TikTok's parent company ByteDance has been busted for using TikTok's location data to plan to spy on US citizens' physical locations.
According to newly surfaced documents obtained by Forbes, a team of Chinese-based members of ByteDance have been caught planning to spy on American citizens using TikTok's location data, which the company claims is only used to show relevant content and necessary advertising to users of the app.
Forbes reports that the team was going to use TikTok's location data to monitor the personal locations of specific Americans and that the team behind the project is ByteDance's Internal Audit and Risk Control department, which is led by Beijing-based executive Song Ye, who reports directly to ByteDance's cofounder and CEO Rubo Liang. Notably, the Internal Audit team primarily conducts investigations into former employees that have potentially performed misconduct at the company.
The obtained materials revealed two cases where the Internal Audit team was planning on collecting location information on a US citizen that didn't work at the company, or had any prior relationship with it. Additionally, the team was planning on gathering location data by scraping the US citizen's device. Forbes reports that materials didn't reveal who these Americans were.
A TikTok spokesperson informed Forbes that the company only collects location information via IP addresses to show relevant content, advertisements, and "comply with applicable laws, and detect and prevent fraud and inauthentic behavior." However, Forbes states that the material it obtained directly indicated that the Internal Audit team was planning on using the location data for surveillance and not the aforementioned reasons by the TikTok spokesperson.
Furthermore, the publication asked ByteDance and TikTok if its Internal Audit team has previously or is using its apps location data to target US government officials, activists, public figures, or journalists. Both TikTok and ByteDance chose not to answer this question.
Moreover, TikTok is currently in talks with the Treasury Department's Committee on Foreign Investment in the United States (CFIUS), which evaluates national security risks by foreign companies. The CFIUS is investigating if the Chinese-owned app would allow the Chinese government to access the personal data of US citizens that are using the app. A report such as this one certainly throws a spanner in those talks.
"Like most companies our size, we have an internal audit function responsible for objectively auditing and evaluating the company and our employees' adherence to our codes of conduct. This team provides its recommendations to the leadership team," said ByteDance spokesperson Jennifer Banks.