+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

TikTok confirms that China-based employees can access US user data, but only through an 'approval process'

Jul 1, 2022, 23:39 IST
Business Insider
Lionel Bonaventure/Getty Images
  • TikTok confirmed in a letter to Republican senators that China-based employees can access US user data.
  • The letter said that the access is "subject to a series of robust cybersecurity controls."
Advertisement

TikTok confirmed that China-based employees of its Chinese parent company, ByteDance, have access to US user data under certain circumstances in a letter obtained by The New York Times responding to nine Republican senators' inquiries about the matter.

"Employees outside the US, including China-based employees, can have access to TikTok US user data subject to a series of robust cybersecurity controls and authorization approval protocols overseen by our US-based security team," TikTok's CEO Shou Zi Chew wrote in the letter.

"TikTok has an internal data classification system and approval process in place that assigns levels of access based on the data's classification and requires approvals for access to US user data," Chew added. "The level of approval required is based on the sensitivity of the data according to the classification system."

Sal Rodriguez, who is currently a reporter for The Wall Street Journal, first reported for CNBC last year that ByteDance had access to US data and was closely involved in making decisions for TikTok.

A new light was shined on the privacy and security concerns after BuzzFeed News recently reported, based on audio of internal meetings it obtained, that ByteDance employees had repeatedly accessed US user data over at least a four-month period, and that US-based employees did not have permission to access it.

Advertisement

In a statement to BuzzFeed News for its report, a TikTok spokesperson said, in part: "We know we're among the most scrutinized platforms from a security standpoint, and we aim to remove any doubt about the security of US user data."

On the same day BuzzFeed News published its story, TikTok announced that "100% of US user traffic is being routed to Oracle Cloud Infrastructure," rather than being stored in its own data centers in the US and Singapore.

In the letter, Chew wrote that the BuzzFeed News report "contains allegations and insinuations that are incorrect and are not supported by facts."

After BuzzFeed News published its report, FCC commissioner Brendan Carr called on Apple and Google to remove TikTok from their app stores.

You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article