TikTok’s future in the US is looking a lot less certain, after an investigation found that parent company ByteDance had been spying on several American journalists whom it believed had been in contact with ByteDance staff, and gained access to commercially sensitive information.
As reported by The Financial Times:
“Over the summer, four employees on the ByteDance internal audit team looked into the sharing of internal information to journalists. Two members of staff in the US and two in China gained access to the IP addresses and other personal data of FT journalist Cristina Criddle, to work out if she was in the proximity of any ByteDance employees, the company said.”
FT further reports that a BuzzFeed journalist and several users connected to the reporters through their TikTok accounts were also targeted in the ByteDance probe.
Which, obviously, is a fairly significant violation user privacy, while also running counter to press freedom, and in opposition to the many public statements that TikTok has made in regards to how its Chinese staff access US user info.
TikTok, which remains under investigation by the Committee for Foreign Investment (CFIUS) over its potential linkage to the CCP, has repeatedly pledged that US user info is not being shared with China-based staff.
Back in September, TikTok COO Vanessa Pappas testified before the Senate Homeland Security Committee that the company has ‘a series of robust cybersecurity controls and authorization approval protocols’ in place to limit internal data access, while it continues to work on more advanced data protections:
“Our goal is to ensure non US-based employees, including China-based employees, will only have access to a narrow set of TikTok US user data, such as public videos and comments available to anyone on the TikTok platform, to ensure global interoperability.”
In further questioning, Pappas also denied allegations that US user data had been repeatedly accessed by employees based in China. Pappas also detailed TikTok’s ongoing work with both Oracle and the US government to establish new systems and control parameters, in order to alleviate concerns around the app being used as data gathering tool by the Chinese Government.
Which has been the primary issue raised repeatedly by Republicans senators, the FBI and the FCC, due to the CCPs cybersecurity provisions, which require that all Chinese-owned businesses share user data with the Chinese government on request.
There’s no evidence to suggest that CCP officials have either asked for or accessed TikTok user data, which is separate from Chinese audience info under the China-specific variation of the platform (Douyin). But technically, under the existing parameters, TikTok could be used as a spy app, of sorts, for users in any nation where the app is active.
Which is why TikTok has been in negotiation with CFIUS for months, establishing the key provisions of a US data deal. This week, Reuters reported that such a deal could be close, with TikTok spending over $1.5 billion on reorganization and hiring efforts to address key concerns. But now, amid revelations that TikTok has effectively been used as a spy device, those provisions could be out the window, with the platform now, potentially, looking at a full sell-off into US ownership, or a ban in the region. And that would also likely spark subsequent bans in other western nations.
The discovery essentially solidifies every concern about the app, and will definitely get the attention of US officials, who were already skeptical that an effective TikTok operating deal could be met.
That’ll eventually see the call on the app’s future passed on to the President’s office, with President Biden now increasingly likely to impose the same conditions on TikTok’s continued operation in the US as former President Donald Trump did in 2020.
Which very nearly saw TikTok banned, or sold to Oracle outright. You can expect to see those exact negotiations play out once more, especially as US-China tensions remain high, and concerns linger around the CCPs view on foreign leadership.
Basically, this case proves that TikTok can be used as a form of spyware, and that ByteDance, in line with Chinese approaches to detection and suppression, sees no problem with this.
That approach is incompatible with almost every region where TikTok operates, and it’s hard to see how foreign regulators will be able to overlook or ignore this latest discovery.
Will that be the end of TikTok? There’s still plenty of opportunity for changes that could keep the app running, but those changes will be significant, and it’s hard to see US officials allowing any compromise on data security.
In effect, the chances of a US TikTok ban just shifted to ‘likely’, which will spark a whole new round of negotiations on how to keep the app alive in western nations.