TikTok CEO Shou Zi Chew appeared before Congress on Thursday attempting to pacify lawmakers’ national security concerns about the Chinese-owned social media app. Mr. Chew was met with bipartisan hostility for the better part of the five-hour hearing. During the proceedings, lawmakers pointed to far-reaching Chinese laws that require companies to cooperate with authorities’ public security investigations and intelligence work.
In his attempt to reassure lawmakers, Chew frequently referenced “Project Texas,” so-named for the locus of its efforts to cordon off U.S. user data with the technology behemoth Oracle, headquartered in Austin, Texas. “American data stored on American soil by an American company overseen by American personnel. We call this initiative Project Texas,” said Chew.
TikTok developed Project Texas in response to executive orders issued by President Trump in the summer of 2020. The first one banned TikTok, and the other required divestiture. The TikTok ban was struck down in federal court and subsequently replaced with another executive order by the Biden Administration. The actions represent bipartisan concern over the national security implications of the social media app owned by ByteDance, a Chinese company, that enables access to vast amounts of user data.
TikTok has for years responded to data privacy concerns by promising that information gathered about users in the United States is stored in the United States, not in China. But according to leaked audio from more than 80 internal TikTok meetings, China-based employees of ByteDance have repeatedly accessed nonpublic data about US TikTok users.
Mistrust about TikTok’s intentions and security vulnerabilities were heightened last year when it was revealed that some ByteDance employees tried to find the sources of suspected leaks of internal conversations and business documents to journalists. The employees accessed the IP addresses and other data of two U.S. journalists and people connected to them through their TikTok apps. They attempted to determine if those individuals were within proximity of ByteDance employees.
Project Texas is an attempt by TikTok to calm concerns over access to user data by housing it with an entity that the company claims will operate independently of the Chinese parent company. The initiative creates a new entity that houses the functions of TikTok’s business that are most likely to cause national security concerns. Oracle will oversee data entering the entity and data exiting the entity to ensure that the data flows do not pose national security risks. It will be governed by an independent board of directors, according to TikTok.
TikTok claims the new entity will have teams that access U.S. user data, TikTok’s software code and back-end systems, and moderate content on the platform. It will replicate several of the core functions of TikTok’s global business, including human resources, engineering, user and product operations, privacy operations, trust and safety, legal, threat detection and response, and security risk and compliance.
Oracle Cloud will host the TikTok platform in the United States, including the algorithm and the content moderation functions. It will be responsible for monitoring data flowing into and out of the subsidiary. All U.S. data traffic will be routed through Oracle Cloud, according to TikTok.
But lawmakers were unconvinced. Rep. Frank Pallone (D-NJ) said, “I still believe that the Beijing communist government will still control and have the ability to influence what you do. And so this idea, this Project Texas is simply not acceptable.”
More than a dozen states have already banned TikTok from government-issued devices, including Texas. The University of Texas at Austin, Texas A&M University and Texas State University followed suit and banned the social media platform from their college campuses.
In a signal of the generally inhospitable tone toward TikTok during Thursday’s hearings, Rep. August Pfluger (R-Tex.) told Chew to rename Project Texas. “We don’t want your project,” he said.