TikTok announced on July 15 that its current Global Chief Security Officer (CSO), Roland Cloutier, will be changing his role from September 2 to take care of the strategy focused on “the business impact of security and trust programs“. It is Kim Albarella who will take up her post on an interim basis.
Easy access to data
This reorganization comes as the United States has increased pressure on the social network, which belongs to the Chinese company ByteDance, since revelations from BuzzFeed News. These show from more than 80 recordings of internal meetings that ByteDance employees had access to the data of American users of TikTok.
Two things worry Washington: that the Chinese government can access Americans’ data via ByteDance and that the application’s algorithm influences users by highlighting certain videos over others. Remember on this last point that a large part of TikTok users are children or young adults.
For Shou Zi Chew, the CEO of TikTok, the objective of this internal reorganization is to “minimize concerns about user data security in the United States“.”We are confident in Kim’s deep understanding of security issues, combined with his 20+ years of leadership and communications experience.“, he added. It remains to be seen whether this change will not only be an announcement effect and will have a concrete impact.
TikTok tries to reassure
In response to the BuzzFeed News revelations, numerous US senators have written to TikTok to express concerns about the company’s policy on access to user data. The social network responded in a letter admitting that some of its employees in China had access to the data “subject to a series of robust cybersecurity controls and authorization approval protocols overseen by our US-based security team“.
He also recalled that he was working on the “Texas project” to strengthen data security for American users. This project, still very vague, would aim to store all of their data in data centers belonging to the American company Oracle.
In Europe too, TikTok is the subject of a certain mistrust. The Garante per la protezione dei dati personali (GPDP), the Italian equivalent of the National Commission for Computing and Liberties (Cnil), warned him that it was illegal to use the personal data stored on the devices. of its users”to profile them and send them personalized advertisements in the absence of explicit consent“.