Digital rights campaigners have attacked Chinese-owned TikTok as “dangerous” in the wake of revelations that the app’s parent company inappropriately accessed data from journalists, as support grows for legislation to ban the platform in the US.
ByteDance has sacked four employees who obtained personal data from two journalists who reported on TikTok following an internal investigation, according to a spokesperson for the company.
The employees are suspected of attempting to use data from the journalists’ accounts to establish what sources they were speaking to inside the company.
The company had previously denied the allegations. TikTok chief executive, Shou Zi Chew, said: “This misconduct is not at all representative of what I know our company’s principles to be.”
London-based non-governmental organisation, Privacy International, said the problem was deeper. “Targeting journalists for corporate self interest says something dark about the character of the organisation,” a spokesperson told i.
“Companies too often claim, when they get caught, that it was errant staff that created the problem.” The spokesperson added: “It’s their business model at the heart of this problem. We can only hope this heralds the ending of an era.
“For too long companies like ByteDance that amass mounds of data are celebrated as ‘innovative’. Mass data accumulation isn’t innovation, it’s downright dangerous. Huge datasets are ripe for exploitation.”
One of the journalists targeted, Emily Baker-White of Forbes, said TikTok had “confirmed what it weakly tried to deny in October: that ByteDance targeted and tracked me and my colleagues to thwart our reporting.”
The other journalist targeted was Christina Criddle, a British tech reporter for the Financial Times.
British MPs called for action following the revelations. “As TikTok uses location to spy on journalists, they can spy on us all so we all need protection,” said Labour’s Geraint Davies.
Former Conservative leader Iain Duncan Smith said the network was being used to “spy on reporters”.
The scandal is likely to fuel support for a bill to ban TikTok in the US, introduced by Republican Senator Marco Rubio, who alleged it could be used as a tool by China’s ruling Communist Party.
“Beijing could… collect sensitive national security information from US government employees and develop profiles on millions of Americans to use for blackmail or espionage,” he warned in a recent article for The Washington Post.
Corin Faife, a privacy and cybersecurity specialist at Cornell Tech university in New York, suggests the scandal reflects industry-wide issues.
“The latest revelations about TikTok are worrying, especially in light of US security concerns regarding the company, but we need to recognize that they fit into a bigger pattern of privacy violations committed by the employees of social media companies,” he says.
“In the past, Facebook has also fired employees who used privileged account access to stalk users of the platform, while Twitter previously found that contractors had tracked the location data of celebrities including Beyoncé.”
“The simple fact is that the more data that’s collected by these companies, and the larger the number of employees who can access it, then the higher the risk of abuse somewhere along the line,” Mr Faife added.
“The solution is to deploy strong internal controls limiting what data employees can access at any given time – and ideally to protect user privacy by reducing the volume of data collected overall. Failing that, we’re sure to see more situations like this in the future.”