TikTok: why EU bodies have banned social media app on staff phones - ‘security’ and ‘data’ concerns explained

Two of the European Union’s biggest policy-making institutions have banned TikTok from staff phones, citing ‘cybersecurity’ and ‘data protection’ concerns.

The request to uninstall the social media app, owned by Chinese firm ByteDance, was communicated via email to officials from the European Commission and European Council on Thursday (23 February). EU industry chief Thierry Breton declined to say whether there had been any incidents that had sparked the ban.

It comes as TikTok continues to face scrutiny from governments and regulators around the world, with concerns raised over the app’s possible harvesting of users’ data - as well as how China may use this information to advance its interests. As ByteDance has its headquarters in Beijing, there are also worries that the firm is subject to the influence of the Chinese Communist Party.

Employees have been asked to delete the app as soon as possible - and by no later than 15 March. For those who do not comply by the set deadline, corporate apps such as email and Skype for Business will no longer be available on work devices - or on personal ones “enrolled in the Commission mobile device service.”

Responding to the news, TikTok said it was disappointed that the Commission had not reached out before implementing the ban. A spokesperson commented: “We are disappointed with this decision, which we believe to be misguided and based on fundamental misconceptions. We have contacted the Commission to set the record straight and explain how we protect the data of the 125 million people across the EU who come to TikTok every month.”

The EU is not alone in voicing concerns about the app. In December, the United States Senate passed a bill to bar federal employees from using TikTok on government-owned devices. The app is completely banned in India.

In August, the UK Parliament closed its newly-opened TikTok account after a group of MPs said they were worried about data breaches and national security. In a letter to the Speakers of the Commons and Lords, they said they were “surprised and disappointed” that an account had been launched, after “recent reports have made clear… TikTok data is routinely transferred to China.”

The letter, primarily authored by Tory MP Nus Ghani, continued: “The prospect of Xi Jinping’s Government having access to personal data on our children’s phones ought to be a cause for major concern.” His words came after seven MPs and peers were sanctioned by the Beijing Government for speaking out against its human rights abuses.

Meanwhile, just a few days ago, Foreign Affairs Committee chair and Tory MP Alicia Kearns urged users to “without question” delete the app, as she suggested the video-sharing platform is linked to China’s efforts to build a “tech totalitarian state”.

In the past, TikTok has tried to calm fears by keeping foreign users’ data out of China - with ByteDance incorporated in the Cayman Islands and users’ data reportedly stored in the US and Singapore.

But a BuzzFeed report published in June detailed a leaked voice recording, in which a member of TikTok’s Trust and Safety Department was quoted as saying: “Everything is seen in China.” Then, in November, TikTok admitted that users’ personal data could be accessed in its headquarters in Beijing.

Elaine Fox, TikTok’s head of privacy in Europe, said: “Based on a demonstrated need to do their job - subject to a series of robust security controls and approval protocols, and by way of methods that are recognised under the GDPR - we allow certain employees within our corporate group remote access to TikTok European user data.”

She said the countries these employees were located in included “Brazil, Canada, China, Israel, Japan, Malaysia, Philippines, Singapore, South Korea, and the US.