“The creation of 3 new data centers in Europe”, the first a Dublin“already operational” and in which “the data migration of European users is in progress” and two others “in Norway e in Ireland”, which “are under construction”: TikTok’s latest communication on the protection of European users’ data seems identical to the TikTok’s previous notice on EU user data protection (which is this).
Even then, at the beginning of last March, there was talk of the “construction of 3 new data centerstwo in Ireland and one in Norway, one of which is already operational”, to respond to the concerns of the European Union precisely on the management of the personal information of its citizens.
Misinformation Monitor How TikTok became a reservoir of misinformation about companies by Jack Brewster and Macrina Wang July 30, 2023
TikTok and the EU: what changes, 6 months later
Between March and September, in reality, something changed in Project Cloverwhich TikTok describes as “our program to build a specially hardened secure environment for European user data”: we finally know which partner of choice for data center cybersecurity.
It deals with of NCC Group, a British company engaged in the field of cybersecurity, which should intentionally “guarantee the independence of checks on controls and protections, monitor data flows, carry out independent audits and report any incidents”. This term mainly refers to unauthorized access to data (by the Chinese government, which is the main fear both in the EU and in the US): as explained, “NCC Group will monitor the incoming and outgoing data traffic to independently prove that only authorized employees can access certain types of data” and also “will carry out continuous assessments on the security of the new gateways around the data of European users, the app, our data centers and other corporate infrastructures” .
Again: “NCC Group will verify that the traffic affecting i European TikTok user data actually passes through security gateways” to ensure that “European user data is secure” and that “it can only be accessed by authorized employees subject to rigorous independent supervision and verification”.
Social network Text-only posts like on Twitter: the new idea of TikTok (also in Italy) by Emanuele Capone 25 July 2023
TikTok and China, a doubt remains
This last point, that of “authorized employees”, is an important point and it will certainly be the subject of debate and discussion in the coming weeks, because at the moment it is not clear who these employees are, where they are physically located in the world and (again) what contacts they have with the Chinese government. On this, it must be said that from TikTok they have clarified the connection with the parent company, i.e. the Chinese multinational ByteDance: “Our relationship with them is like the one between YouTube and Google”, meaning that they are two related companies but acting and operating separately; moreover, 60% of ByteDance is in the hands of international investors, 20% is controlled by employees and the remaining 20% by the original founders, “none of whom are members of the Communist Party of China”.
We’ll see whether or not this will allay the fears of Westerners in the meantime Stephen Bailey, global director of Privacy di NCC Groupstated that “the objectivity of our review, monitoring and validation activities confirms to platform users in Europe and the UK that they can have confidence in the high standards of data security that TikTok is setting, which go beyond regulatory requirements Europeans”.
@capoema