TikTok Whistleblower Says US Data Can Easily Be Accessed From China: Sen. Hawley

TikTok Whistleblower Says US Data Can Easily Be Accessed From China: Sen. Hawley
A man wears a shirt promoting TikTok at an Apple store in Beijing, China, on July 17, 2020. Ng Han Guan/AP Photo
Eva Fu
Updated:
0:00

Sen. Josh Hawley (R-Mo.) is pressing the U.S. Treasury Department to conduct a thorough review of new whistleblower allegations regarding the Chinese-owned video app TikTok that were recently brought to his attention.

Hawley said that a TikTok whistleblower has come to him with direct knowledge that the app’s access controls might be weaker than previously suggested. The allegations are “deeply concerning” and appear to contradict public statements from senior executives of TikTok and its Beijing-based parent company, ByteDance, over the handling of U.S. users’ data, he said in a letter dated March 8 to Secretary of the Treasury Janet Yellen.

Revelations from leaked recordings that engineers in China had repeatedly accessed the platform’s U.S. data as of January 2022 have raised bipartisan concerns in Congress.
While TikTok’s Chief Operating Officer Vanessa Pappas testified to senators in September 2022 that TikTok has “strict controls in terms of who and how our data is accessed” and vowed that “under no circumstances would we give that data to China,” the whistleblower described the access controls as “superficial” at best, if they exist at all, according to Hawley.

TikTok and ByteDance employees can “switch between Chinese and U.S. data with nothing more than the click of a button using a proprietary tool called Dorado,” Hawley said, citing the whistleblower, who likened it to a “light switch.”

Another tool the whistleblower cited is called Aeolus, which he said allows a China-based employee to access U.S. data with authorization from a manager and a dataset owner.

“I have seen first-hand China-based engineers flipping over to non-China datasets and creating scheduled tasks to backup, aggregate, and analyze data,” the person told Hawley’s office, according to the letter.

The whistleblower also described close coordination between TikTok and ByteDance, both of which he said “rely on proprietary software they engineered in China, thereby reducing foreign scrutiny and enabling Chinese engineers to insert software backdoors,” Hawley wrote in the letter.

“TikTok and ByteDance are functionally the same company. They use the same data analysis tools and chat apps, and managers are in constant contact,” Hawley cited the whistleblower as saying.

‘Highly Disturbing Allegations’

Sen. Josh Hawley (R-Mo.) delivers remarks during the Senate Judiciary Committee confirmation hearing for Supreme Court nominee Judge Ketanji Brown Jackson in Washington, on March 21, 2022. (Drew Angerer/Getty Images)
Sen. Josh Hawley (R-Mo.) delivers remarks during the Senate Judiciary Committee confirmation hearing for Supreme Court nominee Judge Ketanji Brown Jackson in Washington, on March 21, 2022. Drew Angerer/Getty Images

Hawley sees the “highly disturbing allegations” as the latest reason for a complete purge of TikTok from the United States, which is most popular among American teens.

“Despite TikTok’s many reassurances that members of the Chinese Communist Party do not have access to U.S. data, it seems more and more likely that they do,” he wrote.

He requested Yellen provide information on what TikTok has shared with the foreign transaction review panel—the Committee on Foreign Investment in the United States (CFIUS)—that she chairs regarding its software tools, dataset facilities, internal products, the declared access ability for TikTok staff in China through these tools, and the internal approval process that CFIUS is aware of.

A TikTok spokesperson told The Epoch Times that the whistleblower “appears to be misinformed.”

“The tools described in Sen. Hawley’s letter are primarily analytic tools—they don’t independently grant direct access to data,” the spokesperson said. “All access to U.S. user data is managed in the United States by [TikTok] U.S. Data Security, and can only leave the Oracle cloud environment under limited, monitored circumstances as described in our proposed agreement with CFIUS.”

TikTok said “it is standard for tech companies to engineer their own tools and services to meet internal business needs” and that “none of those tools are typically scrutinized externally.”

In a bid to remain in the United States, TikTok has been working on a program called “Project Texas” by partnering with U.S. computing giant Oracle, whose cloud infrastructure will host TikTok’s U.S. data. The company assured that “every line of code will be inspected, tested, and vetted by multiple third parties specifically to ensure that there are no back doors.”

The push to ban TikTok, which has more than 113 million U.S. users each month, has been gaining momentum in the United States and elsewhere, at a time when threats stemming from Beijing’s global ambitions to challenge the liberal democratic world order are drawing broader concern.

Action in Congress

On March 1, the House Foreign Affairs Committee voted to advance legislation targeting TikTok.

“Anyone with TikTok downloaded on their device has given the CCP [Chinese Communist Party] a backdoor to all their personal information. It’s a spy balloon into your phone,” Rep. Michael McCaul (R-Texas), the committee chairman who introduced the proposal, told The Epoch Times’ sister outlet NTD.

More than half of U.S. states have moved to ban TikTok from government devices. The measure is also enforced on a federal level under part of a $1.65 trillion spending bill passed in December 2022.

During a Senate Select Committee on Intelligence hearing on March 8, FBI Director Christopher Wray reaffirmed that TikTok poses national security and privacy concerns and could be used as a tool by the CCP to manipulate the thinking of millions in America.

However, Wray said it could be difficult to “see many of the outward signs of it happening if it was happening,” when asked by committee Vice Chairman Sen. Marco Rubio (R-Fla.) about whether the regime in Beijing could use the app to sow public discord and promote certain narratives.

“I think the most fundamental piece that cuts across every one of those risks and threats that you mentioned, that I think Americans need to understand, is that something that’s very sacred in our country: the difference between the private sector and the public sector,“ Wray said. ”That’s a line that is nonexistent in the way the CCP operates.”

Eva Fu
Eva Fu
Reporter
Eva Fu is a New York-based writer for The Epoch Times focusing on U.S. politics, U.S.-China relations, religious freedom, and human rights. Contact Eva at [email protected]
twitter
Related Topics