Oracle will review TikTok source code to watch for Chinese access1 min read . Updated: 17 Sep 2020, 09:14 AM IST
Provision offered to the U.S. government by Beijing-based ByteDance in its effort to verify the security of TikTok
ByteDance Ltd. would allow Oracle Corp. to review TikTok’s source code and software to ensure there are no backdoors that allow the Chinese government or other entities to access the data, according to people familiar with the matter.
The provision is one of a number offered to the U.S. government by Beijing-based ByteDance in its effort to verify the security of TikTok, as part of a high-profile deal to allow the hot video-sharing app to remain in the U.S., the people said.
ByteDance would entrust the data on TikTok’s U.S. users exclusively to Oracle, which would oversee TikTok’s technical operations, said the people familiar with ByteDance’s proposal.
Oracle was announced on Monday as ByteDance’s technology partner in the proposed deal.
ByteDance has been working on measures related to the security of user data for the past several months, in response to concerns from U.S. officials that TikTok data could be shared with the Chinese government. Over the weekend, ByteDance submitted a proposal to the U.S. government that includes a number of items intended to address those security concerns.
The U.S. regulator that oversees cross-border deals, the Committee on Foreign Investment in the U.S., reviewed the deal late Tuesday but didn’t immediately announce a recommendation.
According to people with knowledge of the proposal, TikTok U.S. would be monitored by third parties. The terms include protocols for handling incidents that might arise. TikTok would also be required to submit reports regularly and establish protocols for handling incidents, the people said.
Oracle would regularly check data flows to confirm that data isn’t going anywhere it is not supposed to go, the people said.
U.S. board members would need to be approved by the U.S. government, and would include a data expert with national security credentials.
The deal talks are still fluid and these terms could still change, one of the people said. It is also possible a deal might not be reached or approved by President Trump.
One of the people cautioned that these measures could be onerous for ByteDance, TikTok and Oracle. They said there is little precedent for this type of oversight for consumer mobile apps in the U.S.
Some Republicans have criticized the proposed deal between Oracle and ByteDance as not doing enough to address national security concerns, and have asked for more information.
Write to Georgia Wells at Georgia.Wells@wsj.com and Aaron Tilley at email@example.com