TikTok Announces New EU Data Center to Separate User Info

Fresh from being hit with another big fine in EU over data transfers back to China, TikTok has announced another advance in its “Project Clover” EU data separation project, with a new data center now set to be built in Finland, providing another means to keep EU user data separate from its Chinese parent.

Project Clover is TikTok’s grand plan to ensure separation of EU user data, in alignment with regional rules, by creating data centers for European user info within EU borders. Already, Project Clover has seen the activation of new data centers in Norway and Ireland, with its Finnish project set to provide more capacity to keep EU user data isolated.

As explained by TikTok:

“Through a €1 billion investment, a new data center will be built in Kouvola by local developer HyperCo Oy. This project is a core part of Project Clover, our €12 billion initiative which is delivering industry-leading protections for the data of our 175 million-strong European community.”

TikTok has hoped that Project Clover, much like its “Project Texas” in the U.S., would meet regulatory requirements, and provide the necessary assurance that the company is not transferring people’s personal info back to China, where it may be passed onto the Chinese government.

European GDPR protections on this front are very explicit, and as noted, earlier this week, the Irish Data Protection Commission (DPC) issued a €530 million ($US341 million) to the company for infringements of said regulations.

TikTok has vowed to challenge the ruling, and has once again reiterated that it has never received a request for European user data from the Chinese authorities, and has never provided European user data to them.

But try as it might, TikTok has still faced a range of related penalties in Europe and the U.S., due to concerns that its systems are intrinsically tied to the CCP, and could be used for nefarious purpose.

And to at least some degree, there is precedent to support that thinking.

For years, CCP-supported operatives have been using virtually every Western social media platform to seed pro-China narratives, generally by using pages and profiles to distribute real news and information, in order to build an audience, then injecting politically-aligned, pro-CCP messages into the mix.

In 2022, for example, Google disrupted over 50,000 instances of a Chinese influence program called “Dragonbridge” across YouTube, Blogger, and AdSense, while Meta has also detected many instances of Chinese influence operations, with the company removing almost 5,000 Facebook profiles linked to one such program in a single quarter in 2023. Just last year, in the lead-up to the U.S. election, Microsoft warned that it had found various Chinese-based groups seeking to influence voters through coordinated social media activity.

Given the scale of such activities in other social media apps, it stands to reason that TikTok, which is more directly accessible by those same operatives, would be even more of a vector for such, and that’s seemingly what cybersecurity officials have been warning about in their classified briefings.

But at the same time, TikTok has now spent billions on its various data separation projects, and it would seem counterproductive to undermine that by enabling meddling from Chinese groups.

But the concerns remain, which is why TikTok is still technically banned in the U.S., and why EU authorities continue to investigate and prosecute the app for violations of data sharing rules.

Hopefully, for TikTok’s sake, Project Clover will address this, but even once fully enacted, it may not be enough to meet all of the EU requirements.