TikTok, responding to a recent letter from EPIC, said that user privacy "will remain a priority for TikTok" if and when a deal with Oracle is finalized—but stopped short of agreeing to EPIC's full demands. Last month, after Oracle reached a tentative agreement to serve as TikTok's U.S. partner and "independently process TikTok's U.S. data," EPIC sent letters to both companies warning them of their legal obligation to protect the privacy of TikTok users. The deal would pair one of the largest brokers of personal data with a social network of 800 million users, posing grave privacy and legal risks. Although TikTok responded that it was "committed to helping ensure that any transfer and processing of personal data . . . complies with applicable law" and the company's privacy policies, TikTok did not agree to other EPIC demands, including a commitment not to merge user data with Oracle products. EPIC's letter warned Oracle and TikTok that unless they "adequately protect the privacy of TikTok users," EPIC intends to bring a lawsuit against both companies under the D.C. Consumer Protection Procedures Act. EPIC previously used the same law to force AccuWeather to stop deceptively gathering users' location data. EPIC and a coalition of consumer groups recently filed a Federal Trade Commission complaint against TikTok for violating the Children's Online Privacy Protection Act.
Share this page:
Subscribe to the EPIC Alert
The EPIC Alert is a biweekly newsletter highlighting emerging privacy issues.