TikTok has announced that it will be adding to its European data centers in a bid to stay in compliance with EU rules and reassure users in the region. The video sharing platform has announced plans for a new data center in Ireland and a third in the early discussion phase.
The company is currently working on opening the first of its European data centers in Dublin, something that has been in the works for over a year now. Its EU user data is currently stored in the United States and Singapore to avoid servers in China, though the company has run into numerous issues under this plan.
TikTok’s planned European data centers underway in 2023 and 2024
The European data centers are meant to address concerns about foreign government access to user data. China has been the primary concern, given the government’s policy of accessing essentially whatever it likes that is hosted in the country whenever it likes. But the use of servers in the US and Singapore as an alternative raises its own potential issues. Neither country has received a “third country” adequacy approval as a data transfer partner, and the unacceptability of the US for this purpose is the thing that kicked off this round of adequacy decisions to begin with.
Seeking to assuage both regulator and general public concerns about data security, TikTok is looking to a data localization strategy to ensure it is within the bounds of EU rules. The European data centers are not yet ready, however, and may still be some time in coming. The first was initially scheduled to be open by this point, but TikTok has pushed back the opening to this year. The company says it is “finalizing plans” for the second Ireland data center, and the third (with a location to be named later) is apparently still in the discussion phases. TikTok said that it plans to begin migrating data in 2023 and “continuing into 2024,” however, implying that it at least expects the first data center to be fully up and running by the end of the year.
The company is facing stricter EU rules under the Digital Services Act (DSA), which requires tech platforms to disclose their active user numbers and creates special requirements for those with at least 45 million monthly active users over the prior six months. The company is now subject to more auditing requirements, must create a code of conduct, and must share a greater degree of data with authorities. Platforms are given four months to come into compliance with DSA terms once eligible and face heavy fines if they do not. At over 100 million monthly users in the EU, TikTok more than qualifies for the more stringent EU rules.
EU rules pushing large firms to localize data
The 2020 Schrems II decision caused an update to EU rules that some companies are still figuring out how to adapt to. Thus far, foreign tech firms have been largely hesitant to solve the issue by investing in European data centers; the general solution has been a combination of standard contractual clauses backed by measures such as encryption and holding of data in trusted third countries, and hope that the US and other holdouts can hammer out new agreements to replace the former compacts (such as Privacy Shield).
TikTok is in a unique position among the major social media platforms that are widely used in the West, given that its headquarters are in Beijing. The company has already run into trouble over this in the US, with threats of a total ban in the country coming and going ever since the final year of the Trump administration. TikTok seemed to smooth over this rough patch with its move of non-Chinese user data to the US and Singapore, combined with assurances that Chinese employees would not have access to it; calls for bans have emerged again recently, however, as leaks have revealed that Western data is not as siloed as TikTok promised it would be.
Those calls for bans seem to have spread to the EU as of late. In January, European Commissioner Thierry Breton told TikTok CEO Shou Zi Chew that failure to get into compliance with EU rules in the coming months (specifically the Digital Services Act) could end with the app being banned from the bloc. Chew recently traveled to Brussels to offer personal assurances to antitrust investigators that the app will comply with all EU rules and is renewing its commitments to child safety and personal privacy protection.TikTok is currently working on opening the first of its European data centers in Dublin, as it faces the prospect of a ban if it does not come into #compliance with EU rules under the #Digital Services Act. #privacy #respectdataClick to Tweet
European data centers are not an inexpensive proposition, at an estimated cost of $10 to $12 million per megawatt of power in the region. TikTok’s first Dublin center is expected to cost about $500 million when all is said and done.