U.S. law enforcement and national security teams remain cautious about striking a data security agreement with ByteDance, the parent company of TikTok. The concerns center on potential gaps in protection for U.S. user data even as ByteDance has offered additional safeguards intended to strengthen data privacy and access controls within the United States. Reuters has reported on these ongoing discussions, noting the debates within government circles over whether the proposed framework would sufficiently isolation and protect sensitive information.
In an effort to address U.S. regulators’ questions, TikTok negotiated a binding arrangement with Oracle, a U.S.-based technology firm. The plan aims to store user data on U.S. soil and to create a Data Security Unit under U.S. oversight to monitor data handling and content governance. This arrangement is presented as a way to increase transparency and harden data defenses against foreign access, aligning with American policy priorities on data sovereignty. Reuters again highlights the continued scrutiny as the deal progresses, with timing and details still under negotiation.
TikTok has proposed the formation of a council composed of trusted statutorily independent directors who would oversee the platform’s governance. The intention is for this body to operate free from direct control by ByteDance and to include members selected to be accountable to U.S. authorities. The council would consist of three individuals, each subject to oversight by U.S. regulators, and the unit would be led by a security professional with experience in federal government service. This governance model is presented as a way to reassure Americans that decision making on safety and data protection rests with independent, domestically anchored experts rather than the parent company.
Despite these steps, the White House continues to weigh the deal against concerns raised by major national security agencies. The Pentagon, the Federal Bureau of Investigation, and the Central Intelligence Agency have voiced skepticism, arguing that TikTok’s technology lineage and ownership ties could still expose sensitive information to Chinese infrastructure and influence. In contrast, other parts of the administration, including the Treasury and the Department of Justice, have signaled openness to an agreement under strict, verifiable controls. The final decision rests with the White House, with the administration weighing risk, benefits, and the practicalities of enforcement across agencies.
Earlier reporting from The Verge noted prior concerns about data collection practices by TikTok, including the potential for phone number data to be handled in ways that could expose users to unnecessary risk. The current discussions reflect a broader effort by U.S. policymakers to ensure that any foreign-owned social media platform operating in the United States adheres to robust data protections, transparent governance, and effective accountability mechanisms, all while balancing innovation, commerce, and user trust. These evolving talks illustrate the high-stakes environment at the intersection of technology, security, and public policy in North America.