By Aruna Sharma, Global Head of Privacy & Regulatory Affairs

At TikTok, protecting the privacy and security of the people who use our platform is among our highest priorities. Today, we're celebrating Data Privacy Day and kicking off Privacy Awareness Month with a look back at some of our efforts this past year, which included:

  • Continuing to strengthen our data sovereignty efforts through establishing an entity called TikTok US Data Security (USDS) designed to oversee all aspects of the U.S. TikTok platform related to data and content. Additionally, we shared more details about TikTok's approach to safeguarding European user data and further minimising data transfers outside the region. This includes our previously announced intent to create a data center in Dublin to house UK & EEA data in 2023.
  • Providing more transparency into how our platform operates through developing research APIs and working with the research community while still respecting our community’s privacy. These APIs are now being tested by members of our content and Safety Advisory Councils, who have expertise in misinformation, violent extremism, hateful behavior and emerging technologies.
  • Updating our privacy policies in Europe and the U.S. to provide further transparency.
  • Creating the #BeCyberSmart series, a compilation of posts promoting best practices for online data safety and defending your digital footprint. Topics included recommendations related to information on PINs, verifying sites, and data back-ups, guidance for privacy controls, password management, the importance of two-step authentication and app updates plus much more.
  • Launching Privacy Highlights for Teens in the EU, an easier to understand, simplified new page intended to better educate young users on data privacy and feature privacy, the data we collect and how we may use it.
  • Celebrating our two year anniversary with HackerOne, encouraging ethical hackers to disclose vulnerabilites for us to quickly resolve before affecting our community. In addition to partnering with HackerOne for our bug bounty program, in 2022 we became a founding sponsor of HackerOne's Corporate Security Responsibility (CSecR) pledge, honoring transparency, collaboration, innovation, and differentiation as core principles to help create a safer digital world for everyone.
  • Updating our Community Guidelines to further support the well-being of our community and the integrity of the platform. We continued to emphasize the importance of transparency with our user community and defined the types of behavior and content that aren’t tolerated.
  • Continuing to expand our Privacy By Design Program. Privacy By Design is an internal initiative that puts privacy first by allowing us to build privacy into products and features for our platform throughout the development lifecycle.

In 2023 we will continue to build on these efforts. We'll continue to communicate around future updates and innovations centered on strengthening user privacy.