US investigates TikTok owner ByteDance’s surveillance of journalists

  News
image_pdfimage_print
A large TikTok logo displayed at a game conference.
Getty Images | Chesnot

New reports say the US Justice Department is investigating TikTok-owner ByteDance over recent revelations that employees tracked journalists in an attempt to find out who leaked company data to the press.

The Justice Department and US Attorney in the Eastern District of Virginia “subpoenaed information from ByteDance regarding efforts by its employees to access US journalists’ location information or other private user data using the TikTok app,” Forbes reported yesterday. “According to two sources, the FBI has been conducting interviews related to the surveillance.”

The investigation was also confirmed today in New York Times and Wall Street Journal articles citing anonymous sources. The investigation reportedly began in December. ByteDance is based in China, and TikTok is facing the possibility of being banned in the US if it doesn’t sever ties with its China-based owners.

“We have strongly condemned the actions of the individuals found to have been involved, and they are no longer employed at ByteDance,” the company told Forbes this week. “Our internal investigation is still ongoing, and we will cooperate with any official investigations when brought to us.”

Surveillance targeted US and UK journalists

ByteDance’s internal investigation, which was triggered by news reports detailing the surveillance, “found that employees tracked multiple journalists covering the company, improperly gaining access to their IP addresses and user data in an attempt to identify whether they had been in the same locales as ByteDance employees,” Forbes wrote in December, adding:

The investigation, internally known as Project Raven, began this summer after BuzzFeed News published a story revealing that China-based ByteDance employees had repeatedly accessed US user data, based on more than 80 hours of audio recordings of internal TikTok meetings. According to internal ByteDance documents reviewed by Forbes, Project Raven involved the company’s Chief Security and Privacy Office, was known to TikTok’s Head of Global Legal Compliance, and was approved by ByteDance employees in China. It tracked Emily Baker-White, Katharine Schwab and Richard Nieva, three Forbes journalists that formerly worked at BuzzFeed News.

The surveillance campaign “was designed to unearth the source of leaks inside the company following a drumbeat of stories exposing the company’s ongoing links to China,” Forbes wrote. The report said that ByteDance chief internal auditor Chris Lepitak was fired, while the China-based executive Lepitak reported to, Song Ye, resigned.

A Financial Times reporter was also reportedly targeted by the company’s surveillance. “Two members of staff in the US and two in China gained access to the IP addresses and other personal data of FT journalist Cristina Criddle, to work out if she was in the proximity of any ByteDance employees, the company said. However, the company failed to find any leaks,” the FT wrote in December.

Criddle wrote articles “revealing that dozens of staff had left TikTok’s London office and that some had worked 12-hour days or had been demoted after taking time off,” the FT wrote.

TikTok has said it would restructure the Internal Audit and Risk Control department and that it removed all user data access and permissions for the department. We contacted ByteDance today and will update this article if the company provides any further comment.

https://arstechnica.com/?p=1925004