TikTok’s effort to hide US user data from ByteDance only focused on the ‘front door,’ ex-workers claim
In the face of a US ban, TikTok has publicly insisted that its American users’ data are walled off from its Chinese parent, ByteDance — but two former employees at the addictive social media site claim otherwise.
TikTok’s former head of security and engineering, Patrick Spaulding Ryan, told Fortune that the company failed to cut ties with ByteDance because of its complex computer structure that gave the parent company control over US TikTok staffers’ messaging and tech management software.
Ryan — who worked for TikTok in its Mountain View, Calif., offices from March 2020 to June 2022, according to his LinkedIn profile — said, “There’s a front door that everyone is looking at, but the way to access the network is through employees,” according to Fortune.
Another ex-TikTok worker — who spoke on condition of anonymity for fear of having the restricted stock units the person holds in the company seized — also threw doubt on the efficacy of TikTok’s so-called US Data Security team, or USDS, which was put into place to keep US user data hidden away, the outlet reported.
In a further effort to sequester the data, TikTok had its US staffers communicate via its own internal messaging system, called Lark, which was hosted in an Oracle data center along with the USDS in Virginia.
The system, however, wasn’t efficient for TikTok’s international workforce.
So US staffers rarely used Lark, instead communicating via ByteDance-developed Feishu, Ryan and the anonymous worker told Fortune.
“When [USDS] makes any decisions, they have to be in the Chinese corporate version of Lark or Feishu, as people want to call it,” the former TikTok worker said.
“That server is in China; it’s run by the Chinese,” the person added.
The allegations undermine TikTok’s claims that it keeps the data of its more than 170 million US users — most of whom are under 30 years of age — walled off.
In response to Ryan’s claims, a TikTok spokesperson also insisted to Fortune that all of TikTok’s user data were stored in systems based in Virginia and Singapore and away from China in 2022.
The rep declined to respond to allegations that some its enterprise stystems were hosted in China through at least 2022, Fortune reported.
“This reporting is inaccurate and is clearly driven by anonymous sources with a preconceived agenda,” the spokesperson added.
Start your day with the latest business news right at your fingertips
Subscribe to our daily Business Report newsletter!
Thanks for signing up!
Representatives for TikTok and ByteDance did not immediately respond to The Post’s request for comment.
US officials have warned that ByteDance’s confidential algorithms have allowed third parties in China to spy on American users, threatening national security.
Concerned users have also pointed to the app’s odd demands — such as its request for users to input their iPhone passwords to view content — as reason why TikTok may be spying on its US-based users.
President Biden has since signed an act that forces ByteDance to either sell its TikTok US business within the next year or face a nationwide ban.
In a statement posted to X following the ultimatum, TikTok once again called a ban “unconstitutional” and said that it would challenge the law in court.
“We believe the facts and the law are clearly on our side, and we will ultimately prevail. The fact is, we have invested billions of dollars to keep US data safe and our platform free from outside influence and manipulation,” the company added.