China NewsUS-China RelationsThreat from Communist China

ByteDance Used TikTok to Spy on US Journalists: Report

Save
ByteDance Used TikTok to Spy on US Journalists: Report
Signage is displayed at the TikTok Creator's Lab 2019 event hosted by Bytedance Ltd. in Tokyo, Japan, on Feb. 16, 2019. Shiho Fukada/Bloomberg
Andrew Thornebrooke
Updated:
0:00

An internal investigation has revealed that Chinese company ByteDance, which owns TikTok, used the company’s access to user data to improperly track American journalists, according to media reports.

A Dec. 22 report by Forbes revealed that an internal ByteDance investigation, conducted by an outside law firm, found that employees tracked multiple journalists who were responsible for covering the company, with a view to identifying internal sources of suspected leaks to the press.

This was done by improperly gaining access to the journalists’ IP addresses and other user data through TikTok and then cross-referencing that data to identify whether the journalists had frequented the same areas as ByteDance employees.

Multiple Forbes journalists were tracked as part of the effort, which the publication defined as a “covert surveillance campaign” designed to counter and suppress leaks from the company.

ByteDance reportedly fired its chief internal auditor, Chris Lepitak, who was responsible for the team which led the campaign. China-based Song Ye, who Lepitak reported to and who answered directly to ByteDance CEO Rubo Liang, resigned over the issue.

“It is standard practice for companies to have an internal audit group authorized to investigate code of conduct violations,” TikTok General Counsel Erich Andersen wrote in an internal email, Forbes reported. “However, in this case individuals misused their authority to obtain access to TikTok user data.”

China-Based Employees Tracked US Journalists

It first emerged that China-based employees at ByteDance were using TikTok to track American journalists’ physical locations in October.
The ByteDance probe, known internally as Project Raven, was reportedly launched in response to a Buzzfeed story that found that China-based ByteDance employees repeatedly accessed U.S. user data from TikTok.

“Project Raven involved the company’s Chief Security and Privacy Office, was known to TikTok’s Head of Global Legal Compliance, and was approved by ByteDance employees in China,” the Forbes report said.

“The team that oversaw the surveillance campaign was ByteDance’s Internal Audit and Risk Control department, a Beijing-based unit primarily responsible for conducting investigations into potential misconduct by current and former ByteDance employees.”

TikTok a National Security Threat

TikTok’s connection to ByteDance, and ByteDance’s ties to the Chinese Communist Party (CCP), has long been a source of concern for national security experts.

The concerns stem from how American user data from TikTok could be accessed by ByteDance employees in China. That data is then subject to the CCP’s cyber, data, and national security laws, which require companies to provide any and all data to the communist regime upon request.

TikTok executives previously admitted to censoring content at the request of the CCP, and also acknowledge (pdf) that employees in China have been given access to American users’ data.

For its part, TikTok has maintained that the app is safe for Americans and that it will not pass on American user data to the CCP. ByteDance, however, is bound by  Chinese laws that do not allow a firm to refuse to provide data when asked.

The popular social media app has seen significant pushback domestically in recent weeks. At least 14 states have imposed bans on TikTok on government devices, citing national security risks. Congress is also set to impose a similar ban for federal government devices with the expected passage of the omnibus bill this week.

Speaking at a House Homeland Security Committee hearing in November, FBI Director Christopher Wray said the app could be used to collect data on Americans which could then be used in CCP influence operations.

“The Chinese government could use it to control data collection on millions of users or control the recommendation algorithm, which could be used for influence operations if they so chose, or to control software on millions of devices which gives it opportunity to potentially technically compromise personal devices,” Wray said.

Likewise, CIA Director William Burns said in a recent interview with PBS that, because TikTok is owned by ByteDance, it is vulnerable to being used by the CCP for anti-American operations.

“Because the parent company of TikTok is a Chinese company, the Chinese government is able to insist upon extracting the private data of a lot of TikTok users in this country, and also to shape the content of what goes on to TikTok as well to suit the interests of the Chinese leadership,” Burns said. “I think those are real challenges and a source of real concern.”

The Epoch Times has requested comment from ByteDance and TikTok.

Andrew Thornebrooke
Andrew Thornebrooke
National Security Correspondent
Andrew Thornebrooke is a national security correspondent for The Epoch Times covering China-related issues with a focus on defense, military affairs, and national security. He holds a master's in military history from Norwich University.
twitter
Related Topics