Oracle TikTok Data Security Allegations

For years, regulators and journalists asked me the same question about TikTok: How worried should we be about surveillance and manipulation risks from a Chinese app? My answer has been consistent: the risk is real, but it's equally real with US platforms. Twitter's transformation into X proved this. And now TikTok itself confirms it. One of the first visible actions taken after Oracle's joint venture took control of TikTok US was an update to the app's privacy policy: the platform now collects precise location data (previously prohibited) and has expanded the scope with which it can process sensitive data like religion, sexual orientation, and health status. aka, more discretionary power over your data and your algorithm for the US techno-oligarchic complex 🗽 https://lnkd.in/gcMtCFD9 ⬆️ Great report from Marcus Bösch to read more

THE TIKTOK DEAL – WHAT WE KNOW (SO FAR) A framework agreement is emerging between Washington & Beijing on TikTok. While nothing has been formally signed, here are the key terms being reported by privileged sources I've come across: 1. Two Entities, Two Roles - TikTok US Data Security Company (USDS) will be reshaped into a U.S.-based joint venture, majority-owned by external (largely American) investors. - USDS will manage U.S. user data, content safety, and software review - with Oracle reportedly overseeing data security. - Meanwhile, Byte TikTok US Company (still 100% ByteDance-owned) continues to run e-commerce, ads, and other commercial operations. 2. The Algorithm - ByteDance retains full intellectual property rights. - USDS will only get a license to use the recommendation engine. - Any licensing requires approval from China’s Ministry of Commerce under export-control law. 3. Governance & Ownership - Reports suggest six of seven board directors will be American - parties like Fox News - and U.S. investors will hold a majority stake. - ByteDance remains the single largest shareholder. The Trump administration is already selling this as a “win” at home. TikTok is likely to become a template for how global tech firms will be carved up, licensed, and firewalled in an era of tech sovereignty amidst the U.S.-China competition. Whatever the final form, this deal signals a new phase in global tech. It’s clearer than ever before, that we can’t separate economics from politics, and understanding the logic behind the politics makes a difference. _________ I am Kenny Lim, the China Whisperer | China-Mindset expert with 20+ years of cross-industry experience helping companies navigate Chinese competitors, stakeholders, strategy & culture. #LBFAlumni member at #SkyHighTower.

🔮 As Predicted: Oracle Takes the Helm of TikTok’s U.S. Future 🇺🇸 When Oracle was first announced as TikTok’s trusted technology partner, I wrote here that this wasn’t just about cloud hosting. It was a clear signal of where things were heading. Hosting U.S. TikTok data in Oracle’s Texas facilities wasn’t a technical footnote, it was about data sovereignty, national security and trust. Now that signal has played out. The “impossible” just happened: 🕰️ Timeline & Key Milestones • 2020: TikTok faces U.S. pressure over data security. Oracle chosen as hosting partner, a strategic move disguised as infrastructure. • 2021-2024: Regulatory scrutiny intensifies; bipartisan concern about foreign control of user data. • 2025: A consortium led by Oracle, Silver Lake and Andreessen Horowitz (a16z) finalizes a deal to take control of 80% of TikTok’s U.S. operations. ByteDance retains ~20%. 🧭 What’s Changing • A new U.S.-based TikTok entity will run separately from the global app. • Oracle hosts and secures U.S. user data, extending its role from custodian to lead operator. • The board will be U.S.-dominated, with one seat reserved for the U.S. government. • A U.S.-only app version is in development, built on a separated algorithm and data system. ⚠️ What’s Unclear • How much influence ByteDance still has over the algorithm. • How oversight, audits and algorithm transparency will work in practice. • How seamless the migration will be for 170M U.S. users, creators and advertisers. 🌍 Why It Matters • Geopolitics meets tech: This is about more than short videos, it’s a precedent for handling foreign-owned platforms under national security pressure. • For creators & brands: Expect potential changes in recommendation systems, monetization and moderation. Algorithm behavior may diverge. • For Oracle: A masterclass in strategy. By starting as a data host, it positioned itself to become a stakeholder, proving that infrastructure often dictates ownership. • For the industry: Cloud, data and AI partnerships are no longer “back-end details“, they’re the early signals of tectonic shifts in control and regulation. 🔭 Going Forward A Dec 2025 deadline looms for full compliance. The U.S. TikTok will face tighter oversight, government presence and market pressure. But the bigger picture is clear: what began as a hosting deal has transformed into structural separation and U.S. majority control. The lesson: watch the infrastructure moves. They are often the clearest indicators of where platforms and industries are headed.

