Amid mounting pressure over concerns that TikTok may be sharing user data with the Chinese government, the social media platform has launched Project Clover, a new data security regime aimed at protecting user information in Europe.
Under the new regime, user data will be stored within Europe and placed under tighter access controls, with oversight from a third-party European security company. TikTok plans to introduce security gateways to determine employee access to European user data, with any data access having to comply with relevant data protection laws and go through additional security checks.
TikTok is currently in talks with a European security company that is independent of the company, to conduct an audit of their data controls and protections, oversee the flow of data, provide impartial verification, and notify of any incidents. The platform also plans to work with third parties on introducing new privacy-enhancing technologies such as pseudonymisation of personal data and aggregation of individual data points into larger data sets to protect the privacy of individuals.
To keep European data within Europe, TikTok is opening two new data centers in Dublin and Norway’s Hamar region, with plans to migrate data this year and next.
The Project Clover initiative bears resemblance to Project Texas, which is presently underway in the United States. Under Project Clover, user data will be stored locally by a newly-formed subsidiary called TikTok U.S. Data Security Inc. This subsidiary will be overseen by an autonomous board of directors.
Both projects are aimed at allaying growing fears about parent company ByteDance’s links to the Chinese government, with concern that the company could be compelled to hand over data to the government under Chinese law.
According to TikTok’s Vice President of Government Relations and Public Policy for Europe, Theo Bertram, Project Clover affirms the platform’s dedication to a European data governance strategy that prioritizes the protection of user data and adheres to the principle of data sovereignty.
TikTok has faced scrutiny from governments worldwide over data privacy concerns. The European Commission and the European Parliament recently banned the use of TikTok on work phones, and several national governments followed suit. However, the UK has imposed no such restrictions despite widespread calls to do so. In the US, a Senate Select Committee on Intelligence warned that the company represented a threat to national security, and the White House is backing a bill that would give it the power to ban the platform altogether.
In Conclusion
TikTok has launched Project Clover, a new data security regime aimed at addressing privacy concerns in Europe. The project involves tighter access controls, the storage of user data within Europe, and the oversight of a third-party European security company. The platform also plans to work with third parties to introduce new privacy-enhancing technologies and is opening two new data centers to keep European data within Europe. The project is similar to Project Texas, which is being implemented in the US and is designed to allay growing fears about parent company ByteDance’s links to the Chinese government. The European Commission, European Parliament, and several national governments have banned the use of TikTok on work phones, citing data privacy concerns. While the UK has not imposed such restrictions, TikTok’s new data security measures aim to reassure users across Europe that their data is being safeguarded.