TikTok announces Project Clover secure European data enclave

TikTok has announced details of Project Clover, which it said will create a secure European enclave for UK and EEA TikTok user data.

Project Clover will see TikTok introduce a number of measures to enhance its existing data protections. It will introduce security gateways that determine employee access to UK and European TikTok user data and data transfers outside of Europe. Any data access will not only comply with the relevant data protection laws but also have to first go through these security gateways and additional checks.

To provide independent oversight and checks of this, TikTok said it will appoint a third-party European data security partner, who will oversee and audit its data controls and protections, monitor data flows, provide independent verification and report any incidents.

TikTok said it will also work with third parties on incorporating the latest privacy-enhancing advanced technologies into its approach. This includes, but is not limited to, pseudonymisation of personal data, data aggregation, and a system known as differential privacy.

In addition to its European data centre in Dublin, announced last year, TikTok has also confirmed the details of two more European data centre sites – a second data centre in Dublin and a third in the Hamar region of Norway, the latter of which will be run on 100 per cent renewable energy.

The social platform will begin storing European TikTok user data locally this year, with migration continuing into 2024. Once complete, these three data centres will be the default storage location for TikToks European user data.

“Project Clover cements our long-standing commitment to data security in Europe, and will help ensure that our 150 million-strong European community enjoys industry-leading data protection and security,” said Theo Bertram, VP Public Policy & Government Relations at TikTok.