC) has investigated TikTok for privacy-related issues, particularly concerning children’s personal data and compliance with EU laws regarding data transfer.

In the face of mounting concerns and criticisms, spokespeople from TikTok continue to deny everything thrown at them, including that TikTok is controlled by the Chinese government and, in the words of the BBC, used to “‘target’ the American government, activists, public figures or journalists.”

About the policy update, Fox said. “Our efforts are centred on limiting the number of employees with access to European user data, minimising data flows outside of the region, and storing European user data locally.”

We don’t just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.