In Letter to EPIC, Oracle Denies it Exploits Personal Data, Calls Privacy Risks to TikTok Users ‘Very Theoretical’

Oracle, responding to a recent demand letter from EPIC, insisted that there is "no discernable basis" to believe that its pending partnership with TikTok threatens the privacy of TikTok users. Calling the privacy risks that EPIC identified "very theoretical," Oracle General Counsel Dorian Daley charged that EPIC has "confused [Oracle] with large consumer-facing tech platforms that make their billions on advertising by exploiting the personal data of their users." However, the reliance of Oracle's business model on the exploitation of personal data is well documented, including in an exhaustive 2018 complaint from Privacy International that lays out the privacy harms caused by Oracle Data Cloud. As Oracle has itself acknowledged, "Oracle Data Cloud aggregates, analyzes, and activates consumer data, enabling marketers to connect to customers and prospects . . . target the right consumers, [and] personalize their experience." EPIC's letters to Oracle and TikTok warned that unless they "adequately protect the privacy of TikTok users," EPIC intends to bring a lawsuit against both companies under the D.C. Consumer Protection Procedures Act. EPIC previously used the same law to force AccuWeather to stop deceptively gathering users' location data. In a separate response to EPIC, TikTok said that user privacy "will remain a priority for TikTok" if and when a deal with Oracle is finalized—but stopped short of agreeing to EPIC's full demands.