TikTok announces new measures to strengthen European user data protections

‘Project Clover’ intends to not only meet European data security standards, but ideally set new ones.

TikTok has announced several new measures to enhance its existing data protections with the introduction of ‘Project Clover’.

The project will create a secure European enclave for UK and EEA TikTok user data and includes the opening of new data centres in Ireland and Norway, the latter of which will be run on 100% renewable energy.

Once complete, these two new data centres, along with another already under construction in Dublin, will become the default storage location for TikTok's European user data, with a total annual investment of €1.2bn.

Additionally, to provide independent oversight, the platform announced the appointment of a third party European partner to oversee and audit data security from TikTok in Europe.

The social media platform views these enhancements as building upon its security approach in the US, intending to further align its data management by introducing security gateways that minimise employee access to UK and European TikTok user data and data transfers from outside of Europe.

Supposedly, with these new measures, any data access will not only comply with the relevant data protection laws but also have to first go through these security gateways and additional checks.

Implementing the latest privacy-enhancing tech

In addition to the new UK and EEA measures, TikTok will work with third parties to incorporate the latest privacy-enhancing advanced technology into its approach, including pseudonymisation of personal data, data aggregation and a system known as ‘differential privacy’.

An internal team has been heading up Project Clover since last year and its implementation will continue throughout the year and into 2024. TikTok expects to start storing European data in its new data centres later this year, with migration continuing into the next.

Once completed, the measures will ideally see TikTok leapfrog industry standards for European data security to begin setting new standards altogether. The plan is built upon the principles of containing European user data locally, minimising data flows outside of Europe and further reducing employee access to user data.

Theo Bertram, VP of Public Policy and Government Relations at TikTok said: "Project Clover cements our long-standing commitment to data security in Europe and will help ensure that our 150-million-strong European community enjoys industry-leading data protection and security."