TikTok’s new US joint venture has made changes to its privacy policy that include expanding the type of location data the company can collect from its 200 million American users.
The new policy was published after investors closed a deal with TikTok’s Chinese owner ByteDance on Thursday to run the popular short-form video app’s business in the US.
The new joint venture said in its updated privacy terms that it may now “collect precise location data, depending on your settings” – a change from the previous policy which allowed for the collection of “approximate” location data.
TikTok did not immediately respond to the BBC’s request for comment on the change.
The company policy added that the sensitive personal information would be processed “in accordance with applicable law” and that users can turn off location services in their device settings at any time.
Even before the new venture was established, TikTok collected location information based on a user’s SIM card or IP address, or both.
But it stopped short of collecting even approximate GPS information from American users operating the most updated version of the app, according to a 2024 version of its privacy policy.
Precise location sharing hasn’t yet been enabled in the US, where it is expected to be optional and turned off by default so users will be asked to opt in with a pop-up message. TikTok has not said when the update is due to reach American users.
TikTok already collects similar data from users in the UK and Europe as part of a new “Nearby Feed” feature that lets users find events and businesses near them.
The new American TikTok joint venture is also extending its permissions for gathering information about users interactions with TikTok’s artificial intelligence (AI) tools.
This includes prompts and questions submitted by users, as well as information about how, when, and where AI content was prompted or created.
TikTok USDS Joint Venture LLC is comprised of three managing investors including cloud computing giant Oracle, which is investing heavily in AI infrastructure and has taken on significant debt to finance its ambitions in the burgeoning space.
Oracle is chaired by Larry Ellison, a Republican megadonor and longtime ally of US President Donald Trump, whose administration helped broker the US TikTok deal.
The agreement follows years of tussling between Washington and Beijing that began in Trump’s first presidential term, when he tried unsuccessfully to ban the app over national security concerns.
In 2024, the US passed a law that required the platform to be banned in the US by January 2025 if ByteDance failed to sell its US operations to American investors.
Trump repeatedly postponed the enforcement of legislation until the joint venture was finalised this week.
The 2024 law was prompted in part by concerns about the possibility that Beijing might access the data of TikTok’s American users.
In a statement onThursday, the new joint venture said its mandate was “to secure U.S. user data, apps and the algorithm through comprehensive data privacy and cybersecurity measures”.
Oracle will oversee the retraining of TikTok’s powerful content recommendation algorithm on existing American user data, the joint venture said in its statement, adding that the algorithm “will be secured in Oracle’s U.S. cloud environment.”
ByteDance retains a minority stake just shy of 20% in the joint venture.
Other managing investors include the US tech investment firm Silver Lake and Abu-Dhabi state-owned investment fund MGX, which has done business with the Trump family’s crypto venture World Liberty Financial.
On Friday, Republican Representative John Moolenaar, who chairs the House Select Committee on China, expressed concern about ByteDance’s ongoing involvement in TikTok’s US operations.
“Does this deal ensure China does not have influence over the algorithm? Can the parties involved assure Americans their data is secure?” he said in a statement.
“Those are questions that need to be answered as the Select Committee does oversight of this deal.”