ByteDance, the Chinese parent company behind the popular video-sharing platform TikTok, on Thursday, admitted that four of its TikTok employees had inappropriately gained access to TikTok data of some U.S. users, including journalists.
The data that was accessed by these employees this summer was part of an unsuccessful attempt to find the suspected leaks of internal conversations and other communications to outside journalists.
RELATED: Best Alternatives To TikTok
According to internal emails reviewed by The New York Times, the four ByteDance employees โ two U.S. based and the other two based in China, who were found guilty have been fired for taking part in the scheme. The companyโs investigation was led by an outside law firm.
The Times noted that the two reporters whose data was accessed were of a former BuzzFeed reporter and a Financial Times reporter. Not just this, but a small number of people who were connected to the two reporters were also targeted.
โThe individuals looked at the IP addresses of the journalists to try to determine if they were in the same location as the employees suspected of leaking confidential information, notwithstanding the fact that IP addresses would only yield approximate location information,โ said the internal email from TikTok general counsel Erich Andersen.
โNot surprisingly, their ill-considered efforts did not result in identifying the sources of the leaks. Nonetheless, their access to user data in connection with these efforts was a significant violation of the companyโs Code of Conduct.โ
ByteDance reportedly said it is restructuring its Internal Audit and Risk Control (IARC), as well as removing all user data access and permissions for the IARC department.
Liang Rubo, ByteDanceโs Chief Executive, said that he was โdeeply disappointedโ in the findings.
โThe public trust that we have spent huge efforts building is going to be significantly undermined by the misconduct of a few individuals,โ Liang wrote to employees in the email.
A TikTok spokesperson called it “an egregious misuse of their authority to obtain access to user data” by the now-terminated employees.
“The misconduct of certain individuals, who are no longer employed at ByteDance, was an egregious misuse of their authority to obtain access to user data. This misbehavior is unacceptable, and not in line with our efforts across TikTok to earn the trust of our users,โ the spokesperson told in a statement.
โWe take data security incredibly seriously, and we will continue to enhance our access protocols, which have already been significantly improved and hardened since this incident took place.โ
In a separate email to its employees, TikTok CEO Shou Zi Chew referred to the incident as โthe poorly conceived acts of a few peopleโ and said that the misconduct was inconsistent with the short video appโs values.
Earlier this October, TikTok had strongly denied a story by Forbes that ByteDance had planned to use the platform to collect approximate locations of specific American citizens by using IP addresses. ByteDanceโs investigation, which was a result of this report, ultimately led to the firing of the four employees.
The revelation comes at a time when U.S. lawmakers are taking measures to restrictย TikTok over national security concerns, including banning from all government devices, as they are worried it may be used as a spy tool by China or to influence U.S. citizens. Even MPs from both the U.S. parties have introduced billsย to ban the short video app.
