TikTok expands data collection in Europe, the United Kingdom and Switzerland

TikTok has announced several modifications to the extent of its data collection practices in Europe, the United Kingdom, and Switzerland. The document specifies that, starting on 30 November 2025, the service will now gather “precise location information from devices,” whereas previous versions only allow for using “approximate location.” The new policy also allows data collection from “interactions with websites within the in-app browser.” In addition, TikTok will no longer restrict itself to collecting data from “activity on and off the Platform,” extending data collection to “information associated with (…) user account[s].” Lastly, TikTok will explicitly scan direct messages for safety and protection.

A similar document previously existed for Canada, but it is currently unavailable. The new document also includes a link to an advertisement policy specific to the UK.

These additions are happening at a time when the United States and China are in the middle of a complex trade war, which impacts new technologies and their supply chains, including rare-earth metal provisioning and refinement.

TikTok, owned by the Chinese company Bytedance, is one of the fastest-growing social media platforms in the world. This growth has led to increased scrutiny from both the U.S. and Europe regarding security concerns surrounding the app’s vast user base. For example, TikTok has been designated by the European Commission as a Very Large Online Platform (VLOP) and is therefore subject to rigorous regulations and obligations in EU and EEA jurisdictions. The European Commission has already expressed concerns about TikTok’s excessive data collection for advertising purposes.

The Biden administration had initially considered banning the platform due to its lack of compliance. In response, ByteDance proactively removed the mobile app from both the Apple App Store and Google Play Store, effectively preventing US users from downloading the app for a month. Following the start of his presidency, President Donald Trump postponed the ban and has continued to delay enforcement. As of today, there are discussions about transferring the U.S. version of the app to Oracle. It remains unclear how this could affect service integrity and raise a new series of cross-jurisdictional data protection issues.