Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
China Government

TikTok Whistleblower Tells Congress Data Protections Don't Stop Chinese Access (gizmodo.com) 48

An anonymous reader quotes a report from Gizmodo: A former TikTok employee turned whistleblower has reportedly met with multiple U.S. senators expressing concerns TikTok's plan to secure U.S. user data won't go far enough to stop possible Chinese espionage. The whistleblower told The Washington Post in an interview that the company's policy plan, dubbed Project Texas, doesn't go far enough and that properly ensuring U.S. data is secured from Chinese employees requires nothing short of a "complete re-engineering" of the way the app works. Those allegations come just days after another whistleblower raised concerns regarding TikTok's U.S. user controls. Combined, the comments could fan the flames for what looks like growing bipartisan support for a full-on nationwide TikTok ban.

The former TikTok employee turned whistleblower told the Post he worked at the company for around six months ending in early 2022 as a risk manager and head of a unit in TikTok's Safety Operations team. Part of that job, he claims, put him in charge of knowing which employees had access to certain tools and user data. He claims he was fired after speaking up about his data privacy concerns. Though he left TikTok prior to its finalization of the so-called Project Texas policy, he maintains he saw enough evidence to suggest the guardrails put in place to placate U.S. regulators fearful of Chinese employees viewing U.S. user data were insufficient. The whistleblower has reportedly already met with staffers from Iowa Sen. Chuck Grassley and Virginia Sen. Mark Warner's offices.

Specifically, the whistleblower shared a snippet of code with the Post which they say shows TikTok's code connecting with Toutiao, a Chinese news app also run by TikTok's parent company, ByteDance. The whistleblower alleges that connection could let Chinese employees intercept and potentially view U.S. user data. Gizmodo could not independently confirm those claims. The whistleblower, meanwhile reportedly did not advocate for an outright nationwide ban. Instead, he said the problems could be solved but would require further steps than what is included in the Project Texas proposal.
Another alleged whistleblower came forward just days before the Post interview, alleging TikTok's access controls on U.S. data were "superficial" at best. "TikTok and ByteDance employees, he alleged, possess the ability to 'switch between Chinese and U.S. data with nothing more than the click of a button,'" reports Gizmodo.

The whistleblower alleged in a letter sent to ByteDance by Republican Missouri Rep. Josh Hawley: "I have seen first-hand China-based engineers flipping over to non-China datasets and creating scheduled tasks to backup, aggregate, and analyze data. TikTok and ByteDance are functionally the same company."
This discussion has been archived. No new comments can be posted.

TikTok Whistleblower Tells Congress Data Protections Don't Stop Chinese Access

Comments Filter:
  • I don't doubt for an instant the Chinese government would use information available to them to their advantage.

    Should we limit the number of folks who have access to the contents of our underwear drawer? Absolutely. Is the tiktok scare a little overreaction and a lot overblown, like a political football meant to catch your attention and assure you that our worthless representatives are still protecting us? Absofuckinlutely.

  • by oumuamua ( 6173784 ) on Saturday March 11, 2023 @10:09AM (#63361445)
    Everything China does is negative. Peace between Iran and Saudi Arabia and resumption of diplomatic ties. Ooops no way to spin that negative, so the press (except for the NY Times) doesn't cover it or pushes it way way down the page, .
  • I'm reading about this TikTok panic everywhere and would like to understand what it is all about.

    Americans are used to giving, say, Google every bit of personal information they have: their contacs, their emails, their phone calls, their purchases, their exact position (and its lifetime history!) and that of their cars. They even have always-on cameras and microphones inside of their houses, streaming the most intimate aspects of their lives towards their Big Tech overlords. And they're supposed to be OK

      • I couldn't click any of the links in the results of that search without giving those websites wishing to warn me against the dangers of TikTok the consent to collect more data about me than TikTok does.

        In case anyone is interested, this is what they collect [tiktok.com]. In short, they store your account data (of course) and collect automatically what they can estimate from your IP address (that's what every thing that you interact with over the Internet could do) and phone number.
        Any other thing they collect, you hav

        • I couldn't click any of the links in the results of that search without giving those websites wishing to warn me against the dangers of TikTok the consent to collect more data about me than TikTok does.

