Americans accused Tik Tok of sharing user data with China
Although TikTok has always stated that it prevents any transfer or viewing of its users’ data in China, where its parent company ByteDance is located, today’s internal leak on the exchange seems to prove the opposite. According to a set of 80 audio recordings of internal meetings of the company, published on Friday, June 17, by the American media BuzzFeed, engineers of the video sharing application had access from China to information from American users at least in the period from September 2021 to January 2022. And this is «much more common than previously reported».
Records viewed by BuzzFeed show the existence of a «senior administrator» in Beijing who would have «access to everything». «Everything is visible in China», – says an employee of the TikTok trust and security department in one of the audio files. The statements of eight employees show that American employees had to contact their colleagues across the Pacific Ocean to find out how the data of their fellow citizens is distributed. They didn’t have permission to access it on their own.
According to BuzzFeed, the social network has misled lawyers and users. TikTok has been negotiating for two years with the Committee on Foreign Investment in the United States on an agreement called «Project Texas», the purpose of which is to protect user data in the United States from potential intrusion by Chinese authorities. To do this, all personal information, such as phone numbers and birthdays, must be stored exclusively on a secure server in Texas, which is managed by the American cloud company Oracle.
When analyzing the records, BuzzFeed found that a significant amount of additional information, such as publicly available videos and comments left under posts, would not be stored on these secure servers, but on a server in Virginia owned by TikTok, which potentially leaves the Chinese parent company access to it at will. However, this data, even if it does not seem confidential, allows you to establish an accurate user profile.
On the day of the revelations, BuzzFeed TikTok publicly announced that it was changing the storage location of user information so that 100% of traffic in the US would pass through Oracle servers, since their old data centers in the US and Singapore are no longer serviced. «The physical location doesn’t matter if the data is still available from China», – however, reacts to BuzzFeed Adam Segal, Director of the Cyber and Digital Policy Program at the U.S. Think tank on International Relations. According to him, giving employees in China access to this information means the risk that it will end up in the hands of their government.
These revelations contradict the official discourse of TikTok, which, while being criticized for potential collusion with the Communist Party of China, has repeatedly reaffirmed its independence and commitment to data protection. In 2020, the social network announced that it wants to reduce access between regions, «so that, for example, employees in the Pacific region, including China, have minimal access to user data in Europe and the United States». TikTok has responded to BuzzFeed’s revelations by stating that it is «among the most viewed platforms» and is «working to dispel all doubts about the security of its users’ data in the United States».
The main fear of the United States has always been that Beijing uses an app for more than a billion users to spy on them. In 2020, Donald Trump also tried to ban the social network. «The collection of their data represents a threat that could allow the Chinese Communist Party to gain access to the personal information of American citizens», – the former president said. The firm then replied that it had never shared such information with the Chinese government. Since February, the Biden administration has been considering measures to improve monitoring of applications such as TikTok, which can be used by «foreign adversaries to steal or obtain data».