TikTok Responds To Allegations Of Unsecured User Data

TikTok claims statements made in the leak were misunderstood and explains the stringent security measures in place.

TikTok claimed that China-based employees were not able to access sensitive user data. TikTok’s CEO offered a solid defense to a news report claiming unsecure handling of sensitive U.S. user information. He also answered numerous questions from United States senators regarding who has access and control over TikTok China.

BuzzFeed published an article alleging that TikTok employees in China had full access to sensitive user information.

Nine senators from the United States wrote a letter asking for clarification in response to the news story. The CEO of TikTok was able to give a complete explanation.

TikTok claims statements made in the leak were misunderstood and explains the stringent security measures in place.  TikTok claimed that China-based employees were not able to access sensitive user data. TikTok's CEO offered a solid defense to a news report claiming unsecure handling of sensitive U.S. user information. He also answered numerous questions from United States senators regarding who has access and control over TikTok China. BuzzFeed published an article alleging that TikTok employees in China had full access to sensitive user information.  Nine senators from the United States wrote a letter asking for clarification in response to the news story. The CEO of TikTok was able to give a complete explanation.  Oversight Letter Nine Senators wrote TikTok to express concern about allegations that employees in China had access to user data. The letter contained eleven questions regarding user data. It asked whether TikTok had ever shared sensitive information with the Chinese government.  TikTok wrote: These findings have profound implications, but they are not surprising. They confirm what legislators have suspected for years about TikTok. TikTok's responses were in response to this letter.  TikTok Leak Out Of Context Shou Zi Chew (CEO of TikTok) wrote an answer for the senators. It was shared by the New York Times as a PDF. The CEO replied that TikTok had already met all requirements for U.S. data security and had completed all necessary steps to secure that data with two U.S. companies. Project Texas is the security initiative they are working with Oracle and Booz Alley. The CEO stated that Project Texas personnel work on different aspects of a project and do not know the full scope of the project. He claimed that workers were responsible for the leak because they were unaware of other aspects of the project.  According to TikTok's CEO: "Some people involved in these projects don't have complete visibility. They may focus on one task and not realize that it's part of a larger project or a test to confirm an assumption. This is the critical context in which the recordings were leaked to BuzzFeed. One thing they reported right was that the meetings supported Project Texas's goal to stop data access. The letter also reveals TikTok's confidential collaboration with the U.S. Government to secure data in a manner that keeps it all in the USA, with strict controls as to who has access.  He continued: "...circumstances require us to share some of this information publicly to correct any errors or misconceptions in the article and to address ongoing concerns about other aspects of our business. We recently reported that 100% of U.S. user information is now stored in the Oracle cloud. We are currently working with Oracle to implement new data security controls.  TikTok China-based Employee Information Access Contrary to sensational news reports, TikTok has already established strict rules for accessing user data under the control of the United States-based security department. Access to data by employees based in China: "Employees outside the U.S. can access TikTok U.S. user information subject to rigorous cybersecurity controls and authorization approval protocols monitored by our U.S. security team. TikTok also has an internal data classification process and approval process. This assigns access levels based on data classification and requires approvals to access U.S. user information. The classification system determines the degree of sensitivity. The CEO strongly denied that any Chinese government had access to user data from the United States or TikTok.  He wrote "...employees at Beijing Douyin Information Service Limited are not allowed to access the U.S. database. Beijing Douyin Information Service Limited, owned by the Chinese state, was acquired for 1 % to obtain a China news license. This was required for various content applications based in China such as Douyin or Toutiao. The Chinese government doesn't directly or indirectly have any authority to appoint members of the board or have other rights in relation to any ByteDance entity that is part of the TikTok chain of ownership and control.  TikTok Still Available On App Stores TikTok was still available to download from both Apple and Google's respective app stores as of the publication date of this article. This indicates that these companies are satisfied TikTok doesn't violate their terms of privacy for all apps in their respective app stores. TikTok stated in a previous statement that it had been working with Oracle on U.S. TikTok data security to ensure that all user traffic goes through Oracle's cloud infrastructure. The project to secure user data is still ongoing, it states.

Oversight Letter

Nine Senators wrote TikTok to express concern about allegations that employees in China had access to user data. The letter contained eleven questions regarding user data. It asked whether TikTok had ever shared sensitive information with the Chinese government.

TikTok wrote:

These findings have profound implications, but they are not surprising. They confirm what legislators have suspected for years about TikTok.

TikTok’s responses were in response to this letter.

TikTok Leak Out Of Context

Shou Zi Chew (CEO of TikTok) wrote an answer for the senators. It was shared by the New York Times as a PDF.

The CEO replied that TikTok had already met all requirements for U.S. data security and had completed all necessary steps to secure that data with two U.S. companies.

Project Texas is the security initiative they are working with Oracle and Booz Alley.

The CEO stated that Project Texas personnel work on different aspects of a project and do not know the full scope of the project.

He claimed that workers were responsible for the leak because they were unaware of other aspects of the project.

According to TikTok’s CEO:

“Some people involved in these projects don’t have complete visibility. They may focus on one task and not realize that it’s part of a larger project or a test to confirm an assumption.

This is the critical context in which the recordings were leaked to BuzzFeed. One thing they reported right was that the meetings supported Project Texas’s goal to stop data access.

The letter also reveals TikTok’s confidential collaboration with the U.S. Government to secure data in a manner that keeps it all in the USA, with strict controls as to who has access.

He continued:

“…circumstances require us to share some of this information publicly to correct any errors or misconceptions in the article and to address ongoing concerns about other aspects of our business.

We recently reported that 100% of U.S. user information is now stored in the Oracle cloud. We are currently working with Oracle to implement new data security controls.

TikTok China-based Employee Information Access

Contrary to sensational news reports, TikTok has already established strict rules for accessing user data under the control of the United States-based security department.

Access to data by employees based in China:

“Employees outside the U.S. can access TikTok U.S. user information subject to rigorous cybersecurity controls and authorization approval protocols monitored by our U.S. security team.

TikTok also has an internal data classification process and approval process. This assigns access levels based on data classification and requires approvals to access U.S. user information.

The classification system determines the degree of sensitivity.

The CEO strongly denied that any Chinese government had access to user data from the United States or TikTok.

He wrote

“…employees at Beijing Douyin Information Service Limited are not allowed to access the U.S. database.

Beijing Douyin Information Service Limited, owned by the Chinese state, was acquired for 1 % to obtain a China news license. This was required for various content applications based in China such as Douyin or Toutiao.

The Chinese government doesn’t directly or indirectly have any authority to appoint members of the board or have other rights in relation to any ByteDance entity that is part of the TikTok chain of ownership and control.

TikTok Still Available On App Stores

TikTok was still available to download from both Apple and Google’s respective app stores as of the publication date of this article. This indicates that these companies are satisfied TikTok doesn’t violate their terms of privacy for all apps in their respective app stores.

TikTok stated in a previous statement that it had been working with Oracle on U.S. TikTok data security to ensure that all user traffic goes through Oracle’s cloud infrastructure. The project to secure user data is still ongoing, it states.

- Advertisement -
Krishna Chaitanya
Krishna is a digital media strategist with experience in the media and publishing industries, He is also the lead marketing strategist for Hustle Chronicle. He is currently employed at Intentify Media & resides in India.

Latest articles

Related articles