European Commission Questions TikTok Data Security on Devices
The European Commission has asked staff to remove the TikTok app from corporate and personal mobile devices used for work, citing data protection concerns. The decision aims to safeguard sensitive information and strengthen cyber security across Commission operations.
The Commission’s leadership approved suspending TikTok on devices registered with the mobile device services program until a March 15 deadline for removal. This move comes as the Commission seeks to reduce potential data breaches and unauthorized access to internal systems in a landscape where digital security is a top priority.
In the European Union, roughly 125 million people access TikTok each month. The platform, owned by ByteDance, has surged to become a global phenomenon by popularizing short vertical videos and achieving rapid growth to become one of the most widely used digital apps worldwide. Yet, concerns persist that it could be used as a vector for espionage by state actors, a suspicion that has influenced policy in other regions and has prompted questions within many European capitals about the protection of official data and national security.
Access to European Data
Thierry Breton, the European Commissioner for Industry, has publicly explained the rationale behind the measure, highlighting the need to keep European data out of potentially high-risk environments. Earlier, TikTok disclosed that employees in China and nine other countries had access to the personal data of European users, a fact that has drawn attention from regulators and policymakers alike.
Despite the company’s assurances, officials have not been fully convinced. The situation received additional scrutiny when Forbes reported that TikTok employees had used the app to gain access to information used by reporters, fueling concerns about data handling practices.
A TikTok spokesperson reiterated the company’s commitment to minimizing user data flows outside of Europe and criticized the decision as based on misunderstandings while maintaining that the platform is safe for European users.
Currently, European user data is stored on servers located in the United States and Singapore. In response to ongoing privacy and regulatory concerns, TikTok announced plans to establish three data hubs in Europe—two in Ireland and another location within the European region—to store user data locally and reduce access by employees outside the region. This step aims to reassure regulators and users that data processing adheres to European standards.
On January 10, TikTok chief executive Shou Zi Chew met with European officials to convey a message of steadiness and commitment to data security. He stated that user data in Europe is secure and not exposed to illegal access by authorities from outside the region, a point echoed by Vera Jourova, the European Commissioner for Values and Transparency. The latest developments reflect ongoing tensions between platform innovation, privacy safeguards, and regulatory expectations in Brussels.
Source notes indicate ongoing reporting and statements from multiple stakeholders, including regulatory bodies and media outlets, contributing to a broader discussion about how large tech platforms manage cross-border data transfers and comply with stringent European rules. (Source: Reuters; other industry reports cited for context)