Tiktok meets GCHQ to ease security fears as threat of US ban rises
TIKTOK is courting Britain’s most senior cyber security agency in an attempt to reassure MPS it is not a national security threat.
Tiktok representatives have held what it considers to be productive talks with the National Cyber Security Centre (NCSC), an arm of GCHQ.
It comes as the Chinese-owned social media app fights global attempts to ban it over security fears.
NCSC is understood to be reviewing the app, though a Government source emphasised Tiktok had not yet been given a clean bill of health by spooks.
The US, EU and Canada have all banned government employees from installing Tiktok on their devices, putting pressure on Britain to follow suit. US Republican politicians are pushing to give Joe Biden the power to ban the app.
Westminster policy advisers and lobbying groups were hosted at Tiktok’s London offices on Monday as it launched a charm offensive aimed at preventing a crackdown in Britain.
Tiktok’s US general counsel Erich Andersen, government relations managers Liz Kanter and Giles Derrington, and head of European privacy Elaine Fox welcomed the guests.
The video app is battling claims that it could be exploited by the Chinese government to extract data on Western citizens and politicians, or be used to influence public opinion.
China yesterday announced plans to overhaul its tech ministry and create a department to oversee its use of data. As it stands, Tiktok’s privacy policy says European and UK data can in some cases be accessed by staff in China.
Tiktok insists it does not cooperate with the Chinese government and has taken steps to safeguard user data.
However, it has told Westminster insiders that British users’ personal data will continue to be held offshore.
Data from the UK will be stored in Ireland and British information will be “treated as part of Europe”, one person said, even as the UK develops increasingly divergent data laws.
Tiktok, which is owned by Beijingbased Bytedance, has laid out a scheme labelled Project Clover that will see it open new European data storage centres subject to independent audits.
The company already has a facility in Ireland and has promised to open a second data centre in the country, with a third planned for an undisclosed European location. Tiktok said on Monday that this would not be in the UK, despite Britain being the app’s biggest market in Europe and operating under a different privacy regime than the EU post-brexit.
A UK facility has been ruled out despite the fact Tiktok is opening a US data centre to address security concerns from the White House. EU officials have also pushed for European data to be stored within the bloc.
In the US, Tiktok has agreed to have data managed locally by the IT giant Oracle. The company has said all European users’ information will be stored in European data centres. The decision not to build a centre in Britain contrasts with efforts by Huawei, the Chinese telecoms company, which opened a cyber security centre in the UK that provided spies from GCHQ deep access to its hardware and code. A spokesman for the NCSC declined to comment.
In Washington yesterday, a bipartisan group of politicians introduced legislation that will give the White House the power to review, potentially ban or force a sale of Tiktok.
If passed, the bill would empower Mr Biden to force the sale of foreign-owned technologies, applications, software or e-commerce platforms if they present a national security threat to US users.