BRUSSELS: The European Commission on Thursday banned TikTok on official devices used by staff amid concerns over data protection as the EU seeks to bolster its cybersecurity.
TikTok, whose parent company ByteDance is Chinese, has faced increasing Western scrutiny in recent months over fears about how much access Beijing has to user data.
The new ban also means European Commission staff cannot use the video-sharing app on personal devices including phones that have official EU communication apps installed.
Employees must remove the app as soon as possible and should do so by March 15.
EU spokeswoman Sonya Gospodinova said the corporate management board of the European Commission, the EU’s executive arm, had made the decision for security reasons.
“The measure aims to protect the Commission against cybersecurity threats and actions which may be exploited for cyberattacks against the corporate environment of the commission,” she said.
There was no immediate comment on whether other EU institutions such as the European Council, which represents member states, or the European Parliament would take similar measures.
After the news was made public, EU industry commissioner Thierry Breton pointed to the cybersecurity risks he said had informed the decision.
“As an institution, the European Commission has, from the beginning of the mandate, a very strong focus on cybersecurity, protecting our colleagues and, of course, everyone who is working here in the Commission,” Breton told reporters.
A spokesperson for TikTok said it was “disappointed with this decision, which we believe to be misguided and based on fundamental misconceptions”.
In November, TikTok admitted some staff in China can access the data of European users.
The company however denies that the Chinese government has any control or access.
TikTok on Thursday stressed it protects the data of 125 million users monthly in the European Union on its app and was taking steps to strengthen data security.
“We’re continuing to enhance our approach to data security, including by establishing three data centres in Europe to store user data locally; further reducing employee access to data; and minimising data flows outside of Europe,” the firm said.
The United States last year banned the app from federal government devices, and some US lawmakers are trying to prohibit TikTok from operating in the United States.
Last month, the Dutch government reportedly advised public officials to steer clear of the app over similar concerns.
TikTok chief executive Shou Zi Chew was in Brussels last month for talks with EU officials during which they warned TikTok to ensure the safety of European users’ data.
The company has said it is setting up centres in Europe to store user data locally and has promised to further reduce employee access to data.
TikTok also promised last year to hold US users’ data in the United States to allay Washington’s concerns.
The European Union has taken a tough line on technology companies, passing two major laws to make sure social media platforms adhere to the bloc’s rules on digital issues.
The Digital Services Act (DSA) forces social media platforms, online marketplaces and search engines to react more quickly to remove content deemed in breach of EU regulations.
The other, the Digital Markets Act (DMA), prohibits anti-competitive behaviour by the so-called “gatekeepers” of the internet.
TikTok, whose parent company ByteDance is Chinese, has faced increasing Western scrutiny in recent months over fears about how much access Beijing has to user data.
The new ban also means European Commission staff cannot use the video-sharing app on personal devices including phones that have official EU communication apps installed.
Employees must remove the app as soon as possible and should do so by March 15.
EU spokeswoman Sonya Gospodinova said the corporate management board of the European Commission, the EU’s executive arm, had made the decision for security reasons.
“The measure aims to protect the Commission against cybersecurity threats and actions which may be exploited for cyberattacks against the corporate environment of the commission,” she said.
There was no immediate comment on whether other EU institutions such as the European Council, which represents member states, or the European Parliament would take similar measures.
After the news was made public, EU industry commissioner Thierry Breton pointed to the cybersecurity risks he said had informed the decision.
“As an institution, the European Commission has, from the beginning of the mandate, a very strong focus on cybersecurity, protecting our colleagues and, of course, everyone who is working here in the Commission,” Breton told reporters.
A spokesperson for TikTok said it was “disappointed with this decision, which we believe to be misguided and based on fundamental misconceptions”.
In November, TikTok admitted some staff in China can access the data of European users.
The company however denies that the Chinese government has any control or access.
TikTok on Thursday stressed it protects the data of 125 million users monthly in the European Union on its app and was taking steps to strengthen data security.
“We’re continuing to enhance our approach to data security, including by establishing three data centres in Europe to store user data locally; further reducing employee access to data; and minimising data flows outside of Europe,” the firm said.
The United States last year banned the app from federal government devices, and some US lawmakers are trying to prohibit TikTok from operating in the United States.
Last month, the Dutch government reportedly advised public officials to steer clear of the app over similar concerns.
TikTok chief executive Shou Zi Chew was in Brussels last month for talks with EU officials during which they warned TikTok to ensure the safety of European users’ data.
The company has said it is setting up centres in Europe to store user data locally and has promised to further reduce employee access to data.
TikTok also promised last year to hold US users’ data in the United States to allay Washington’s concerns.
The European Union has taken a tough line on technology companies, passing two major laws to make sure social media platforms adhere to the bloc’s rules on digital issues.
The Digital Services Act (DSA) forces social media platforms, online marketplaces and search engines to react more quickly to remove content deemed in breach of EU regulations.
The other, the Digital Markets Act (DMA), prohibits anti-competitive behaviour by the so-called “gatekeepers” of the internet.