Date: January 24, 2023
Delivering on our US data governance
TikTok has long stored US user data in our own data centers in the US and Singapore. Our Virginia data center includes physical and logical safety controls such as gated entry points, firewalls, and intrusion detection technologies. It’s also important to maintain backup data storage locations to guard against catastrophic scenarios where user data could be lost, and our data center in Singapore serves as the backup data storage location for our US users.
For more than a year, we’ve been working with Oracle on several measures as part of our commercial relationship to better safeguard our app, systems, and the security of US user data. We’ve now reached a significant milestone in that work: we’ve changed the default storage location of US user data. Today, 100% of US user traffic is being routed to Oracle Cloud Infrastructure. We still use our US and Singapore data centers for backup, but as we continue our work we expect to delete US users’ private data from our own data centers and fully pivot to Oracle cloud servers located in the US. In addition, we’re working closely with Oracle to develop data management protocols that Oracle will audit and manage to give users even more peace of mind.
We’re also making operational changes in line with this work – including the new department we recently established, with US-based leadership, to solely manage US user data for TikTok. Together, these changes will enforce additional employee protections, provide more safeguards, and further minimize data transfer outside of the US. This is an important direction from a systems and data security standpoint, and part of our focus on preserving an interconnected experience for our global community while building a security-first culture.