TikTok has quietly adjusted its privacy and data-sharing policies this year, sparking growing concern among users and privacy advocates. The changes were made as the company engaged in negotiations with the Trump administration to maintain its operations in the United States, where it serves over 170 million users.
The revised policies expand TikTok’s authority to share data with not just law enforcement, but also “regulatory authorities, where relevant.” They also weaken earlier promises to inform users before handing over their information to government agencies — a shift that experts say could make it harder for individuals to know when their data is being accessed.
These updates, made without major public disclosure, have raised fresh concerns over whether TikTok might share private data with U.S. agencies like the Department of Homeland Security (DHS) or Immigration and Customs Enforcement (ICE).
Company’s Silence Fuels Speculation
TikTok has declined to provide direct answers to inquiries about its cooperation with U.S. government data requests. The company maintains that it evaluates all legal requests carefully and operates in line with published law enforcement guidelines. However, it has avoided confirming whether any data has been shared with federal authorities under the new policy terms.
This lack of clarity has fueled skepticism among lawmakers and digital rights organizations, who argue that transparency is essential when it comes to how platforms manage user data — especially during politically sensitive negotiations with governments.
Administrative Subpoenas and Legal Gray Areas
Under the U.S. Stored Communications Act, companies are restricted from sharing user communications without a court order. However, DHS and ICE have increasingly used administrative subpoenas — which do not require judicial approval — to demand data such as usernames, IP addresses, and contact details.
These types of subpoenas carry less legal weight, and companies can refuse them without facing penalties unless a court intervenes. Historically, major tech firms like Meta have resisted such requests, often notifying affected users so they can challenge the subpoenas in court.
In one instance, users behind anonymous accounts tracking ICE agents were able to contest the government’s request after Meta provided redacted copies of the subpoenas. Judges later ruled that their data could not be handed over without a proper court order.
TikTok Retreats From Its User Notification Promise
Until late April 2025, TikTok’s policy stated that it would notify users before disclosing their information to law enforcement. The new version, however, limits that commitment to cases “where required by law.” It also shifts the timing of notifications to after data has been shared, rather than before, leaving users with no opportunity to contest disclosures in advance.
The company has not explained the reason for this shift, but privacy advocates note that it could prevent users from protecting their rights under U.S. law.
There is already a legal exception that allows the government to delay notice if officials believe a person might flee or obstruct an investigation. Critics warn that this clause, combined with TikTok’s weaker policy, could effectively remove any meaningful user protections — particularly in immigration enforcement cases involving ICE.
Outside the United States, where notice requirements may be even less robust, these changes could have an even broader impact on user privacy.
Broader Data-Sharing Authority Introduced
Another update in TikTok’s policies appears to soften its stance toward data requests. The previous firm language — “TikTok rejects data requests from law enforcement authorities” — has been replaced with “TikTok may reject data requests.”
Additionally, a section once titled “reporting obligations” now reads “proactive reports obligations.” This change authorizes the company to disclose user data voluntarily, even without a formal legal request, in cases involving issues such as child exploitation or suspicious financial activity.
While these examples reflect standard industry practices, the broader “proactive” language suggests TikTok could interpret such obligations more expansively in the future.
Political Pressures Shape TikTok’s Future in the U.S.
TikTok’s evolving data policies come amid continued political pressure from Washington. Although U.S. law technically bans TikTok, the platform continues to operate because President Trump issued executive orders instructing the Department of Justice not to enforce the ban — a decision he could reverse at any time.
The White House is currently negotiating a deal with Chinese President Xi Jinping to sell TikTok’s U.S. assets to a consortium of American and allied investors, including Oracle co-founder Larry Ellison, Fox Corp. CEO Lachlan Murdoch, and the Emirati investment firm MGX. The arrangement requires approval from both governments, giving the Trump administration significant leverage over TikTok’s operations.
Earlier this year, the company briefly suspended its U.S. service during uncertainty surrounding the enforcement of the ban law. Service later resumed, signaling TikTok’s ongoing efforts to navigate the political and legal landscape that could determine its future in the country.
Controversy Expands Beyond the United States
TikTok’s handling of government data requests has also drawn international attention. In Indonesia, the company faced backlash after protests erupted over corruption and police misconduct. Following a temporary shutdown of its livestreaming feature, the Indonesian government demanded access to user data related to the protests.
TikTok initially resisted but reportedly complied after its operating license was suspended. Officials later stated that the shared data included web-traffic information and activity linked to potential gambling sites, though it was claimed to be anonymized.




