The China-based parent company of TikTok said Thursday that an internal investigation revealed employees obtained private data of four U.S.-based tech journalists and other American users’ information.
ByteDance, the Chinese tech giant that owns the video-sharing app, was accused earlier this year of tracking multiple reporters at Forbes under a covert surveillance campaign, which led to employees gaining access to information such as the IP addresses of some TikTok users connected to the reporters.
Forbes reported that ByteDance’s Internal Audit and Risk Control department was responsible for the alleged plan to monitor the locations of specific American citizens. The person who oversees that department is Beijing-based executive Song Ye, who reports to ByteDance co-founder and CEO Rubo Liang.
“I was deeply disappointed when I was notified of the situation … and I’m sure you feel the same,” Liang said in an internal email to employees shared with Forbes. “The public trust that we have spent huge efforts building is going to be significantly undermined by the misconduct of a few individuals … I believe this situation will serve as a lesson to us all.”
The New York Times reported that two employees responsible for obtaining the data were based in China, and two others were based in the United States.
According to the NYT, the company has fired all four employees involved.
ByteDance officials said the targeted reporters included Emily Baker-White, Katharine Schwab, and Richard Nieva — all three of whom wrote for BuzzFeed and are now at Forbes — and Cristina Criddle of the Financial Times.
TikTok General Counsel Erich Andersen wrote in a second internal email shared with Forbes that internal audit groups investigating code of conduct violations are standard practices for companies.
“However, in this case, individuals misused their authority to obtain access to TikTok user data,” Andersen said.
ByteDance and TikTok did not deny the surveillance, saying the app “has never been used to ‘target’ any members of the U.S. government, activists, public figures or journalists” and that “TikTok could not monitor U.S. users in the way the article suggested.”
Growing security concerns over the social media platform have caught lawmakers’ attention recently after the Federal Communications Commission said the government agency could not regulate the social media app or control American data from flowing back to Beijing and the Chinese Communist Party (CCP), which requires companies to share its data upon request under the country’s 2017 National Intelligence Law.
Senator Marco Rubio (R-FL) recently introduced bipartisan legislation prohibiting the video-sharing social media app from all consumer devices.
In a statement about the internal investigation, Rubio told the NYT that “no one should be surprised or fooled by ByteDance’s public apology.”
“The company is desperate to tamp down growing bipartisan concerns about how it enables the Chinese Communist Party to use — and potentially weaponize — the data of American citizens,” Rubio said. “Every day it becomes more clear that we need to ban TikTok.”
U.S. Senators unanimously passed the No TikTok on Government Devices Act, introduced by Sen. Josh Hawley (R-MO), last week.
“TikTok is a Trojan Horse for the Chinese Communist Party. It’s a major security risk to the United States, and until it is forced to sever ties with China completely, it has no place on government devices,” Hawley said in a statement on Thursday. “States across the U.S. are banning TikTok on government devices. It’s time for Joe Biden and the Democrats to help do the same.”
Several states in the union have also passed laws prohibiting state employees from using the app on government-owned devices.