November 23, 2024

The US Senate Intelligence Committee chair and top Republican have called on the Federal Trade Commission (FTC) to investigate social media app TikTok and Chinese parent ByteDance due to “repeated misrepresentations” over its handling of US data.

The request on Tuesday from Senator Mark Warner, a Democrat, and Republican Marco Rubio followed a Buzzfeed report saying the short video app permitted TikTok engineers and executives in China to repeatedly access private data of US users. The senators said such access raised questions over TikTok’s claims to lawmakers and users that the data was protected.

“In light of repeated misrepresentations by TikTok concerning its data security, data processing, and corporate governance practices, we urge you to act promptly on this matter,” the senators wrote FTC Chair Lina Khan.

TikTok said Tuesday that access to data “is subject to a series of robust controls, safeguards like encryption for certain data, and authorisation approval protocols overseen by our US-based leadership/security team.”

The company responded to the senators’ letter by reiterating “TikTok has never shared US user data with the Chinese government, nor would we if asked.”

The FTC confirmed it had received the letter but declined further comment.

Last week, TikTok told US senators it was working on a final agreement with the Biden Administration that would “fully safeguard user data and US national security interests.”

TikTok acknowledged in a letter Thursday that China-based employees “can have access to TikTok US user data subject to a series of robust cybersecurity controls and authorisation approval protocols overseen by our US-based security team.”

TikTok Chief Executive Shou Zi Chew told senators it was working with Oracle on “new advanced data security controls that we hope to finalise in the near future.”

The senators’ letter cited a BuzzFeed news story about leaked internal recordings that said China-based employees of ByteDance had at the “very least” access to US data.

TikTok’s letter Thursday said hit had not misled Congress about its data and security controls and practices.

Last month, TikTok said it had completed migrating information on its US users to servers at Oracle but it was still using US and Singapore data centres for backup.

It has been nearly two years since a US national security panel ordered parent company ByteDance to divest TikTok because of fears that US user data could be passed on to China’s communist government.

TikTok is one of the world’s most popular social media apps, with more than 1 billion active users globally, and counts the United States as its largest market.

© Thomson Reuters 2022