The Chinese Communist Party Used TikTok Data to Identify and Track Hong Kong Protesters, Former ByteDance Exec Says

Australian government enacts TikTok bans
  • Save

Australian government enacts TikTok bans
  • Save
Photo Credit: Plann / CC by 4.0

Last week, a report indicated that TikTok had stored creators’ sensitive financial information on servers in China – where government officials can unilaterally demand access to companies’ records. Now, a former ByteDance executive says the Chinese Communist Party (CCP) previously accessed the TikTok data of protesters in Hong Kong.

The newer of the disconcerting claims emerged in a Wall Street Journal report centering on allegations made by one Yintao Yu. Currently residing in California, Yu is said to have served as head of engineering for ByteDance’s U.S. operations – working for the Beijing-headquartered company in China’s capital city as well as Los Angeles – between August of 2017 and November of 2018.

In early May of 2023, against the backdrop of continued TikTok scrutiny and related government-level bans, Yu filed a wrongful-termination suit against ByteDance. According to the shocking complaint, the engineer was dismissed from the company after disclosing troubling alleged conduct he’d witnessed on the job – including ByteDance’s allegedly affording the CCP free access to TikTok data from stateside users.

Notwithstanding the alleged presence of a backdoor through which the CCP can tap into data, TikTok has long denied handing over user information to Beijing. (Alleged misdirection in the March congressional testimony of TikTok CEO Shou Zi Chew compelled Yu to pursue legal action, per his attorney.) But the CCP owns a piece of ByteDance, which in 2022 acknowledged that its employees had improperly accessed the user data of two journalists.

In a new filing, Yu has alleged that a committee of CCP members utilized TikTok to pinpoint the “network information, SIM card identifications and IP addresses” of “civil rights activists and protesters in Hong Kong” as part of an effort to ascertain their identities and locations, per the Journal.

Of course, logic suggests the same committee (as well as other CCP members) wouldn’t be in a hurry to give up the “‘superuser’ credential” responsible for allegedly enabling access to the data half a decade ago. (Also stored by ByteDance, at least at the time, were “all users’ direct messages, search histories and content viewed,” per the report on the latest filing involving Yu’s complaint.)

In any event, a ByteDance spokesperson in a statement rather predictably denied the “baseless claims” at hand and described the former employee’s allegations as “clearly intended to garner media attention.”

As TikTok fends off additional government scrutiny – including potential full-scale bans in the U.S. and elsewhere – in the approaching months, it’s possible that the disclosure of alleged user-privacy shortcomings could have major policy-related effects. At present, though, the short-form app is continuing to host promotional events, expand in the music sphere and beyond (including with the development of an AI chatbot), and emphasize the purported positives of its reach and impact.