TikTok Says Privacy ‘Will Remain a Priority’ in Oracle Deal, But Stops Short of EPIC’s Full Demands

October 1, 2020

TikTok, responding to a recent letter from EPIC, said that user privacy "will remain a priority for TikTok" if and when a deal with Oracle is finalized—but stopped short of agreeing to EPIC's full demands. Last month, after Oracle reached a tentative agreement to serve as TikTok's U.S. partner and "independently process TikTok's U.S. data," EPIC sent letters to both companies warning them of their legal obligation to protect the privacy of TikTok users. The deal would pair one of the largest brokers of personal data with a social network of 800 million users, posing grave privacy and legal risks. Although TikTok responded that it was "committed to helping ensure that any transfer and processing of personal data . . . complies with applicable law" and the company's privacy policies, TikTok did not agree to other EPIC demands, including a commitment not to merge user data with Oracle products. EPIC's letter warned Oracle and TikTok that unless they "adequately protect the privacy of TikTok users," EPIC intends to bring a lawsuit against both companies under the D.C. Consumer Protection Procedures Act. EPIC previously used the same law to force AccuWeather to stop deceptively gathering users' location data. EPIC and a coalition of consumer groups recently filed a Federal Trade Commission complaint against TikTok for violating the Children's Online Privacy Protection Act.

Support Our Work

EPIC's work is funded by the support of individuals like you, who allow us to continue to protect privacy, open government, and democratic values in the information age.