TikTok Fires Back At Forbes After Scathing Report
TikTok has again found itself in the eye of a privacy storm. As per a fresh investigation, parent company ByteDance has a team stationed in China to monitor the location of specific users based in the United States. It was intended to harvest information from the devices of TikTok users in the country, however, the report is unsure whether the requisite data was actually collected. According to the internal materials viewed by Forbes, the company aimed to deploy the information it collected in order to "surveil individual American citizens, not to target ads or any of these other purposes."
ByteDance reportedly has a team called Internal Audit and Risk Control tasked with the responsibility of assessing employee relations and conduct that could potentially violate company policies. The team reportedly has a line to the company's CEO, and in the past, it is said to have investigated former employees who had left the company. Data about employees based in the U.S. was reportedly extracted by the team based in China via "green channel," TikTok's internal data request repository.
The report also cites an internal assessment report written by an employee, highlighting the risk of data collection, because even if data is supposed to be stored on servers outside China, it can possibly be retained on servers operational in China, violating the data storage agreements in multiple markets. TikTok, on the other hand, has vehemently denied the report, accusing it of lacking rigor and journalistic integrity.
Vehement denial, but TikTok needs to come clean
"TikTok does not collect precise GPS location information from U.S. users, meaning TikTok could not monitor U.S. users in the way the article suggested," wrote the company's official comms handle on Twitter. The company further stresses that the app has never been used to track sensitive subjects like politicians, journalists, and activists, among other influential figures.
While TikTok's dismissal of the Forbes report is spirited, recent investigations have actually painted a rather grim picture of the company's privacy practices. According to a BuzzFeed investigation earlier this year which cited internal audio recordings, TikTok engineers in China have accessed non-public data based in the United States. "Everything is seen in China," a member of TikTok's Trust and Safety team was quoted as saying.
2/ Specifically, Forbes chose not to include the portion of our statement that disproved the feasibility of its core allegation: TikTok does not collect precise GPS location information from US users, meaning TikTok could not monitor US users in the way the article suggested.
— TikTokComms (@TikTokComms) October 20, 2022
Earlier this year, TikTok announced that it had set up a new team called U.S. Data Security that would limit who can access the data of users based in the United States and that all data access requests will first pass through tight protocols and oversight. TikTok has also decided to store the data of U.S.-based users on local cloud servers provided by Oracle.
Interestingly, the Oracle deal came in the wake of increasing pressure from the U.S. government over data security concerns and localization of user information, along with a tangible risk of getting banned in the country. In fact, TikTok continues to be banned in India – one of its largest markets — over similar national security concerns.