TikTok Reassures US Senate Over Data Plans

TikTok has outlined in a letter to US senators how it plans to keeping the data it holds on US citizens separate from Chinese parent company ByteDance, over national security concerns.

The app is one of the most popular social media services, with more than 1 billion users worldwide, and counts the US as its biggest market.

It has been under investigation by the Committee on Foreign Investment in the United States (CFIUS) since 2020 amidst a trade war with China initiated by then-President Donald Trump.

Trump ordered ByteDance to divest its US TikTok operations to a third company, but that deal never went through after current president Joe Biden took office in 2021.

‘Data security controls’

“We know we are among the most scrutinised platforms from a security standpoint and we aim to remove any doubt about the security of US user data,” said TikTok chief executive Shou Zi Chew in the letter.

Chew, a Harvard Business School graduate who is also ByteDance’s chief financial officer, said the company is planning “new advanced data security controls that we hope to finalise in the near future”.

He said the company would operate the US app entirely from servers controlled by Oracle, with the set-up audited by a third party.

US users’ personal information would also be stored at Oracle instead of on TikTok’s own servers, he said.

TikTok chief executive Shou Zi Chew. Image credit: TikTok

US information

Last month BuzzFeed News reported that ByteDance still had access to the US data as recently as January of this year and that the company was finding it difficult to separate off the American data.

Following the report nine US senators wrote to TikTok about its practices, and the letter is in response to their query, TikTok confirmed in a statement.

An FCC commissioner also last month urged Apple and Google to remove TikTok from their app stores.

Chew said in the letter that ByteDance employees in China should only get access to TikTok data when “subject to a series of robust cybersecurity controls and authorisation approval protocols overseen by our US-based security team”.

He reiterated that the company hopes to soon be able to delete US users’ data from its servers.


“We have not spoken publicly about these plans out of respect for the confidentiality of the engagement with the US government, but circumstances now require that we share some of that information publicly to clear up the errors and misconceptions in the article and some ongoing concerns related to other aspects of our business,” Chew wrote.

He made it clear that ByteDance employees in China would still be working on TikTok, for instance to develop the algorithm that feeds personalised video recommendations to users.

But Oracle would ensure that “training of the TikTok algorithm” would happen only on Oracle’s servers.


Senator Marsha Blackburn of Tennessee, one of the US senators who wrote to TikTok last month, said in a statement that Chew’s letter proved that fears about the Chinese Communist Party’s influence on TikTok and ByteDance “were well founded”.

She said TikTok “should have come clean from the start but instead tried to shroud their work in secrecy”, adding that the company should testify again before Congress.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Google Ordered To Pay $43m By Australian Court

Search engine Google fined $43 million by Australian court for tracking Android users location data…

15 hours ago

Hacker Touts Data Sale Of 48.5m Users Of Covid App – Report

Personal data of 48.5 million Chinese citizens who used Shanghai's Covid App, is being offered…

15 hours ago

Facebook Tests Default End-to-End Encryption For Messenger

Privacy move. Platform tests secure storage of people's chats on Messenger, in a move sure…

17 hours ago

UK’s CMA Begins Probe Of Viasat Acquisition Of Inmarsat

British competition regulator the CMA, begins phase one investigation of $7.3 billion merger between Inmarsat…

1 day ago

Cisco Admits ‘Security Incident’ After Breach Of Corporate Network

Yanluowang ransomware hackers claim credit for compromise of Cisco's corporate network in May, while Cisco…

2 days ago

Google Seeks To Shame Apple Over RCS Refusal

Good luck convincing Tim. Google begins publicity campaign to pressure Aple into adopting the cross…

2 days ago