Will the daily data of Americans being transferred from TikTok to Oracle make personal privacy and algorithmic push notifications safer?

Recently, one of the most followed news stories is that TikTok will be bought by Oracle, as the U.S. government announced a “security protocol” with TikTok, where U.S. tech giant Oracle will take over the data storage and security management of TikTok in the United States. According to White House officials, this move aims to prevent Chinese companies (like its parent company ByteDance) from holding American users' personal data and spreading fake news. However, can the transfer of management truly protect personal data and make content delivery safer? This is worth further consideration.

Moreover, although the specific transaction amount has not been disclosed, the officials are optimistic that this protocol will bring up to $178 billion in economic activity to the United States over the next four years. Is it secure, or is it merely a transfer of risk? Theoretically, storing data within the United States and having American companies manage it does reduce the likelihood of the Chinese government demanding companies hand over personal data. However, does this mean that American users' daily personal information is now completely worry-free?

Major changes after TikTok transferred to Oracle

According to official statements from the White House, the protocol between TikTok and the U.S. government includes the following key points:

1. User data from the United States will be stored entirely on domestic soil and managed by servers operated by Oracle Corporation.

2. Oracle will become a “trusted security provider,” independently regulating the data security of all American users of TikTok.

3. TikTok's algorithm will be retrained and run in the United States, independent of its parent company ByteDance.

4. A board with a background in national security and cybersecurity will be responsible for the oversight and operational decisions of TikTok's U.S. business.

Data centralization remains a risk point.

Although Oracle is regarded as a veteran enterprise in cybersecurity, any centralized data platform is at risk of being hacked, misused, or manipulated for other political purposes. This also means that while data is transferred from China to the United States, it still follows the “data centralized management” model, and the essence of the risk has not disappeared, it has merely shifted direction.

Is the push notification mechanism really “decoupled”?

The White House spokesperson stated that TikTok's algorithm will be retrained and operated in the United States, but there are still many unresolved issues behind this. First, retraining the algorithm requires a large amount of data and time; during the transition period, will there still be technical involvement from ByteDance? Secondly, the control and ownership of the algorithm's source code have not been fully disclosed or made transparent, making it difficult for the outside world to determine whether the so-called guarantee of being “not under Chinese control” can truly be realized.

Another form of political manipulation and surveillance?

When the data is transferred to enterprises that can be controlled by the U.S. government, is it just that “the Chinese government is not allowed to monitor Americans” but instead “the U.S. government finds it more convenient to monitor Americans”? After all, there have been precedents of social platforms collaborating with the government in the U.S. for big data analysis and advertising manipulation.

Can businesses and creators feel secure?

For general users and creators relying on TikTok marketing, this protocol may be a short-term benefit: TikTok will not be banned, services will not be interrupted, platform stability will increase, and it may attract more advertising budgets. However, in the long term, will the use of data and the platform's content control lean more towards political or commercial interests? This still needs to be observed continuously.

More secure, or should it be managed in a different way?

The practice of having TikTok's data managed by Oracle undoubtedly gives the U.S. government an upper hand in data control. However, whether personal data and content delivery are therefore “safer” still depends on Oracle's management transparency, the extent of government intervention, and whether the mechanisms for protecting user rights are in place. After all, transferring data from one controller to another is essentially still a “top-down” approach to data governance; true digital privacy and autonomy still have a long way to go.

The author observes: the computational problem remains unsolved, and social influence needs to be taken more seriously.

The author observes that although this protocol seems to take a step forward in data security, the most controversial aspects of the TikTok platform, such as the “idiot challenge” videos that spread virally, AI-generated fake news content, and the algorithmic promotion mechanisms that lead to bullying, discrimination, and extreme behaviors among teenagers, still lack systematic solutions. These issues cannot be simply resolved by relocating servers to the United States or changing data managers.

If the platform continues to aim at maximizing viewing time and interaction numbers, it will be difficult for the algorithm not to continue pushing extreme, emotional, or even harmful content. From this perspective, the concern over where the data “exists” is significant, but society should also care about how the platform “operates” and what its long-term impact on teenagers and democratic societies is.

This article discusses whether the daily data of Americans being transferred from TikTok to Oracle will be safer in terms of personal privacy and algorithmic recommendations. It first appeared in Chain News ABMedia.