The social media site TikTok is in hot water with the US government over the security of user data, and Australian data may also be less than secure.
Most important points:
- TikTok admitted to US senators that US user data was accessible in China
- The company has previously stated that some Australian data is kept on US servers
- Liberal Senator James Paterson wrote to TikTok to request information about Australian users’ data security
Some US senators have raised questions with the Chinese company regarding data security as the app undergoes a transition to a “new advanced data security controls” with a US server system, previously using servers in various regions, including China.
TikTok acknowledged that China-based employees “may access TikTok user data in the US, subject to a series of robust cybersecurity controls and authorization approval protocols overseen by our US-based security team.”
Marsha Blackburn, a Tennessee senator, said TikTok “should have been clear from the start, but instead tried to cover up their work in secret.” She said TikTok should “come back and testify before Congress.”
Australian users’ data is stored on servers in the US and Singapore, raising the question of whether that data is subject to the same security vulnerabilities.
Liberal Senator James Paterson has publicly presented it to TikTok to allay those concerns.
“Australian TikTok users deserve to know if their private data is equally exposed,” Paterson wrote on Twitter.
He asked whether Australian data can be accessed, or has previously been accessed by employees based in China, and on what grounds the social media company could refuse a request for data from the Chinese government.
Loading
Senator Paterson referred to a 2020 letter from TikTok to the Australian Parliament, in which TikTok’s public policy director assured the previous government that it would not bow to such a request from Beijing.
TikTok, owned by Chinese technology conglomerate ByteDance, is one of the world’s most popular social media apps, with more than 1 billion active users worldwide. It considers the United States to be its largest market.
More than 7 million Australians spend time on TikTok and scroll through the site for a year, according to a February report on average almost 24 hours a month†
Shared algorithms
It is not the first time TikTok has admitted that employees in China have access to US user data.
In a 2020 blog post, Roland Cloutier, TikTok’s Chief Information Security Officer, said, “Our goal is to minimize access to data across regions so that, for example, employees in the APAC region, including China, have very minimal access to user data from the EU and US.”
A BuzzFeed story in June showed that ByteDance engineers in China had access to US data between September 2021 and January 2022.
The letter to Congress also stated, “ByteDance has developed the algorithms for both Douyin and TikTok, so some of the same underlying basic technology building blocks are used by both products.”
TikTok is known as Douyin in China. But TikTok’s business logic, algorithm, integration and implementation of systems is specific to the TikTok application and separate from Douyin, the letter said.
Reuters previously reported that while the code for the app, which defines TikTok’s appearance, is separate from Douyin, the server code was still partially shared with other ByteDance products. The server code provides basic functionality of the apps such as data storage, content moderation and recommendation algorithms, and user profile management.
The Chinese government took a stake and a board seat in a major ByteDance entity in 2021.
TikTok explained in its letter to US senators that the 1 percent acquisition of Beijing Douyin Information Service Ltd was necessary to obtain a news license in China.
ABC/Reuters
#Australian #user #data #security #question #TikTok #admits #data #accessible #China