Project Clover effort to alleviate Chinese state surveillance fears, sees TikTol open first European data centre, with more to follow
TikTok, owned by Beijing-based ByteDance, continues its efforts to ease concern that it is a national security risk to Western nations.
TikTok announced on Tuesday that as part of its commitment to storing European user data locally by default, it is establishing three new data centres in Europe.
It revealed that its first data centre in Dublin, Ireland, is now operational and migration of European user data to that facility has already begun. Two other data centres are currently being constructed in Norway and Ireland.
European data centres
It is expected that the other TikTok data centres in Ireland and Norway could be operational by the end of 2024.
Currently, TikTok is said to be storing European and UK user data by default in designated enclave within a data centre in the United States.
TikTok also revealed that it has hired British cybersecurity firm NCC Group to audit its data controls and protections, and provide independent verification, as part of it’s data security regime, nicknamed “Project Clover.”
TikTok’s “Project Clover” is running in parallel with “Project Texas” in America, which seeks to deliver similar safeguards to satisfy US lawmakers.
Project Texas saw the creation of a standalone entity to store American user data in the US on servers operated by American tech giant Oracle.
Owner ByteDance meanwhile is being urged to divest itself from TikTok, to help address US national security concerns.
TikTok stated that UK-based NCC Group will also serve as a managed security services provider for its security gateways – performing real-time monitoring to identify and respond to any suspicious or anomalous access attempts, and providing assurance on the integrity of the enhanced security controls operations.
NCC Group will validate that network traffic of TikTok’s European user data must pass through the security gateways, TikTok added.
“We’re proud that TikTok has recognised NCC’s cyber security track record and expertise and chosen us as the independent third-party security provider on this project,” said Stephen Bailey, Global Director of Privacy at NCC Group.
“Our objective scrutiny, monitoring and assurance means platform users in Europe and the UK can have confidence in the enhanced data security standards that TikTok is setting, which go above and beyond European regulatory requirements,” said Bailey.
US national security
These efforts signify the lengths that TikTok is having to go to, in order to convince skeptical Western authorities about its security risks.
TikTok has always said it had never, and would never, share US user data with the Chinese government.
Earlier this year TikTok CEO Shou Zi Chew told the US Congress that ByteDance is not owned or controlled by any Chinese government or state entity.
Shou Zi Chew is currently fighting for the very survival of TikTok in the US market, as American lawmakers prepare a bill that could ban the social media platform entirely from the United States on national security grounds.
In May Montana become the first US state to ban TikTok across the territory, after its governor signed legislation to halt downloading it from app stores in the state.
The use of TikTok is already banned for state employees in 34 out of 50 US states, and TikTok is already banned for all federal and government employees in the US.
But Montana was the first US state to try and ban the popular short video app entirely.
TikTok is used by more than 150 million Americans, but that nationwide ban of TikTok in the United States seems increasingly likely, after the White House added its backing to the bill from a bipartisan group of a dozen US senators.
UK, Europe bans
On this side of the pond, China’s TikTok was banned in March from mobile devices issued to UK government ministers and civil servants.
It came after security minister Tom Tugendhat hinted that a TikTok ban was likely, after he revealed that the UK’s National Cyber Security Centre (NCSC) was reviewing whether the Chinese-owned video app should be banned from government devices.
It should be remembered that the UK parliament in August 2022 closed down its TikTok account over concerns that its Chinese parent could be forced to hand over data to Chinese authorities.
In Europe TikTok was banned on all official devices in the European Commission, the European Parliament and the EU Council.