The EU has banned the social media app TikTok from its corporate devices citing data protection concerns. It follows internal commissioner Thierry Breton’s warning to the Byte Dance-owned app to follow the EU’s rules or face being banned across the Member States.
The EU’s executive IT service emailed all Commission employees yesterday morning (23rd February), requesting that TikTok be uninstalled from their corporate devices. It also asked that any personal devices that were enrolled in the EU’s mobile device services needed to be purged of the social reel app.
In an email seen by EURACTIV, the EU said that they were making the request to “protect the Commission’s data and increase its cybersecurity”. The EU’s corporate management board said that employees had until 15 March 2023 to comply, or they would not be able to access corporate apps such as EU emails or Skype for Business from their devices.
The move has struck a chord with other countries including Australia and the UK, with some experts pushing for the same action in the name of data security. The Netherlands has already told its politicians to refrain from using TikTok and the US has banned using the app on government-owned devices.
The concerns around data protection have followed scandals such as TikTok’s parent company, Byte Dance, accessing US user data and surveilling journalists there who were critical of the Chinese-based company. TikTok itself has 150 million users in Europe, according to its latest figures.
EU Commissioner has made his feelings clear to TikTok on data protection
Commissioner for the Internal Market, Thierry Breton, has already taken his stance on apps such as TikTok to the public. In a LinkedIn post in January 2023, ‘Are some social media a wolf in disguise?‘, he described social media companies as a “geopolitical challenge”, explaining that some platforms popular with younger generations are like a “wolf in sheep’s clothing”, due to dangers behind seemingly fun and harmless features.
While he didn’t call out TikTok and parent company Byte Dance directly, Breton referred to issues with certain platforms including “use of the platform for spying on reporters”. In November 2022, Byte Dance confirmed to Forbes that the TikTok app had been used to monitor US reporters who had been critical of the company. It resulted in the firing of chief internal auditor Chris Lepitak and the resignation of executive Song Ye.
Breton went on to say that platforms such as TikTok collect data from European users and send the data outside of Europe, which he says raises geopolitical issues.
“One of the most significant concerns is that the data collected by these platforms may be used for political or economic gain by other countries,” he wrote. “Additionally, the sending of data outside of Europe also raises concerns about the protection of personal information, as different continents have different regulations and values regarding data privacy.”
TikTok updated its privacy policy in November 2022 to tell its European users that their data could be accessed by employees outside of the region.
In a statement, Elaine Fox, head of privacy, at TikTok, said: “Based on a demonstrated need to do their job, subject to a series of robust security controls and approval protocols, and by way of methods that are recognised under the GDPR, we allow certain employees within our corporate group located in Brazil, Canada, China, Israel, Japan, Malaysia, Philippines, Singapore, South Korea, and the United States, remote access to TikTok European user data.”
The Netherlands had already put a “pause” on TikTok being used by government officials on their phones for “media purposes.” In November, the Dutch government coalition party called for a total ban on the app.
TikTok says that EU ban is ‘misguided’
Amid the scandals from the US, TikTok has been trying to appease the EU with more investment in its European operations.
In a post by Rich Waterworth, general manager of operations in Europe, TikTok, wrote that the company had submitted its first baseline report in accordance with the EU’s Code of Practice on Disinformation.
He said that more than 2,500 data points on the implementation and enforcement of TikTok’s policies across 30 European countries had been included in the report and that the company had been expanding its team with “additional expertise” to ensure future compliance with the EU’s Digital Services Act (DSA). In Europe, more than 5,000 people work for TikTok in Belgium, France, Germany, Ireland, Italy, the Netherlands, Poland, Spain, Sweden and the UK.
“We fully recognise the importance of continuing to invest in Europe to support this thriving community,” he wrote.
The executive went on to say that the company is opening a physical European Transparency and Accountability Centre in Dublin, Ireland, in March 2023, as well as two additional data centres to minimise data flows outside of Europe. One has already been announced in Dublin.
Tech Monitor contacted TikTok for its response to the ban by the EU on its app. A spokesperson said: “We believe this suspension is misguided and based on fundamental misconceptions.” The company said that the EU hadn’t contacted them nor offered them an explanation: “We have requested a meeting to set the record straight on how we protect the data of the 125 million people across the EU who come to TikTok every month.”
Other countries react to the EU’s ban on TikTok
Politicians in nations such as Australia and the UK have reacted similarly to the ban, calling on their leaders to take a firm stance with TikTok.
Senator James Paterson, Liberal Senator for Victoria, Australia, and Shadow Minister for Cyber Security & Countering Foreign Interference, took to Twitter to say that the move was “positive” while affirming his position that Australia needed to take action.
“Australia cannot fall behind and must take the same action – as well as protect the millions of citizens who use the app now widely acknowledged as a national security risk,” he tweeted.
Yesterday, Australia’s eSafety Commissioner served legal notices under the new ‘Basic Online Safety Expectations’ to TikTok as well as Twitter and Google, which will require them to answer questions about how they are tackling online child sexual abuse.
In the UK, Prime Minister Rishi Sunak has faced pressure to follow the EU’s lead. Former Conservative Party leader Iain Duncan Smith, who is one of the MPs sanctioned by China, has said that the UK government has been “left behind” and that even when faced with evidence that TikTok poses a security threat to the nation, “it drags its feet”.
“Our response and remedial action have been pretty weak, and now we’re lagging behind with TikTok,” said Duncan Smith, who is also the British co-chair of the Inter-Parliamentary Alliance on China. “The prime minister has an opportunity to take control of China policy and it’s a critical time to do so.”
The UK prime minister’s official spokesman told The Mirror that it was a matter for “individual departments and ministers to decide what platforms to use”. Last year, the Speaker of the House of Commons ordered a parliamentary TikTok account to be closed following the sanction of several British and European MPs by China.