Published: January 04, 2023 on our newsletter Security Fraud News & Alerts Newsletter.
We cannot get enough of TikTok. With the start of the new year, it’s time to review those pesky privacy policies. With more than one billion users worldwide, TikTok’s video-sharing platform announced what they call “clarifying” changes to its European continent data privacy policy, which was implemented in December of 2022. The widely popular, privately owned company added locations to how and where user data is accessed among their employees and where that data is stored. It’s now up to affected TikTok users in to decide if the data policy changes support or put at risk whether to keep using the platform.
ByteDance, the Chinese company that owns TikTok, lists where employees can now access user data: the U.S., Singapore, Canada, China, Brazil, and Israel. This change, according to the company, ensures user experience with the platform is “consistent, enjoyable and safe.”
On Employee Access to User Data…
Elaine Fox, TikTok’s head of privacy in Europe, says changes to employee access at TikTok is “Based on a demonstrated need to do their job, subject to a series of robust security controls and approval protocols, and by way of methods that are recognized under the GDPR, we allow certain employees within our corporate group located in Brazil, Canada, China, Israel, Japan, Malaysia, Philippines, Singapore, South Korea, and the United States, remote access to TikTok European user data.”
Created by the European Union (EU) and made enforceable in 2018, the GDPR (General Data Protection Regulation) is a law that provides guidelines and regulations on how organizations across the world collect and use the customer data of people in the EU. Organizations that don’t comply with the GDPR risk substantial fines.
On Security and Storage…
TikTok’s revised data privacy policy includes a statement on data security, “If you choose to engage in public activities on the Platform, you should be aware that any information you share may be read, collected, or used by other users. You should use caution in disclosing personal information while using the Platform.” The company says their user data security controls consist of restricting system access, encryption and network security.
How user data is collected and protected isn’t just an issue for TikTok and their customers. With people accessing multiple platforms on a daily basis, users everywhere should know how an organization values and shields their customer data from harm. While it may seem tedious and time-consuming, it is important to read the terms of service for every software product and app you use. This includes anything for which you provide any identifying data, such as your name and address, but especially for products that require any type of payment details or PII. Sometimes you’ll notice something in that fine print that you don’t agree to. If that is the case, don’t use the product.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at advisor@nadicent.com