Bytedance Admits Using TikTok to Track Journalists' User Data

The Chinese company ByteDance, which owns the popular social media platform TikTok, has confessed to illegally obtaining user information, including that of a Financial Times reporter, to analyze their location as part of an internal leaks examination.

Employees obtained access to the journalists’ user data and IP addresses through illegal and inappropriate techniques to determine whether their locations matched that of ByteDance employees.

This reveal undermines the image TikTok wants to project to governments and customers: that of a network concerned with national security and user data protection.

We will continue to enhance these access protocols, which have already been significantly improved and hardened since this initiative took placeShou Zi Chew

This news comes about not long after South Dakota Gov. Kristi Noem prohibited using TikTok on state-owned devices, claiming that the social media network collects data for the Chinese Communist Party (CCP).

Erich Andersen stated that the individuals identified by ByteDance as having spoken to these journalists no longer work for the organization. According to insiders, four ByteDance employees were fired, including two in the United States and two in China.

In October, Forbes announced that journalists were being watched as part of a surveillance operation supervised by one of ByteDance’s China-based teams.

Company representatives disclosed that they were adopting additional security measures to protect user data.

The CEO of ByteDance, Rubo Liang, wrote to the company’s staff in an email to express his company’s strong condemnation of the unlawful data access by employees, which he described as a significant violation of the code of conduct.

The news, first reported by the New York Times, may add to the pressure TikTok is facing in the Biden administration and Washington from lawmakers over security situations regarding US user info.

The Financial Times released a statement claiming to interfere with their work, spying on journalists, or threatening their sources is absolutely wrong.

TikTok to Increase US Data Security

TikTok is updating its Internal Audit and Risk Control department in light of the business findings that revoked all user data access and permissions for the department and no longer employed any personnel who were discovered to have participated in or oversaw the scheme, according to Mr. Andersen.

The House of Representatives might pass legislation restricting the use of TikTok on the professional phones of federal officials, following bans in approximately 20 US states.

TikTok has tried to persuade US officials that US data is secure and kept on domestic servers.

However, in response to media reports, it’s also acknowledged that staff based in China had access to US users’ data, despite the company’s claim that such access was heavily regulated and highly restricted.

ByteDance also announced that its global investigations would be divided and reorganized, along with its risk control and internal audit department. The business noted that an oversight council would be created as part of a redesign of the investigation process.

TikTok’s Efforts in the USA

TikTok has spent $1.5 billion to date to establish a US-based data security division targeted at meeting US government standards, according to Reuters, citing an anonymous source.

With Oracle, TikTok has an agreement to keep user app data in the United States, and TikTok has suggested granting Oracle access to evaluate app and server code.

TikTok has proposed setting up a board of three members verified by the Committee on Foreign Investment in the United States (CFIUS) to monitor the US security section.

This board wouldn’t be under the supervision of ByteDance. TikTok has also taken steps to separate itself from ByteDance and is discussing with the US government to isolate user data from China altogether. What will come of those negotiations isn’t obvious, though.