How TikTok is Evolving in the Context of Privacy 

11 November 2020 

Whether for its viral dances, cute kitten clips or the attention it garnered from Donald Trump, you have probably heard of the video mobile application TikTok.

Created by the company ByteDance, when Douyin (the Chinese precursor to the globally available TikTok) launched in September 2016 it was clear that the easy-to-use video creator was going to be a hit. Its worldwide release came in May 2017 and since then its popularity has continued to soar. As of October 2020, TikTok is available in over 150 countries and has over 1 billion users.

But success comes with its own pitfalls. When a business quickly expands and suddenly operates in a multitude of jurisdictions, it can be difficult to ensure that the different legal requirements have been clearly met ahead of the service or product gaining traction within a country. Amid a swathe of privacy law changes, the Chinese originated TikTok found itself under the scrutiny of foreign policy makers.

The concern was that its parent company ByteDance could be mandated by the Chinese state to disclose personal data about its users, the majority of whom are non-Chinese citizens. Most privacy laws have a caveat which allows the state to access information in specified circumstances. However, in a politically fraught summer where there was international condemnation of the Chinese state approach to Hong Kong protests – there was pressure to ensure domestic nationals were adequately protected. Not least because TikTok is so popular with younger users.

India outright alleges that the Chinese state is unlawfully using its users data and the application is currently banned in the country (although a similar ban was lifted and there are predictions that this too will be short-lived). Tensions reached boiling points in America when Donald Trump signed one executive order banning US transactions with ByteDance and another requiring ByteDance to sell its US operations by 12 November 2020. TikTok Global (as a subsidiary of ByteDance) was left between a rock and a hard place. Of course with recent elections, it’s yet to be seen whether the US position will soften, but the point remains: TikTok is centre stage, and facing scrutiny.

TikTok Global is currently in negotiations with Oracle and Walmart to try and resolve the concerns, but there is no clear resolution in sight. The proposed deal would grant Oracle 12.5% and Walmart 7.2% shares in TikTok Global, the other 80% remaining with ByteDance as the parent company.

If successful, Oracle would become TikTok Global’s technology provider, responsible for hosting all US user data and securing associated computer systems. The US Secretary of State, Mike Pompeo, asserts that ByteDance would be a passive shareholder and the deal would see American citizens’ data safe from the risk it could be accessed by the Chinese state. Interestingly, the editor-in-chief of the Global Times (a tabloid backed by China’s Communist Party) tweeted that Beijing were not set to approve the agreement on the basis it would endanger the country’s national security, interests and dignity.

Closer to home, TikTok is putting the work in to allay security fears. In June 2020, TikTok Technology Limited (TikTok Ireland) launched a new data centre in Ireland for hosting European users’ data. It last updated its privacy policy just in July 2020, with published guidance for parents of TikTok users and additional information on how to change privacy settings. As a group of technology nerds who write a lot of this type of stuff – we know the graft that will have gone in behind the scenes to get it all done.

It demonstrates the pressure that different legal frameworks can have: TikTok is grappling with legal proceedings to contest bans; trying to secure a deal whilst being scrutinised by the American and Chinese government and draft all the policies it needs to meet its transparency requirements under European law.

Remember that regardless of the stage of your business (start-up, scale-up or household name), your business needs to be able to adapt to new compliance requirements or risk drawing the ire of potential investors or local regulators. With the proposed Online Harms bill an obvious example, it continues to be the case that businesses need to scan the legal horizon to ensure they’re ready for any proposed changes. If you’d like any help keeping in the loop with legislation that might impact your business, we’re here for you – just get in touch.

Other Insights


Launching a CBD Business

Launching a CBD Business

If you’ve spent lockdown dreaming about launching your own CBD startup, in many ways there’s never been…

Get in touch

 

 

We’d love to talk about how we can help your business.

Contact Us 

T: 0117 244 0056
E: hello@stephenson.law

Address:
Desklodge House,
Redcliffe Way,

Bristol, BS1 6NL

Find us on LinkedIn and Instagram

Subscribe to our newsletter

Contact Us 

T: 0117 244 0056
E: hello@stephenson.law

Address:
Desklodge House, Redcliffe Way
Bristol, BS1 6NL

Find us on LinkedIn and Instagram

Subscribe to our newsletter