TikTok takes national security concerns seriously and continues to take proactive steps to ensure U.S. user data is protected through TikTok U.S. Data Security Inc. - a subsidiary designed to address national security concerns and maintain transparency and oversight.

What is TikTok U.S. Data Security?

In 2022, TikTok established the TikTok U.S. Data Security Inc. subsidiary, through which we’ve voluntarily implemented technical and operational safeguards to address national security concerns while enhancing transparency. This special purpose subsidiary is staffed by 2,000+ U.S.-based employees (with some exceptions in the U.K. and Australia to provide 24/7 support). USDS controls access to protected U.S. user data, content recommendation, and moderation systems in the secure Oracle Cloud. This structure brings heightened focus and governance to TikTok’s operations in the U.S. including data protection policies and content assurance protocols to keep U.S. users and their data safe so that users can have an authentic experience on TikTok.

A Secure Environment for the U.S. App

Protected U.S. user data is stored by default in the Oracle Cloud with controlled and monitored gateways. Only approved USDS personnel have access to protected U.S. user data in the Oracle cloud.

Our Dedicated Transparency Centers (DTC) provide our trusted third parties, such as Oracle and the Independent Security Inspectors, with access to TikTok’s full source code, including the algorithms that power our recommendation system.

Oracle and Independent Security Inspectors have had ongoing access to analyze and validate source code, including mobile app code, backend services, third-party libraries, and recommendation algorithms. This began with the first DTC which was launched two years ago in Columbia, Maryland, where Oracle still sits and analyzes code today.

Over the past two years, we have scaled up four additional DTCs across the United States, United Kingdom, and Australia, to expand capacity to enable full-time, comprehensive reviews by over 100 hundred analysts covering every component of TikTok’s platform.

How the Dedicated Transparency Centers Work

Dedicated Transparency Centers provide secure environments where trusted third parties, such as Oracle and Independent Security Inspectors can manually inspect TikTok’s platform.

The reviews focus on:

  • Algorithms: Examines recommendation systems to confirm alignment with platform guidelines.
  • Mobile App Code: Verifies security and functionality of the TikTok app.
  • Backend Services: Provides secure infrastructure supporting the app.
  • Third-Party Libraries: Identifies and addresses risks from external code integrations.

The source code is converted into the mobile app using Oracle's build pipeline, helping ensure that the code reviewed in the DTCs is the same code deployed in U.S. app stores and backend systems, providing full traceability and integrity.

Ensuring Security and Protecting TikTok’s Intellectual Property

While providing full transparency, the DTCs also safeguard TikTok’s proprietary technology and sensitive information. The secure environments feature:

  • Physical Security: 24/7 monitoring, controlled access, and security personnel.
  • Digital Safeguards: Data loss prevention (DLP) tools and traffic monitoring protect proprietary code and sensitive information.

These safeguards allow third parties to conduct thorough and independent reviews without compromising TikTok’s intellectual property or platform security.

Two Years of Uninterrupted Access

Oracle has conducted ongoing analysis of TikTok’s platform including the recommendation system and algorithm, reviewing how content is surfaced and ensuring alignment with our commitments. This long-term access reflects TikTok’s dedication to earning trust through accountability.

Setting a New Standard for Transparency

Over the past two years, we have provided unprecedented transparency by opening our systems to independent third-party audits and oversight. This proactive approach sets a new benchmark for accountability and compliance.

The facts are clear: TikTok has gone further than any other platform in protecting U.S. user data.

For additional facts on how we protect national security interests, click here.