TikTok said on Friday it is moving U.S. users’ data to Oracle servers stored in the United States. Overshadowing its migration announcement was a damning report that followed, claiming that TikTok staff in China had access to its U.S. users’ data as recently as this January.
The report from BuzzFeed News, which cites recordings from 80 TikTok internal meetings it obtained, claims that U.S. employees of TikTok repeatedly consulted with their colleagues in China to understand how U.S. user data flowed because they did not have the “permission or knowledge of how to access the data on their own.”
“Everything is seen in China,” the report said, quoting an unnamed member of TikTok’s Trust and Safety department as saying in a September 2021 meeting.
The report further casts doubt on the short video giant’s entanglement with Beijing, a long-running accusation amplified by former President Donald Trump, and the firm’s public comments about the independence of its U.S. unit.
U.S. officials have for years expressed concern that TikTok might let China’s authoritarian government have access to the data the firm collects from Americans and users from other nations. The matter escalated in September 2020, when the Trump administration said it would bar the Chinese-owned mobile apps WeChat and TikTok from U.S. app stores.
(India banned TikTok and several other Chinese-owned apps in 2020 citing national security concerns.)
TikTok — as well as its parent firm ByteDance — has publicly said it would never hand over U.S. users’ data. The firm also engaged with Microsoft and Oracle to sell the U.S. unit and explored selling stakes to U.S. investors to comply with Trump’s order.
Join 10k+ tech and VC leaders for growth and connections at Disrupt 2025
Netflix, Box, a16z, ElevenLabs, Wayve, Hugging Face, Elad Gil, Vinod Khosla — just some of the 250+ heavy hitters leading 200+ sessions designed to deliver the insights that fuel startup growth and sharpen your edge. Don’t miss the 20th anniversary of TechCrunch, and a chance to learn from the top voices in tech. Grab your ticket before doors open to save up to $444.
Join 10k+ tech and VC leaders for growth and connections at Disrupt 2025
Netflix, Box, a16z, ElevenLabs, Wayve, Hugging Face, Elad Gil, Vinod Khosla — just some of the 250+ heavy hitters leading 200+ sessions designed to deliver the insights that fuel startup growth and sharpen your edge. Don’t miss a chance to learn from the top voices in tech. Grab your ticket before doors open to save up to $444.
The Biden administration revoked the Trump-era executive order and replaced it with one that called for a broader review of a number of foreign-controlled apps that could pose a security threat to Americans and their data.
TikTok said in a blog post Friday that “100% of U.S. user traffic is being routed to Oracle Cloud Infrastructure” in the United States, with an asterisk. “We still use our U.S. and Singapore data centers for backup, but as we continue our work we expect to delete U.S. users’ private data from our own data centers and fully pivot to Oracle cloud servers located in the U.S.”
A report in March said the two firms were said to be close to finalizing a deal.
TikTok said Friday it is also “making operational changes,” including establishing a U.S.-based leadership to “solely manage U.S. user data for TikTok.”
“These are critical steps, but there is more we can do. We know we are among the most scrutinized platforms from a security standpoint, and we aim to remove any doubt about the security of US user data,” it added.
TikTok did not immediately respond to a request for comment on BuzzFeed News’ reporting.