The TikTok privacy debate did not end with the US agreement. It has escalated. TikTok has updated its US Privacy Policy. It is now one of the most aggressive data collection regimes of any mainstream consumer platform. It explicitly acknowledges the collection and processing of sensitive personal information under US state privacy laws. Named directly: • Racial or ethnic origin. • Religious or philosophical beliefs. • Mental and physical health data. • Sexual orientation. • Transgender or nonbinary status. • Citizenship or immigration status. • Precise location data. The policy goes further. TikTok is collecting far more than what users consciously share. Under the updated policy, it gathers what you provide, what it observes automatically, and what it receives from third parties. That includes account details and identity verification documents, private messages, drafts and unpublished content, AI prompts and interactions, clipboard content, purchase and payment data, contact lists and social graphs, and an extensive set of technical signals such as device identifiers, keystroke patterns, battery state, audio configurations, and activity tracked across devices. This is not incidental data leakage. It is formalized, permitted, and documented. Images and video are treated as analyzable environments. TikTok states that it "identifies objects and scenery, detects faces and other body parts, extracts spoken words, and collects metadata describing how, when, where, and by whom content was created." Post a photo near the Golden Gate Bridge and you are not just sharing a moment. You are generating structured data about place, time, environment, and your body, or body parts. Photos and videos are not just content. They are raw material for computer vision, biometric analysis, and location inference. Tik Tok will use all of the collected data, and maintains the right to sell all of it to interested third parties, from vendors to the federal government. Leaders must act on this immdiately. Privacy policies are not background reading. They are power documents. When they change, accountability shifts with them. If you are a user, a parent, a school, a youth facing organization, nonprofits, and public institutions that use TikTok as a communications channel, the update changes the governance calculus. Engagement is not a neutral act. It carries serious legal and ethical obligations tied to data protection, duty of care, and institutional risk. The new policy deserves close reading. At this stage of platform power, and scale of data collection, policy literacy is a governance responsibility, not a personal preference. Read the policy here: https://lnkd.in/ejbm8THx

Fortune [excerpt]: In a fresh broadside against one of the world’s most popular technology companies, the Justice Department late Friday accused #TikTok of harnessing the capability to gather bulk information on users based on views on divisive social issues like gun control, abortion and religion. Government lawyers wrote in documents filed to the federal appeals court in Washington that TikTok and its Beijing-based parent company #ByteDance used an internal web-suite system called Lark to enable TikTok employees to speak directly with ByteDance engineers in China. TikTok employees used Lark to send sensitive data about U.S. users, information that has wound up being stored on Chinese servers and accessible to ByteDance employees in China, federal officials said. One of Lark’s internal search tools, the filing states, permits ByteDance and TikTok employees in the U.S. and China to gather information on users’ content or expressions, including views on sensitive topics, such as abortion or religion. Last year, the Wall Street Journal reported TikTok had tracked users who watched #LGBTQ content through a dashboard the company said it had since deleted. The new court documents represent the government’s first major defense in a consequential legal battle over the future of the popular #socialmedia platform, which is used by more than 170 million Americans. Under a #law signed by President Joe Biden in April, the company could face a ban in a few months if it doesn’t break ties with ByteDance. The measure was passed with bipartisan support after lawmakers and administration officials expressed concerns that Chinese authorities could force ByteDance to hand over U.S. user #data or sway public opinion towards Beijing’s interests by manipulating the #algorithm that populates users’ feeds. The Justice Department warned, in stark terms, of the potential for what it called “covert #content manipulation” by the Chinese government, saying the algorithm could be designed to shape content that users receive. “By directing ByteDance or TikTok to covertly manipulate that algorithm, China could for example further its existing malign #influence operations and amplify its efforts to undermine trust in our democracy and exacerbate social divisions,” the brief states. The concern, the Justice Department said, is more than theoretical, alleging that TikTok and ByteDance employees are known to engage in a practice called “heating” in which certain videos are promoted in order to receive a certain number of views. While this capability enables TikTok to curate popular content and disseminate it more widely, U.S. officials posit it can also be used for nefarious purposes. Federal officials are asking the court to allow a classified version of its legal brief, which won’t be accessible to the two companies. #news #business