          How much did you get paid to say that? TikTok has been caught capturing people's clipboards repeatedly, for example. You are like ChatGPT, you confidently gave a bullshit answer.

          • And if it were so, why didn't you tell me before instead of playing the smart ass?

            Anyway, go back to your world where the Communist Party of China conspires to steal drinkypoo's clipboard through a meme app, and then pays peppepz to cover his tracks on slashdot.

            In the real world, privacy policies are legally binding documents and if an app is caught violating them, it can be sued out of existence by privacy watchdogs.

            • And if it were so, why didn't you tell me before instead of playing the smart ass?

              Why didn't you look it up instead of playing dumb ass? Just not playing?

    • I posit a group of very wealthy and influential people who generally agree with each-other about how the world should work. These people own the majority of major media outlets and also control big players in politics through bribery, lobbying, assassinations and the threat thereof, blackmail both small and of Epsteinian proportions, and so on. These people want even more power. Note that I do not claim they work in concert or meet to discuss this goal. It's only necessary that they generally agree this is
    • by bunyip ( 17018 )

      And then we have National Security Letters, the US government just gets a a judge to sign a letter requiring you to give them whatever data they want. Can't even tell anybody you received the letter, that's illegal and you go to jail. I don't see much difference between the Chinese government's access to Chinese company's data and the US government's access to US company's data.

      For TikTok, I strongly suspect that lobbyists from Facebook and Twitter are sowing the seeds of controversy as they're trying to

  • by JamesTRexx ( 675890 ) on Saturday March 11, 2023 @10:58AM (#63361537) Journal

    A counterpoint.

    Just about every website and mobile has a connection with one or more Google servers. Facebook/Twitter/your favourite social network share links are everywhere, Cloudfront caches a whole lot of traffic.

    But there's no problem that they know even vastly more about people than the Chinese do.

  • by rsilvergun ( 571051 ) on Saturday March 11, 2023 @11:36AM (#63361631)
    why would they stop the Chinese?
    • To add "tough on China" as a bullet point on their list.

      The US investors who have poured heavy cash into ByteDance won't like it though. Sounds like they have already been working on Project Texas with our present situation in mind.

      I could see ByteDance pretending to keep all the data in Texas, and the politicians pretending to believe them. That seems like the path of least resistance. Investors are able to keep making money off the thing, no voters will lose access to their cat videos.

  • Didn't all you? Seriously, I'm pretty jaded, but does anyone even "trust but verify" anymore? (And I couldn't stand the guy behind that principle. What an ass.) But we're just falling for the same thing over and over again. righto China. Do we really all have some kind of shades on in our institutions that it's always a "whistleblower" and otherwise everything is always goody-goodness? At this point we should be kinda-sorta wondering if China is hiding some things maybe. For the record: I not legally sure
  • Common in much of such reporting is talk about what the company in question says and claims. Such reporting is meaningless as the companies have to do what the Chinese government request and lie about it. Think about it. Some armed government suits turn up in your office and tell you that all the incoming data you receive is now to be passed through their servers and here is the features your software must add to give backdoor access to targets of interest. Who are more scared of? The suits than promis
  • by Archangel_Azazel ( 707030 ) on Saturday March 11, 2023 @09:39PM (#63362791) Homepage Journal

    The literal 10's of 1,000's of apps that use TikToks sdks or other underlying code. Same code, different wrapper but hey...it's probably mostly American companies making the money off the utterly insecure and unnecessarily vacuumed up data so that's okay and not a threat at all.

    Pay no attention to the code behind the curtain, for this is the Great and Powerful TikTok!

    Luckily they've mostly removed America's ability to think or reason critically, lest the little rubes get upset.
    Now to get back to today's 3 minutes hate. Boo TikTok, yay FreeDumb!

  • Seriously, we know this app is for spying and obtaining personal info. Kill it's use already.

Don't tell me how hard you work. Tell me how much you get done. -- James J. Ling

Working...