The European Union warned online giant TikTok on Tuesday to respect EU law and ensure the safety of European users’ data, as the video-sharing app’s CEO met with top officials in Brussels.
TikTok, whose parent company ByteDance is Chinese, has come under fierce Western scrutiny in recent months over concerns about how much access Beijing has to user data.
TiKTok chief executive Shou Zi Chew held official talks for the first time with EU vice presidents Margrethe Vestager and Vera Jourova, the bloc’s home affairs commissioner Ylva Johansson and justice commissioner Didier Reynders.
“I count on TikTok to fully execute its commitments to go the extra mile in respecting EU law and regaining trust of European regulators,” Jourova, whose portfolio includes the protection of EU values, tweeted alongside a video of their meeting.
“There cannot be any doubt that data of users in Europe are safe and not exposed to illegal access from third-country authorities,” she said.
In November, TikTok admitted that some staff in China can access the data of European users — but Chew told Jourova the company was working on a “robust” system for processing Europeans’ data in Europe, an EU spokesman said.
Theo Bertram, TikTok’s vice president of public policy in Europe, later said the company explained during the talks how it was “further strengthening data security in Europe, including by establishing our European data centre operations in Ireland”.
ByteDance is already under investigation by the Irish privacy regulator over whether it violated the EU’s data protection law, the GDPR, with its processing of children’s personal data and transfers of data to China.
“I insisted on the importance for TikTok to ensure full compliance with GDPR and cooperate with the DPC,” Reynders said.
The EU has also stepped up its fight against disinformation with a strengthened code of practice, and Jourova said TikTok would deliver a first report on the issue by the end of January. “Transparency will be a key element,” she said.
The EU has built a legislative arsenal targeting technology companies, passing two major laws to ensure that social media platforms follow the bloc’s rules on digital issues.
The Digital Services Act (DSA) forces social media platforms, online marketplaces and search engines to react more quickly to remove content deemed in breach of EU regulations.
The other, the Digital Markets Act (DMA), prohibits anti-competitive behaviour by the so-called “gatekeepers” of the internet.
Jourova said that TikTok and others must “swiftly get ready for compliance with the new EU digital rulebook”, referring to the DSA and DMA.
“It’s a top priority for us to be ready for this,” Bertram wrote on Twitter, saying the Brussels talks focused on “our commitment to compliance with regulations”.
Last month, TikTok admitted that ByteDance staff accessed data from the app to track journalists in a bid to identify the source of leaks to the media.
The company denies that the Chinese government has any control or access.
But Washington has banned the app from federal government devices, and some US lawmakers are trying to prohibit TikTok from operating in the United States.
Last year, TikTok said it was working on a plan to allay Washington’s concerns by holding US users’ data in the United States.
Chew will also hold a video call with Thierry Breton, the EU’s top official for enforcing digital regulation, on January 19.