Thursday a Forbes senior writer reported:
A China-based team at TikTok’s parent company, ByteDance, planned to use the TikTok app to monitor the personal location of some specific American citizens, according to materials reviewed by Forbes.
The team behind the monitoring project — ByteDance’s Internal Audit and Risk Control department — is led by Beijing-based executive Song Ye, who reports to ByteDance cofounder and CEO Rubo Liang. The team primarily conducts investigations into potential misconduct by current and former ByteDance employees. But in at least two cases, the Internal Audit team also planned to collect TikTok data about the location of a U.S. citizen who had never had an employment relationship with the company, the materials show.
It is unclear from the materials whether data about these Americans was actually collected; however, the plan was for a Beijing-based ByteDance team to obtain location data from U.S. users’ devices.
Challenging the article, TikTok responded on Twitter that their service “does not collect precise GPS location information from U.S. users, meaning TikTok could not monitor U.S. users in the way the article suggested.” But Forbes’ senior writer thinks that’s a misleading denial, writing on Twitter that “We never mentioned GPS in the story. In fact, we quoted their spokesperson saying they collect approximate location via IP address. Not using GPS does not mean they could not use that approximate location to monitor certain individuals.”
TikTok also acknowledged on Twitter that they do have a team that will “acquire information they need to conduct internal investigations of violations of the company codes of conduct,” but says the team follows a specific set of policies and processes “as is standard in companies across our industry.” In Forbes’ article, TikTok spokesperson Maureen Shanahan said that TikTok collects approximate location information (based on IP addresses) to “among other things, help show relevant content and ads to users, comply with applicable laws, and detect and prevent fraud and inauthentic behavior.”
But Forbes’ senior writer said in their article that “the material reviewed by Forbes indicates that ByteDance’s Internal Audit team was planning to use this location information to surveil individual American citizens, not to target ads or any of these other purposes.”
The Internal Audit and Risk Control team runs regular audits and investigations of TikTok and ByteDance employees, for infractions like conflicts of interest and misuse of company resources, and also for leaks of confidential information. Internal materials reviewed by Forbes show that senior executives, including TikTok CEO Shou Zi Chew, have ordered the team to investigate individual employees, and that it has investigated employees even after they left the company.
TikTok’s response on Twitter? Behavior like that would be a firing ofference. “Any use of internal audit resources as alleged by Forbes would be grounds for immediate dismissal of company personnel.”
TikTok also said on Twitter that their service “has never been used to ‘target’ any members of the U.S. government, activists, public figures or journalists, nor do we serve them a different content experience than other users.” The response of Forbes’ senior writer? “I’m glad they say TikTok hasn’t been used to ‘target’ some specific groups. I am nonetheless concerned that they planned to use it to monitor specific Americans, which is what we reported.
“Also, for what it’s worth, they didn’t answer this question when we asked it to them on Wednesday…. Neither TikTok nor ByteDance denied anything we reported, either in the pre-publication process, when we told them what we planned to report and asked for comment, or since then. They have also not requested a story update.”
Thanks to Slashdot reader koavf for submitting the story