
TikTok Confirms Some China-Based Employees Can Access US User Data (bloomberg.com) 39
TikTok, the viral video-sharing app owned by China's ByteDance, said certain employees outside the US can access information from American users, stoking further criticism from lawmakers who have raised alarms about the social network's data-sharing practices. From a report: The company's admission came in a letter to nine US senators who accused TikTok and its parent of monitoring US citizens and demanded answers on what's becoming a familiar line of questioning for the company: Do China-based employees have access to US users' data? What role do those employees play in shaping TikTok's algorithm? Is any of that information shared with the Chinese government?
Currently, China-based employees who clear a number of internal security protocols can access certain information on TikTok's US users, including public videos and comments, TikTok Chief Executive Officer Shou Zi Chew said in the June 30 letter obtained by Bloomberg News. None of that information is shared with the Chinese government, and it is subject to "robust cybersecurity controls," he said. The social network said it's working with the US government on strengthening data security around that information -- particularly anything defined as "protected" by the Committee on Foreign Investment in the US, or CFIUS.
Currently, China-based employees who clear a number of internal security protocols can access certain information on TikTok's US users, including public videos and comments, TikTok Chief Executive Officer Shou Zi Chew said in the June 30 letter obtained by Bloomberg News. None of that information is shared with the Chinese government, and it is subject to "robust cybersecurity controls," he said. The social network said it's working with the US government on strengthening data security around that information -- particularly anything defined as "protected" by the Committee on Foreign Investment in the US, or CFIUS.
Re: Oh dear. China knows who likes watching cat v (Score:2)
Everyone that do tracking of users are doing it for evil purposes.
Re: Oh dear. China knows who likes watching cat v (Score:2)
I really hate this sock puppet. This guy is a conservative Republican and he blames TikTok for military personnel recording TikTok videos on military bases... These people have no idea how absurd they sound, like military should be regularly taught, drilled, and reprimanded in regards of infosec... The risk that data poses can equally be obtained by hacking. I got a far easier solution for you, "Hey Jarhead, stop posting on social media when you are deployed." There are other fixes too but I know you don't
Overlooking the obvious. (Score:2, Informative)
I am not seeing any problem here.
The problem is that it collects GPS and biometric information. GPS data alone is a threat because if you know the address of a target (e.g. from OPM breach) then you can identify which user(s) live in the same house. It would be trivial for the CCP to identify targets and use TikTok as a relay to move laterally and access their home network. This is all that you really need to start stealing secrets for defense contractors.
Harvesting biometric data may not be immediately useful but it will become useful i
Re: (Score:1)
If you work in the government, etc. then ban the app, if not who the fuck cares what people decide to install on their own phone.
Re: (Score:2, Informative)
If you work in the government, etc. then ban the app, if not who the fuck cares what people decide to install on their own phone.
It's not that simple: these data points don't live in a vacuum. Let's say A is a person of interest, but doesn't have it installed, but others he knows, call them B, C and D - do have the app installed. With the app's "lateral hoovering", they can pick up the relationships of B,C and D to A. Facebook does this already.
Re: (Score:2)
I am not seeing any problem here.
The problem is that it collects GPS and biometric information. ...
If only there was a way to not use TikTok ...
Re: (Score:2)
If only there was a way to not use TikTok ...
Do you think children give a shit about any of this? If you do then obviously don't understand children.
Re: (Score:3)
Re: (Score:2)
It amazes me how so many people simply can't connect the dots and see why harvesting information, ANY information, is completely wrong. "So what, I have nothing to hide" completely misses the point. If you feel that way then I invite you to let total strangers come into your house and rummage through your underwear drawer. You have nothing to hide, right?
Of course it's wrong. But its how the intertoobz works, so use or do not use.
Re: (Score:2)
I like the FP, but it's kind of naive. I can explain your "any problem" in one word:
Projection.
They know how they are abusing our personal information. Not sure where it goes from there, though I suspect they are doing scary things with our personal data and they are terrified that the Chinese authoritarians will do things that are at least as bad. Or it might be the money, as in they have been stealing it (by using our personal information) and don't want to share any of the loot with the Chinese.
Let me be
They better be, or they aren't doing their job (Score:2)
> I suspect they are doing scary things with our personal data and they are terrified that the Chinese authoritarians will do things that are at least as bad.
The Chinese intelligence agencies had better be doing things that should scare us. That's their fucking job. If they aren't doing "scary things" they should be fired.
> But I'm saying we are throwing stones from a glass house.
You're suggesting that instead of building a brick house (protecting ourselves), we should step outside so it's easier for
Re: (Score:2)
Not at all, and your tone suggests it's pointless to point that out. You evidently believe what you want to believe (which is only too normal) and therefore you find the evidence wherever you want to. Even in things I did NOT write. My skeptical attitude, even toward my own beliefs, is the aberration.
