TikTok U.S. Joint Venture and Proposed Security Standards for Foreign-Owned Apps
TikTok announced the creation of TikTok USDS Joint Venture LLC to keep operating in the U.S. under a September 2025 executive order. Under the arrangement, ByteDance would reduce its ownership to 19.9%, with majority ownership shifting to majority-American investors; TikTok said the new entity will implement national-security safeguards including U.S.-based data protections and controls around the recommendation algorithm. The company stated that U.S. user data and algorithm security will be supported via Oracle’s U.S. cloud environment, and that the joint venture will run a cybersecurity and privacy program aligned to frameworks such as NIST CSF, NIST 800-53, and ISO 27001, with third-party auditing/certification; TikTok said similar safeguards would extend to other U.S.-available apps such as CapCut and Lemon8.
Separately, a policy commentary argued that the TikTok controversy highlights the lack of consistent U.S. standards governing foreign-owned apps—particularly around data ownership/access and algorithmic oversight—and called for clearer, enforceable requirements (e.g., upfront disclosure of who owns collected data and how users can opt out). While it does not add new incident details about TikTok’s joint venture, it frames the broader national-security and consumer-protection rationale for establishing uniform rules for foreign-based software providers operating in the U.S., citing TikTok and other China-linked apps as examples.
Sources
Related Stories
TikTok Ownership Transfer to US-Controlled Entity with Oracle as Security Partner
ByteDance has agreed to transfer majority ownership of TikTok to a group of US-based investors and allies, including Oracle, Silver Lake, and MGX, following prolonged negotiations and legal pressure from US lawmakers. Under the terms of the deal, US entities will control 80.1% of TikTok, while ByteDance retains a 19.9% stake and one board seat. Oracle will serve as a "trusted security partner," responsible for safeguarding US user data and ensuring that China-based ByteDance has no access to sensitive information or influence over the algorithm for US users. The agreement establishes TikTok's US operations as an independent entity with authority over data protection, algorithm security, content moderation, and software assurance. All US data will be stored in a secure cloud environment managed by Oracle. ByteDance will continue to manage global product interoperability and certain commercial activities, but the new structure is designed to address national security concerns about potential Chinese government access to US user data and content manipulation.
2 months ago
Regulatory Actions Target TikTok in the EU and US
The **European Commission** issued preliminary findings alleging TikTok’s product design violates the EU **Digital Services Act (DSA)**, arguing that features such as *infinite scroll*, *autoplay*, *push notifications*, and highly personalized recommendations can drive addictive use patterns and that protections for **minors** (including parental controls and screen-time tools) are insufficient. TikTok rejected the characterization and said it will contest the findings; potential outcomes include mandated changes to algorithms/interface design and fines of up to **6% of global annual revenue** if violations are confirmed. In the **United States**, TikTok’s continued operation has been tied to a divest-or-ban framework requiring **ByteDance** to divest its U.S. business or face removal from app stores and blocking by service providers, driven by longstanding concerns about data access and Chinese legal jurisdiction. The reference describes repeated deadline extensions via executive orders after an initial shutdown period, ongoing negotiations/interest from potential investors, and reporting that TikTok has explored a separate U.S.-specific app (“**M2**”) amid uncertainty over the platform’s final outcome in the U.S. market.
1 months ago
TikTok Service Disruption Linked to US Data Center Power Outage
TikTok experienced a widespread service disruption in which users reported broken or “glitchy” behavior, including an uncustomized *For You* feed, repeated or irrelevant content, and failures to upload videos. TikTok attributed the incident to a **power outage at a US data center**, stating it was working with its data center partner to stabilize service; user reports spiked on outage-tracking services during the event. Reporting also tied the outage to TikTok’s early period under **new US ownership/structure**, with commentary that the transition may introduce additional technical instability as the app’s algorithm and infrastructure are adjusted. Separately, TikTok’s updated US terms and privacy policy were reported to allow potentially expanded collection of user data (including **precise location** if permitted) and broader retention/linkage of **AI interaction metadata**, raising privacy and governance questions alongside reliability concerns during the transition.
1 months ago