An ex-employee of ByteDance, the Chinese parent company of social media app TikTok, claims that the company misrepresents the degree of privacy protection between the data of U.S. users and that of its owner in China and employs proprietary Chinese software that might have backdoors.
Axios reports that a former employee of ByteDance — the Chinese parent company of the popular app TikTok — claims that the firm is misrepresenting the privacy of its U.S. users and may have backdoors built into the app. The whistleblower asserts that employees can easily switch between U.S. and Chinese data using a proprietary tool called Dorado and that TikTok’s access controls on U.S. user data are weaker than the company suggests. The whistleblower’s concerns were sent in a letter by Sen. Josh Hawley (R-MO) to Treasury Secretary Janet Yellen.
TikTok has consistently refuted claims that it compromises the security of user data from the United States, claiming to keep it safe and to be committed to an agreement with the Committee on Foreign Investment in the United States (CFIUS), which is reviewing the company’s procedures. The whistleblower’s claims have not been independently verified but contradict statements made in public by TikTok and ByteDance, according to Hawley. “This whistleblower’s allegations are deeply concerning. They also appear to contradict public statements made by TikTok and ByteDance executives,” Hawley stated in the letter.
Hawley cited Congressional testimony from TikTok COO Vanessa Pappas from last September, who stated that “there are strict access controls around the data that is accessed in the United States,” as well as articles from Forbes and Reuters about ByteDance employees improperly accessing TikTok’s U.S. user data. Hawley has been a vocal critic of TikTok and has called for an outright ban on the app. He referred to the whistleblower’s claims as “deeply concerning” and suggested that CFIUS look into them.
Calls for the banning or regulating of TikTok and other Chinese businesses have gained popularity in Congress due to worries about the security of U.S. user data and the possibility of Chinese government access. There is still no word on when the CFIUS review of TikTok’s business practices, which is intended to lead to a security deal, will be finished. It has been ongoing for more than two years.
With over one billion monthly active users and a sizable and engaged user base in the U.S., TikTok has become a worldwide phenomenon. Legislators are paying attention to the app because of its popularity with teenagers and because they are concerned that the Chinese government could use it to gather information on U.S. citizens or spread propaganda.
TikTok has taken action to distance itself from its Chinese parent company in response to these worries and to reassure U.S. users that their data is secure. The company established a “transparency center” in the U.S. so that experts could assess the app’s code and data flows for any potential security issues.
Despite these efforts, the whistleblower’s accusations imply that TikTok’s access controls on U.S. user data are weaker than the company claims. The possibility that the Chinese government could access U.S. user data without TikTok’s knowledge or consent is made more concerning by the use of proprietary Chinese software that might contain backdoors.
It is unknown if the whistleblower will testify before Congress or give the public any additional information about his claims. Abigail Marone, a representative for Hawley, told Axios that the senator’s office is dedicated to preserving the confidentiality of any whistleblower who approaches them and that they think the allegations made by this specific whistleblower merit CFIUS investigation.
“Our office is committed to protecting the anonymity of any whistleblower who approaches us,” Marone said. “Based on our review of this whistleblower’s disclosures to our office we believe these claims deserve to be investigated by CFIUS and are asking Secretary Yellen if these concerns have come up in the course of their investigation. We’re supportive of the whistleblower determining their own level of future engagement.”
Read more at Axios here.
Lucas Nolan is a reporter for Breitbart News covering issues of free speech and online censorship. Follow him on Twitter @LucasNolan