But since you seem to want to focus on "defense", I feel like citing Richard Clarke's excellent book again. Dated, but still sound. As I recall it after some years, he basically considers three dimensions, offe
Re: (Score:2)
I may have completely misread your post.
I had thought it was one of those "the US shouldn't complain (mention) about attacks by China, because the US spies on the Chinese government".
That is of course, stupid - you should DEFINITELY take note of who is punching at you, while you punch back.
> Short capsule is that the US is dangerously vulnerable and China clearly wants to be the leader in every defensive category while also balancing concerns about vulnerabilities. As of the time of that book, it seemed
Re: (Score:2)
I wish I had time for a more substantive response, but I can definitely say that you have apparently misunderstood my position. As I've written in a number of comments going back some years, I don't trust the Chinese makers more than anyone else, but I think they might be under greater scrutiny from actual security experts of every stripe, and I sort of count that in their favor.
But I have to strongly disagree with your depiction of the US "offensive" focus as "gathering government and military intelligence
Re: (Score:2)
> I wish I had time for a more substantive response,
Proceeds to write something more substantive than anything we've seen from the last couple US presidents. :)
> However, if you take "US" in a broad sense including American companies, then I would argue that the Chinese look like minor league players when it comes to abusing personal information.
Certainly a some large US companies make use of a lot of data for ADVERTISING, for trying to sell stuff. I'm not sure if that's what you have in mind.
Trying t
Re: (Score:2)
On the one hand I resent being accused of substance, but on the other hand you are opening cans of worms faster than a hungry spider with eight can openers. (A worm-eating spider?)
On the third hand, I just got a relevant joke. He described the three legs of the American disease as healthcare, guns, and college athletics.
On the fourth hand (the only one that might be holding a bit of substance just now), I think you're suffering from too much both-sides-ism. There really are differences, but it's a different
Re: (Score:2)
I am not seeing any problem here. If they want to waste their time knowing who likes cats and what the latest goofy dance moves are, I say we give them all of it, by force if necessary.
Youtube people are having a blast reacting/commenting about the TikTok the ladies that are having cringy "where have all the good men gone?" rants as well.
Nothing like watching and listening to a woman with facial and neck tattoos and a 3 figure body count and F-bombing every third word, wondering why she can't find a millionaire to wife her up.
I'd miss that if it went away.
Ya think? (Score:2)
Fell for it. Tricky, I know. (Score:3)
"including public posts ...."
Including.
As in that's ONE of the things they have access to. Along with real time GPS location information, home wifi id for correlation, etc.
It's a Clintonian answer. "Does Chinese government and employees have access to personal information?" "They have access to some things INCLUDING public ..." Kinda like "the January 6th folks did some things, INCLUDING taking selfies at the capital". Or "my interactions with Paula Jones included asking her if she had enjoyed the party"
Re: (Score:2)
> "Beyond" or "besides" would have been used if they were conveying the message you suggest.
That would be if they were trying to be transparent, clear. I don't think you're understanding; they aren't TRYING to be clear.
It's like saying "I didn't sleep with Monica Lewinsky", and grinning because it's "true" - there wasn't any sleeping going on.
It's technically true that what they have access to INCLUDES the things the public has access to. What they are carefully NOT saying is what else is included.
Yeah, right (Score:2)
The social network said it's working with the US government on strengthening data security around that information
Good luck with that. We can't even get Facebook to keep our personal data secure.
Re: (Score:2)
Left over blow back... (Score:1, Troll)
I imagine TikTok collects the same information that Facebook, Twitter, etc... collect and they all probably have the same access to that data, even if they're "not suppose to". As others have pointed out -- big deal. /sarcasm
I also imagine the (initial) focus on TikTok stems from their U.S. users trolling at least one Trump rally in 2020 by requesting thousands of tickets and never using them. From Trump's campaign was trolled by TikTok users in Tulsa [cnn.com] -- and other sources, Google tiktok trump rally [google.com]:
A coordinated effort was underway on TikTok in the days leading up to Trump's Saturday rally, encouraging people to register online for the free event and not show up.
*S
No, that was at the end, not the beginning (Score:2)
Chuck Schumer (top *Democrat* in the Senate) initiated the CFIUS investigation into the Tiktok acquisition in February of 2020, months before that rally. The president was then required by law to either sign or decline the CFIUS recommendation
If your media is telling you it came to Trump because of a rally, your media is lying to you. Of course maybe you already know that and you just enjoy the lies.
ABC and BBC are somewhat reasonable sources if you want actual news, as opposed to pure propaganda.
Some... (Score:2)
(chuckles)
DOJ's plea to Apple & Google ignored (Score:2)
Tiktok will stay a mystery to me. (Score:2)