As TikTok validates its agreement with the Texan Oracle by starting to migrate American user data to its servers, an article reveals that ByteDance’s Chinese engineers are accessing all the data concerning them.
What timing! While TikTok announced at the very end of last week that it had started hosting the data of American users of the platform at Oracle, an article by BuzzFeed News reveals that Chinese employees of ByteDance regularly access this same data.
No room for doubt
The writing of BuzzFeed has obtained recordings of presentations and internal meetings of TikTok teams that leave no room for doubt. Access by employees based in China to data belonging to users across the Atlantic is clearly mentioned. “Engineers in China have access to everything” or “everything is watched from China” are among the sentences exchanged between TikTok colleagues in the United States, who themselves obviously cannot access certain data. The recordings in question would cover a period from September 2021 to January 2022.
This is not the first time that such accusations have been made against TikTok, although the Chinese group ByteDance has always defended itself from such practices. Everyone knows that it was on the basis of concerns posed by TikTok on national security, with the suspicion of eavesdropping from China, that President Donald Trump had taken it into his head to ban the platform in the United States. (or to require its transfer to a US entity).
Now at the helm, Joe Biden has bought time in this case by asking for new investigations before making a decision. The technical merger between TikTok and the giant Oracle, announced for the management of content and data for American users, had been delayed in this context. Under the name of Project Texas, it nevertheless returned to center stage in March and it seems that the launch of data transfers to the Texas company’s servers has begun for “block Chinese ByteDance from accessing it”.
Guarantees to provide
Except that without a sale – even partial – of the company or a new clear framework agreement, resulting in a deep technical overhaul of TikTok, it seems unlikely that it will be possible to prevent the service’s Chinese engineers from accessing these informations.
For the only official statement, we must be satisfied with the comments made by Albert Calamug, head of security for TikTok across the Atlantic: “For more than a year, we have been working with Oracle on several measures as part of our business relationship to better protect our applications, systems, and data security for US users. […] Today, 100% of US user traffic is routed to Oracle Cloud Infrastructure.” Which does not mean that nothing would pass through China.
The backup servers used as part of this new infrastructure belong to TikTok and are located in Virginia and Singapore. In a second step, it is planned to migrate all the data, including these backups, to servers belonging to Oracle. “We know that we are one of the most scrutinized platforms from a security perspective, and we want to remove any doubts about the security of US user data”ends Albert Calamug.