UPDATED: TikTok pushed back on a report that ByteDance, its Chinese parent, planned to use the app to track the physical locations of at least two U.S. citizens.
On Thursday, Forbes reported that ByteDance’s Internal Audit and Risk Control department, which investigates possible misconduct by employees, in at least two cases planned to “collect TikTok data about the location of a U.S. citizen who had never had an employment relationship with the company.” Forbes cited internal company “materials” it reviewed for the report; the publication said it was not disclosing “the nature and purpose of the planned surveillance referenced in the materials in order to protect sources.” The article added it was unclear whether ByteDance actually collected data about the American citizens.
In a statement, TikTok claimed that its app “has never been used to ‘target’ any members of the U.S. government, activists, public figures or journalists, nor do we serve them a different content experience than other users. Our Internal Audit team follows set policies and processes to acquire information they need to conduct internal investigations of violations of the company codes of conduct, as is standard in companies across our industry. Any use of internal audit resources as alleged by Forbes would be grounds for immediate dismissal of company personnel.”
According to TikTok, Forbes did not include the portion of its statement that “disproved the feasibility of its core allegation: TikTok does not collect precise GPS location information from U.S. users, meaning TikTok could not monitor U.S. users in the way the article suggested.” TikTok does record IP addresses of users, but IP addresses cannot be used to reliably pinpoint a device’s location.
“Forbes’ reporting about TikTok continues to lack both rigor and journalistic integrity,” TikTok said in the statement.
Asked for a response, Forbes spokesperson Bill Hankes said, “We are confident in our sourcing, and we stand by our reporting.” The Forbes article was written by Emily Baker-White, who disclosed in the piece that she previously held “policy positions at Facebook and Spotify.”
In a series of tweets Friday, Baker-White noted that even if TikTok does not use GPS data (a detail she acknowledged was omitted from the Forbes articles), that “does not mean they could not use [an IP address to get an] approx location to monitor certain individuals.” She also wrote, “I’m glad they say TikTok hasn’t been used to ‘target’ some specific groups. I am nonetheless concerned that they planned to use it to monitor specific Americans, which is what we reported. Also, FWIW, they didn’t answer this question when we asked it to them on Wed.” According to Baker-White, TikTok has not requested any updates to the Forbes story.
TikTok, which boasts well over 1 billion users for its short-form video entertainment app, has been a political football since its inception because it is owned and controlled by Chinese internet giant ByteDance. India, for example, in 2020 blocked TikTok and other Chinese apps in the country.
Citing national security concerns, Donald Trump, in the final months of his term as U.S. president, issued an executive order that threatened to ban TikTok in the country unless ByteDance sold a controlling interest in TikTok to American investors. U.S. federal courts blocked Trump’s order.
In June, nine Republican senators revived concerns about TikTok’s China ties, sending TikTok CEO Shou Zi Chew a letter “demanding answers on TikTok’s backdoor data access for Beijing,” a reference to China’s communist regime. That was triggered by a June 17 BuzzFeed News report that TikTok employees in China have “repeatedly” accessed U.S.-based users’ data. According to Chew’s response to the GOP senators, the access TikTok granted staffers in China to U.S. user data is part of efforts to shut off that access — with a goal of making “substantive progress toward compliance with a final agreement with the U.S. Government that will fully safeguard user data and U.S. national security interests.”
Chew also reiterated TikTok’s claim that “100% of U.S. user traffic” is now being routed to Oracle’s cloud infrastructure in the country and that TikTok eventually plans to delete all American user data from its Singapore data centers. Under the revamped security plan, Chew said, TikTok will provide China-based employees “very limited” access to U.S. user data — which will not include private user information — “and it will only occur pursuant to protocols being developed with the U.S. Government.” In addition, TikTok continues to maintain that it has never shared data with the Chinese Communist Party, and that the Chinese government has not made any such requests.
In June, President Biden officially revoked Trump’s executive orders seeking to ban TikTok and WeChat while also launching an investigation into apps that have ties to “foreign adversaries” that may pose national security or data privacy risks. TikTok and the Biden administration reached a preliminary agreement to resolve national security concerns, the New York Times reported last month. Under that proposed agreement, TikTok would be required to store U.S. user data only in the United States; grant Oracle oversight to monitor TikTok’s content algorithms to detect possible interference from China’s communist regime; and establish a board of “security experts” reporting to the U.S. government to oversee TikTok’s U.S. operations, per the Times report.
TikTok, in a statement this week to Bloomberg, said, “We are confident that we are on a path to fully satisfy all reasonable U.S. national security concerns.”
From Variety US
