Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Compliance

EU Tells TikTok Chief To Respect Data Privacy Laws

The European Union warned online giant TikTok on Tuesday to respect EU law and ensure the safety of European users’ data, as the video-sharing app’s CEO met with top officials in Brussels.

The European Union warned online giant TikTok on Tuesday to respect EU law and ensure the safety of European users’ data, as the video-sharing app’s CEO met with top officials in Brussels.

TikTok, whose parent company ByteDance is Chinese, has come under fierce Western scrutiny in recent months over concerns about how much access Beijing has to user data.

TiKTok chief executive Shou Zi Chew held official talks for the first time with EU vice presidents Margrethe Vestager and Vera Jourova, the bloc’s home affairs commissioner Ylva Johansson and justice commissioner Didier Reynders.

“I count on TikTok to fully execute its commitments to go the extra mile in respecting EU law and regaining trust of European regulators,” Jourova, whose portfolio includes the protection of EU values, tweeted alongside a video of their meeting.

“There cannot be any doubt that data of users in Europe are safe and not exposed to illegal access from third-country authorities,” she said.

In November, TikTok admitted that some staff in China can access the data of European users — but Chew told Jourova the company was working on a “robust” system for processing Europeans’ data in Europe, an EU spokesman said.

Theo Bertram, TikTok’s vice president of public policy in Europe, later said the company explained during the talks how it was “further strengthening data security in Europe, including by establishing our European data centre operations in Ireland”.

ByteDance is already under investigation by the Irish privacy regulator over whether it violated the EU’s data protection law, the GDPR, with its processing of children’s personal data and transfers of data to China.

“I insisted on the importance for TikTok to ensure full compliance with GDPR and cooperate with the DPC,” Reynders said.

The EU has also stepped up its fight against disinformation with a strengthened code of practice, and Jourova said TikTok would deliver a first report on the issue by the end of January. “Transparency will be a key element,” she said.

The EU has built a legislative arsenal targeting technology companies, passing two major laws to ensure that social media platforms follow the bloc’s rules on digital issues.

The Digital Services Act (DSA) forces social media platforms, online marketplaces and search engines to react more quickly to remove content deemed in breach of EU regulations.

The other, the Digital Markets Act (DMA), prohibits anti-competitive behaviour by the so-called “gatekeepers” of the internet.

Jourova said that TikTok and others must “swiftly get ready for compliance with the new EU digital rulebook”, referring to the DSA and DMA.

“It’s a top priority for us to be ready for this,” Bertram wrote on Twitter, saying the Brussels talks focused on “our commitment to compliance with regulations”.

Last month, TikTok admitted that ByteDance staff accessed data from the app to track journalists in a bid to identify the source of leaks to the media.

The company denies that the Chinese government has any control or access.

But Washington has banned the app from federal government devices, and some US lawmakers are trying to prohibit TikTok from operating in the United States.

Last year, TikTok said it was working on a plan to allay Washington’s concerns by holding US users’ data in the United States.

Chew will also hold a video call with Thierry Breton, the EU’s top official for enforcing digital regulation, on January 19.

Related: Five Ways TikTok Is Seen as Threat to US National Security

Rrlated: FBI Director Raises National Security Concerns About TikTok

Related: TikTok Hit by US Lawsuits Over Child Safety, Security Fears

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Audits

Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Cybercrime

A database containing over 235 million unique records of Twitter users is now available for free on the web, cybercrime intelligence firm Hudson Rock...

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...