Chinese parent of TikTok says some staff improperly accessed TikTok user data of two journalists and have been let go
ByteDance, the Chinese parent company of popular video app TikTok, has handed potentially more ammunition to its critics among the United States political establishment.
ByteDance said on Thursday that some staff members improperly accessed TikTok user data of two journalists and were no longer employed by the company, Reuters reported, after seeing an email.
ByteDance is already facing significant pressure in the United States over security concerns about US user data, with a growing number of US states banning the app on government devices, as the US Congress prepares for a federal-level vote this week.
Now according to the Reuters report, ByteDance employees accessed the data as part of an unsuccessful effort to investigate leaks of company data earlier this year.
The ByteDance investigation was aimed at identifying potential connections between two journalists, a former BuzzFeed reporter and a Financial Times reporter, and company employees, the email from ByteDance general counsel Erich Andersen reportedly said.
The ByteDance staff reportedly looked at IP addresses of journalists attempting to learn if they were in the same location as employees suspected of leaking confidential information.
A person briefed on the matter told Reuters that four ByteDance employees who were involved in the incident were fired, including two in China and two in the United States.
Company officials reportedly said they were taking additional steps to protect user data.
The Financial Times was quoted as saying in a statement that “spying on reporters, interfering with their work or intimidating their sources is completely unacceptable. We’ll be investigating this story more fully before deciding our formal response.”
BuzzFeed News spokesperson Lizzie Grams reportedly said the company was deeply disturbed by the report, saying it showed “a blatant disregard for the privacy and rights of journalists as well as TikTok users.”
Meanwhile Forbes reported Thursday that ByteDance had tracked multiple Forbes journalists including some who formerly worked at BuzzFeed “as part of a covert surveillance campaign” aimed at discovering the source of leaks.
Randall Lane, the chief content officer of Forbes, called it “a direct assault on the idea of a free press and its critical role in a functioning democracy.”
In October TikTok had denied a Forbes report that it had ‘targetted’ US citizens, and insisted it did not collect precise GPS location data.
TikTok Chief Executive Shou Zi Chew said in a separate email to staff seen by Reuters that such “misconduct is not at all representative of what I know our company’s principles to be.”
He reportedly said the company “will continue to enhance these access protocols, which have already been significantly improved and hardened since this initiative took place.”
Chew added that over the past 15 months the company had been working to build TikTok US Data Security (USDS) to ensure protected TikTok U.S. user data stays in the United States.
“We are completing the migration of protected US user data management to the USDS department and have been systematically cutting off access points,” he wrote.
ByteDance also said it was restructuring the Internal Audit and Risk Control department, and the global investigations function would be split out and restructured.
Whether that will enough to placate US politicians remains to be seen.
The proposal last week was backed by House Speaker Nancy Pelosi, a Democrat, and House Republican Leader Kevin McCarthy.
And the US Congress is set to pass legislation this week to ban US government employees from downloading or using TikTok on their government-owned devices.