TikTok unveiled a set of privacy measures aimed at reassuring regulators and users in North America and Europe. The platform, owned by the Chinese company ByteDance, will begin storing data about European citizens on local servers within the region.
The Clover Project will support two new data centers on EU soil. One facility will be located in Dublin, Ireland, where the company already has a European headquarters and offices. The second site will be in Norway, specifically in the Hamar area. It is not yet clear which organization will operate these centers, but TikTok has confirmed that a European provider will manage them.
Previously, European user data resided on servers in the United States, with backups in Singapore. The ongoing shift to European servers began in 2021 and is expected to continue through the next year, making Europe the default data location. The transition represents a substantial financial commitment, with an annual investment reported at around 1.2 billion euros.
restraint wave
TikTok’s moves come amid tighter regulatory restrictions taking hold worldwide. On February 23, the European Commission, the European Parliament, and the European Council announced mobile device restrictions for staff, signaling a broader push toward data sovereignty. Four days later, Canada followed with its own similar measures. In the United States, federal rules already prohibit the use of TikTok on government devices, and many states have enacted broader bans. Spain has not yet joined those bans.
Governments cite concerns that TikTok could enable espionage linked to the United States through backdoor access to user data. While proven cases of such backdoor activity remain unverified, developments such as the disclosure that company staff were used to monitor journalists from Forbes intensified regulatory scrutiny and public skepticism around the platform.
In November, TikTok stated that employees in as many as ten countries could handle data from European users. The company today underscores plans to curtail data transfers outside the region and to limit employee access to this information. Any authorized access will be subject to multiple security gateways and checks to ensure compliance with regional privacy protections, rather than relying solely on U.S. law.
The announced changes will affect residents not only of the EU but also residents of the United Kingdom, Norway, Iceland, and Liechtenstein. Together, these regions account for more than 150 million monthly active users on TikTok, highlighting the breadth of the policy’s potential impact across Europe and nearby markets.