A TikTok executive declined on Sept. 14 to make a commitment that the hugely popular short-video app would cut off flows of Americans’ data to China, during the first U.S. Senate hearing since recent reports on the company’s connections to the regime in Beijing.
TikTok Chief Operating Officer Vanessa Pappas, along with executives from other U.S. big tech companies, testified before the Senate Homeland Security Committee. During the hearing, Pappas faced a barrage of questions regarding Tiktok’s ties to Beijing and the potential for U.S. users’ data to be obtained by the Chinese Communist Party (CCP), which has become a bipartisan concern.
“Will TikTok commit to cutting off all data and data flows to China, China-based TikTok employees, ByteDance employees, or any other party in China that might have the capability to access information on U.S. users?” Sen. Rob Portman (R-Ohio), the panel’s top Republican, asked.
The short-video app, which the Republican senator says nearly half of American teens are using, was founded by and is owned by ByteDance, a Beijing-based tech giant. The ties have drawn concerns in the United States and elsewhere over whether its data can be accessed by the CCP, given that its laws compel companies to cooperate with security agencies when asked.
“TikTok does not operate in China,” Pappas said, a reply she repeated more than once during the hearing.
Pressed by Portman about TikTok’s structure, Pappas said, “We do have employees based in China.”
“We also have very strict access controls around the type of data that they can access and where that data is stored, which is here in the United States,” she added. “We’ve also said under no circumstances would we give that data to China.”
The hearing occurred amid renewed scrutiny of the app about its ties to the CCP after a June report by BuzzFeed News. Between at least September 2021 and January, ByteDance engineers in China had access to nonpublic data of TikTok’s U.S. users, according to leaked recordings of 80 internal meetings cited by BuzzFeed News. In addition, TikTok employees at times had to turn to their colleagues in China to determine how U.S. data was flowing, which the U.S. staff weren’t authorized to independently access, the report said.
“Everything is seen in China,” a member of TikTok’s Trust and Safety department said in a September 2021 meeting, according to the report. The same month, a director addressed a Beijing-based engineer as a “Master Admin” with “access to everything.”
Asked by Portman about the report on Sept. 14, Pappas said, “Those allegations were not found.”
“There was talk of a master account, which does not exist at our company,” she added.
Still, the latest revelations have renewed concern among U.S. lawmakers. Sens. Mark Warner (D-Va.) and Marco Rubio (R-Fla.), the chairman and ranking Republican, respectively, on the Senate Intelligence Committee, urged the Federal Trade Commission to open a formal investigation. Rep. Lee Zeldin (R-N.Y.) and some other House members have questioned the authenticity of the company’s testimony during committee hearings.
Brendan Carr, the senior Republican commissioner on the Federal Communications Commission, sent a letter to call for Apple and Alphabet to remove TikTok from their app stores.
Accessibility of US Users’ Data in China Is ‘a Problem’
Amid the rising concerns, Portman made the request—more than twice—whether Tiktok would commit to “cutting off all data and metadata flows to China.” But the representative of TikTok appeared unwilling to answer it directly.
“Again, we take this incredibly seriously in terms of upholding trust with U.S. citizens and ensuring the safety of U.S. user data,” Pappas stated. “As it relates to access and controls, we are going to be going above and beyond in leading initiative efforts with our partner, Oracle, and also to the satisfaction of the U.S. government through our work with CFIUS [the Committee on Foreign Investment in the United States], which we do hope to share more information on.”
Following her answers, Portman pressed again on whether she could make a clear commitment.
“What I can commit to is that our final agreement with the U.S. government will satisfy all national security concerns,” Pappas said.
Concerns over potential CCP access to the data of Americans prompted the Trump administration to ban the social media app. According to an executive order issued by then-President Donald Trump in August 2020, TikTok’s capture of vast swaths of Americans’ data “threatens to allow the Chinese Communist Party access to Americans’ personal and proprietary information—potentially allowing China to track the locations of Federal employees and contractors, build dossiers of personal information for blackmail, and conduct corporate espionage.”
But the former president’s order has since been stalled by several lawsuits and court orders. In June 2021, President Joe Biden revoked the executive order, instead directing the Commerce Department to evaluate the platform to determine whether it poses a national security risk.
“I’m concerned you’re not able to answer this question, except to say that you will not make the commitment to cutting off this data to China,” Portman said. “We think that all data collected relating to Americans and then accessed in China is a problem. We think we should be safe from exploitation by the Chinese Communist Party.”
China-Based Engineers and CCP Ties
In a heated exchange later, Pappas encountered stern questioning from Sen. Josh Hawley (R-Mo.) regarding TikTok’s ties with the CCP.
Pappas confirmed that the tech company had never handed any data to the Chinese authorities or the CCP, although she said that TikTok does have China-based engineers who can access U.S. users’ data.
“Do any TikTok employees based in China have access to U.S. user data?” Hawley asked.
“As we have publicly said, yes, we have engineers in China,” Pappas said, adding there are strict controls around who and how the data can be accessed.
Hawley then asked if any of these China-based employees, who have access to Americans’ data, were members of the CCP.
Pappas appeared to dodge the question, insisting that the app’s U.S. users’ data are stored in servers in the country. TikTok said in June that it was migrating all U.S. user traffic to Oracle servers in the United States. It added that it would continue to use its U.S. and Singapore data centers for backup storage, but it expects to delete U.S. users’ data from those sites over time.
“And again, as a global technology platform, there is no other company that could make that assertion, either,” she replied to Hawley.
“Your company has a lot to hide,” the Republican senator said. “You’re a walking security nightmare, and for every American who uses this app, I’m concerned.”
Eva Fu and Cathy He contributed to the report.