TikTok Takes Data Security to the Next Level with Cyber Consulting Giant

The popular social media platform TikTok has enlisted a British cybersecurity organization called NCC Group to independently audit its handling of user data and technical safeguards. Known internally as “Project Clover,” this initiative aims to provide outside verification of TikTok’s data security practices.

TikTok’s ownership by Chinese company ByteDance has prompted some governments to ban the app on work devices due to worries that Beijing could access citizens’ information. As concerns rise on both sides of the Atlantic, TikTok is taking new measures to strengthen user privacy.

As part of Project Clover, TikTok is establishing three data centers in Europe – two in Ireland and one in Norway – to store regional user data locally. According to Elaine Fox, TikTok’s head of privacy for Europe, the first Irish center is online and the company is transferring data. The remaining facilities will be complete by late 2024.

Fox noted TikTok has already started housing personal details of European and British customers separately in a “European enclave” temporarily hosted in the U.S. This is occurring ahead of the full operation of TikTok’s European infrastructure.

In the coming months, TikTok and NCC will engage policymakers across the continent to demonstrate how their collaborative data security program functions in real-world use. The decision to partner with NCC on Project Clover came as political pressure on app developers over information protection intensified on both sides of the Atlantic.