TikTok’s newly formed US joint venture has updated its privacy policy to include the collection of precise location data from its 200 million American users, marking a significant shift in data practices following the finalization of a deal this week. The change comes as part of broader adjustments to data handling under the new ownership structure aimed at addressing long-standing U.S. national security concerns.
The updated policy explicitly states that the company may now “collect precise location data, depending on your settings,” a departure from previous terms that allowed only for “approximate” location information. This precise data collection has not yet been activated in the U.S., where it is expected to be optional and turned off by default, requiring users to opt-in via a pop-up notification. TikTok has not specified when American users will encounter this update, but similar features are already in use in the UK and Europe through a “Nearby Feed” that helps users discover local events and businesses.
The policy revision followed the closure of a deal on Thursday between TikTok’s Chinese parent company ByteDance and a consortium of U.S. investors, creating TikTok USDS Joint Venture LLC. This entity now oversees the app’s operations in the United States, with managing investors including cloud computing giant Oracle, technology investment firm Silver Lake, and Abu Dhabi’s state-owned MGX fund. Oracle, chaired by longtime Trump ally Larry Ellison, will play a key role in securing and retraining TikTok’s content recommendation algorithm using American user data stored in its U.S. cloud environment.
This agreement culminates years of geopolitical tension, beginning during former President Donald Trump’s first term when he attempted to ban TikTok over fears that Beijing could access American user data. In 2024, Congress passed legislation mandating that ByteDance divest its U.S. operations by January 2025 or face a ban, a deadline repeatedly postponed until this week’s joint venture was finalized. The deal allows ByteDance to retain a minority stake of just under 20%, while transferring majority control to U.S.-based entities to alleviate security concerns.
Beyond location data, the new privacy terms expand permissions for gathering information on user interactions with TikTok’s artificial intelligence tools. This includes recording prompts and questions submitted to AI features, as well as metadata on how, when, and where such content is created. These changes aim to enhance AI functionality but also raise additional privacy considerations, as the joint venture seeks to balance innovation with data protection mandates.
Republican Representative John Moolenaar, who chairs the House Select Committee on China, voiced skepticism about the arrangement, questioning whether ByteDance’s continued involvement might allow Chinese influence over the algorithm. “Does this deal ensure China does not have influence over the algorithm? Can the parties involved assure Americans their data is secure?” he stated, emphasizing the need for rigorous oversight as the committee reviews the deal. Such concerns reflect ongoing bipartisan apprehension about data sovereignty and foreign access.
In response, the joint venture affirmed its commitment to “secure U.S. user data, apps and the algorithm through comprehensive data privacy and cybersecurity measures.” Oracle’s involvement is pivotal, as it will oversee the algorithm’s retraining and ensure it operates within a secured American cloud infrastructure. This setup is designed to prevent unauthorized access and align with U.S. regulatory expectations, though implementation details remain under scrutiny.
Looking ahead, American TikTok users will soon encounter prompts to enable precise location sharing, with the feature’s rollout timeline still undisclosed. The joint venture’s success in safeguarding data will be closely monitored by regulators and users alike, as it sets a precedent for how global tech platforms navigate U.S. security demands. This development not only reshapes TikTok’s operations but also signals a new chapter in the complex interplay between technology, privacy, and international politics.
