The ByteDance-owned platform, which currently stores European user data in the U.S. and Singapore, said the revision is part of its ongoing data governance efforts to limit employee access to users in the region, minimize data flows outside of it, and store the information locally.
“Based on a demonstrated need to do their job, subject to a series of robust security controls and approval protocols, and by way of methods that are recognised under the GDPR, we allow certain employees within our corporate group located in Brazil, Canada, China, Israel, Japan, Malaysia, Philippines, Singapore, South Korea, and the U.S. remote access to TikTok European user data,” the company said.
TikTok further said its security controls consist of system access restrictions, encryption, and network security, adding it doesn’t collect precise location information from its users in Europe.
The development also takes place against mounting regulatory scrutiny of the platform on both sides of the Atlantic, which has over one billion monthly active users. ByteDance has repeatedly denied it is controlled by the Chinese government.
It has also faced rough weather in the U.S., what with Brendan Carr, a Republican member of the Federal Communications Commission (FCC), calling for a ban of the application over national security concerns that user data could be accessed by Chinese authorities.
Last month, the company contested a report from Forbes that a China-based team at ByteDance planned to use the platform to track the locations of select U.S. citizens without their knowledge or permission.
Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.