(CFOTO/Future publishing via Getty Images)
TikTok’s access controls on US user data are much weaker than the company says, a former ByteDance employee told Senator Josh Hawley’s (R-Mo.) office, according to a letter from Hawley to Secretary of the Treasury Janet Yellen shared exclusively with Axios .
Send the news: The whistleblower’s allegations, which have not been independently seen or verified by Axios, suggest that TikTok is exaggerating its separation from its China-based owner ByteDance, relying on proprietary Chinese software that could have backdoors, and using tools that allow employees to easily switch between US and Chinese user data.
What they say: “This whistleblower’s allegations are deeply concerning. They also appear to contradict public statements by TikTok and ByteDance executives,” Hawley writes.
- He cites Congressional testimony from last September by TikTok COO Vanessa Pappas stating that “there are strict access controls around the data accessed in the United States,” along with reporting from Forbes and Reuters about Bytedance employees acting inappropriately. have access to TikTok’s US user data.
- Hawley writes: “The whistleblower describes TikTok’s access controls on US data as ‘shallow’ at best, where they already exist. As an example, he describes how TikTok and ByteDance employees – including members of the Chinese Communist Party known to be on ByteDance’s payroll — can switch between Chinese and US data with nothing more than the click of a button using a proprietary tool called Dorado… In his words: “[i]It’s like a light switch.”
- The whistleblower told Hawley’s office, according to the letter, “I’ve seen firsthand China-based engineers switch to non-Chinese datasets and create scheduled jobs to back up, merge and analyze data.” adding that “TikTok and ByteDance are functionally the same company.”
Context: Calls to ban or limit TikTok and other Chinese companies are currently trending in Congress. Meanwhile, an evaluation of the company’s practices by the Committee on Foreign Investment in the United States, which should ultimately result in a safety agreement, has been dragging on for more than two years.
- TikTok has consistently maintained that it keeps US user data safe and is committed to a strong CFIUS deal. Hawley supports a full ban on the app, while others in Congress have suggested less direct approaches that could keep the popular video app alive in the US
- Yellen chairs CFIUS in her role as Secretary of the Treasury.
What’s next: It is unclear whether this whistleblower will give the public more details about his allegations or testify before Congress.
- “Our firm is committed to protecting the anonymity of any whistleblower who approaches us,” Hawley spokesperson Abigail Marone told Axios. “Based on our review of this whistleblower’s disclosures to our office, we believe these claims should be investigated by CFIUS and are asking Secretary Yellen if these concerns have surfaced in the course of their investigation. We support the whistleblower in determining their own level of future involvement.”
Read the full letter.
Go deeper: The political reality that makes a national TikTok ban tricky