Published: January 04, 2023 on our newsletter Security Fraud News & Alerts Newsletter.
ByteDance, the Chinese company that owns TikTok, lists where employees can now access user data: the U.S., Singapore, Canada, China, Brazil, and Israel. This change, according to the company, ensures user experience with the platform is “consistent, enjoyable and safe.”
On Employee Access to User Data…
Elaine Fox, TikTok’s head of privacy in Europe, says changes to employee access at TikTok is “Based on a demonstrated need to do their job, subject to a series of robust security controls and approval protocols, and by way of methods that are recognized under the GDPR, we allow certain employees within our corporate group located in Brazil, Canada, China, Israel, Japan, Malaysia, Philippines, Singapore, South Korea, and the United States, remote access to TikTok European user data.”
Created by the European Union (EU) and made enforceable in 2018, the GDPR (General Data Protection Regulation) is a law that provides guidelines and regulations on how organizations across the world collect and use the customer data of people in the EU. Organizations that don’t comply with the GDPR risk substantial fines.
On Security and Storage…
How user data is collected and protected isn’t just an issue for TikTok and their customers. With people accessing multiple platforms on a daily basis, users everywhere should know how an organization values and shields their customer data from harm. While it may seem tedious and time-consuming, it is important to read the terms of service for every software product and app you use. This includes anything for which you provide any identifying data, such as your name and address, but especially for products that require any type of payment details or PII. Sometimes you’ll notice something in that fine print that you don’t agree to. If that is the case, don’t use the product.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at firstname.lastname@example.org