Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Privacy

US Senators Call for Close Look at TikTok

Leaders of the US Senate Intelligence Committee on Tuesday called for an investigation into whether Chinese officials are getting access to data about US users of video-snippet sharing sensation TikTok.

Leaders of the US Senate Intelligence Committee on Tuesday called for an investigation into whether Chinese officials are getting access to data about US users of video-snippet sharing sensation TikTok.

In a letter to Federal Trade Commission (FTC) chairwoman Lina Khan, the senators urged her to scrutinize how well TikTok safeguards private data.

“We write in response to public reports that individuals in the People’s Republic of China have been accessing data on US users, in contravention of several public representations,” the letter said.

TikTok has consistently defended itself against such accusations, saying it gives no data about US users to the Chinese government despite its parent company, ByteDance, being based in China.

“We’ve talked openly about our work to limit access to user data across regions, and in our letter to senators last week we were clear about our progress in limiting access even further through our work with Oracle,” a TikTok spokesperson said in response to an AFP inquiry.

“As we’ve said repeatedly, TikTok has never shared US user data with the Chinese government, nor would we if asked.”

In response to earlier inquiries from US authorities, TikTok had indicated in mid-June that all of its data on US-based users were now stored on US-based servers operated by US company Oracle.

TikTok last week responded by letter to questions from nine Republican senators about its data storage and access policies.

In that letter, TikTok confirmed claims made in a BuzzFeed article that employees based in China had access to US users’ data, but only within “robust cybersecurity controls and authorization approval protocols” overseen by the company’s “U.S.-based security team.”

TikTok officials also said that while ByteDance engineers could work on the platform’s algorithms, the new protocol ensures that they can only do so in Oracle’s computing environment, without extracting data from it.

The popular social media platform is currently being evaluated by the Committee on Foreign Investment in the United States, an inter-agency government review board that assesses risks of foreign investments on US national security.

During his White House tenure, former president Donald Trump was concerned about the security of the platform’s data and tried to force ByteDance to sell its subsidiary to Oracle.

He also issued executive orders to outright ban the service in the United States, but those never came into force and were later revoked by his successor, Joe Biden.

President Biden has nonetheless tasked his administration with measuring the possible risks associated with foreign ownership of social media websites and apps.

ReadChina’s TikTok Lures ADP Security Chief to Become New CISO

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Cyberwarfare

U.S. fighter jets successfully shot down the high altitude spy balloon launched by and belonging to China.

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Compliance

The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Privacy

Meta was fined an additional $5.9 million for violating EU data protection regulations with WhatsApp messaging app.

Privacy

The EU's digital policy chief warned TikTok’s boss that the social media app must fall in line with tough new rules for online platforms...

Cloud Security

AWS has announced that server-side encryption (SSE-S3) is now enabled by default for all Simple Storage Service (S3) buckets.

Mobile & Wireless

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for...

Cyberwarfare

The U.S. is tracking a suspected Chinese spy balloon spotted over U.S. airspace, officials said on Feb. 2, 2023.