[ad_1]
It seems that every time TikTok takes one step forward on the path toward earning the trust of users and regulators, the ByteDance-owned video creation application then takes two steps back.
Hannah Murphy of Financial Times reported that four employees on the ByteDance internal audit team—two in China and two in the U.S.—improperly obtained the user data for FT journalist Cristina Criddle, an unnamed BuzzFeed journalist and an unspecified number of users connected to those journalists as part of an investigation into internal leaks.
Murphy reported that the ByteDance employees—now former employees, as one resigned and the other three were fired—were looking for evidence that Criddle was located near any ByteDance employees, adding that Criddle has published several stories that were critical of ByteDance and TikTok on FT since June.
TikTok had not responded to a request for comment at the time of this post.
According to Murphy, ByteDance general counsel Erich Andersen said in an email to staff that a “misguided plan was developed and carried out by a few individuals within the internal audit department this past summer,” adding that those involved “misused their authority to obtain access to TikTok user data.”
CEO Liang Rubo wrote in a separate email that the company needed to “deeply reflect on our actions and think about how we can prevent similar incidents from happening again,” Murphy reported.
FT said in a statement, “Spying on reporters, interfering with their work or intimidating their sources is completely unacceptable. We’ll be investigating this story more fully before deciding our formal response.”
Earlier this month, TikTok shuffled its trust and safety personnel deck in response to pressure from individual states and the federal government over safety and security concerns.
TikTok established a trust and safety team within the U.S. data security team it formed in June, led by current head of U.S. safety Eric Han, who became head of U.S data security trust and safety. Other U.S. safety teams, including legal policy and threat intelligence, were reorganized into the U.S data security trust and safety team.
The company said at the time that the U.S data security trust and safety team will work on compliance, content moderation and safety strategies for the private data of U.S. users, while its global trust and safety team will continue to develop global safety policies for the platform and oversee the moderation of content worldwide that does not involve the private data of U.S. users.
TikTok added that content policies and strategies developed by TikTok’s global team will be reviewed and approved by the U.S data security trust and safety team in order to ensure compliance with protocols being developed with the U.S. government.
TikTok’s issues with the federal government, particularly Republicans, came to light aboard Air Force One in July 2020, when then-President Donald Trump told reporters he intended to ban the app in the U.S., accusing the company of sharing user data with ByteDance and with government officials in Beijing. Trump threatened to invoke emergency economic powers to prohibit U.S. contractors from working with the company.
TikTok fired back, asserting that no user data was shared in China, and that ByteDance was actually headquartered in the Cayman Islands, but the Trump administration kept applying pressure, leading to a near-sale of TikTok to Oracle and Walmart in September 2020.
However, the presidential election in November of that year became the administration’s top priority, and no further actions were taken against TikTok—a path the administration of current President Joe Biden has followed to date, as well.
The China connection stormed back into the news in a big way in June, when Emily Baker-White of BuzzFeed News obtained access to leaked audio from more than 80 internal TikTok meetings, which contained multiple references by multiple employees stating that ByteDance employees based in China repeatedly accessed nonpublic data about U.S. TikTok users.
Albert Calamug, who works on U.S. security public policy for TikTok, responded in a blog post that all U.S. user data has been stored in its data centers in the U.S. and Singapore, adding that 100% of U.S. user traffic is now being routed to Oracle Cloud Infrastructure, with the data centers being used for backup.
In July, vice president and head of public policy, Americas Michael Beckerman conceded that some user data may in fact have made its way to China, despite previous denials, writing in a blog post, “As a rule, security teams want to minimize the number of people who have access to data and limit it only to people who need that access in order to do their job. We have policies and procedures that limit internal access to user data by our employees, wherever they’re based, based on need. Like many global companies, TikTok has engineering teams around the world—including in Mountain View (Calif.), London, Dublin, Singapore and China—and those teams might need access to data for engineering functions that are specifically tied to their roles.”
[ad_2]
Source link
