TikTok Whistleblower Says US Data Can Easily Be Accessed From China: Sen. Hawley

Sen. Josh Hawley (R-Mo.) is pressing the Treasury Department to conduct a thorough review of new whistleblower allegations regarding the Chinese-owned short video app TikTok that were recently brought to his attention.

Writing to Secretary of the Treasury Janet Yellen on March 8, Hawley said that a TikTok whistleblower has come to him with direct knowledge of the app’s operating practices. His allegations, Hawley said, are “deeply concerning” and appear to contradict with public statements from senior executives of TikTok and its Beijing-based parent company ByteDance over the handling of U.S. users’ data.

Revelations from leaked recordings that engineers in China had repeatedly accessed the platform’s U.S. data as of last January have raised bipartisan concerns in Congress.

While TikTok’s chief operating officer Vanessa Pappas in September 2022 testified to senators that they have “strict controls in terms of who and how our data is accessed,” and vowed that “under no circumstances would we give that data to China,” the whistleblower described the access controls as “superficial” at best, if they exist at all, according to Hawley.

TikTok and ByteDance employees can “switch between Chinese and U.S. data with nothing more than the click of a button using a proprietary tool called Dorado, Hawley said, quoting the whistleblower who likened it to a “light switch.”

Another tool the whistleblower cited is called Aeolus, which he said will allow a China-based employee access to U.S. data with authorization from a manager and a dataset owner.

“I have seen first-hand China-based engineers flipping over to non-China datasets and creating scheduled tasks to backup, aggregate, and analyze data.”

The whistleblower also described close coordination between TikTok and ByteDance, both of which he said “rely on proprietary software they engineered in China, thereby reducing foreign scrutiny and enabling Chinese engineers to insert software backdoors,” Hawley wrote in the letter.

“TikTok and ByteDance are functionally the same company. They use the same data analysis tools and chat apps, and managers are in constant contact,” Hawley cited the whistleblower as saying.

‘Highly Disturbing Allegations’

Hawley sees the “highly disturbing allegations” as the latest reason for a complete purge of TikTok from the United States, which is most popular among American teens.

“Despite TikTok’s many reassurances that members of the Chinese Communist Party do not have access to U.S. data, it seems more and more likely that they do,” he wrote. He requested Yellen provide information on what TikTok has shared with the foreign transaction review panel—the Committee on Foreign Investment in the United States (CFIUS)—that she chairs regarding its software tools, dataset facilities, internal products, the declared access ability for TikTok staff in China through these tools, and the internal approval process that CFIUS is aware of.

Asked by The Epoch Times, a TikTok spokesperson argued that the whistleblower “appears to be misinformed.”

“The tools described in Sen. Hawley’s letter are primarily analytic tools—they don’t independently grant direct access to data,” TikTok told The Epoch Times. The company spokesperson added that “[a]ll access to U.S. user data is managed in the United States by [TikTok] U.S. Data Security, and can only leave the Oracle cloud environment under limited, monitored circumstances as described in our proposed agreement with CFIUS.”

TikTok said “it is standard for tech companies to engineer their own tools and services to meet internal business needs” and that “[n]one of those tools are typically scrutinized externally.” In a bid to remain in the United States, TikTok has been working on a program called “Project Texas” by partnering with U.S. computing giant Oracle, whose cloud infrastructure will host TikTok’s U.S. data. Under it, TikTok said, “every line of code will be inspected, tested, and vetted by multiple third parties specifically to ensure that there are no back doors.”

The push to ban TikTok, which has more than 113 million U.S. users each month, has been gaining momentum in the United States and elsewhere as threats stemming from Beijing’s global ambitions to challenge the liberal democratic world order receive wider recognition.

Action in Congress

On March 1, the House Foreign Affairs Committee voted to advance a bill targeting the TikTok.

“Anyone with TikTok downloaded on their device has given the CCP [Chinese Communist Party] a backdoor to all their personal information. It’s a spy balloon into your phone,” Rep. Michael McCaul (R-Texas), the committee chairman who introduced the proposed legislation, told The Epoch Times’ sister outlet NTD.

More than half of U.S. states have moved to ban TikTok from government devices. The measure is also enforced on a federal level under part of a $1.65 trillion spending bill passed in December.

In a Senate Select Committee on Intelligence hearing on Wednesday, FBI director Christopher Wray reaffirmed that TikTok poses national security and privacy concerns, and could be used as a tool by the CCP to manipulate the thinking of millions in America.

However, answering the committee’s vice chairman Sen. Marco Rubio (R-Fla.), who wants to know whether Beijing could use the app to sow public discord and promote certain narratives, Wray said it could be difficult to “see many of the outward signs of it happening if it was happening.”

“I think the most fundamental piece that cuts across every one of those risks and threats that you mentioned, that I think Americans need to understand, is that something that’s very sacred in our country, the difference between the private sector and the public sector—that’s a line that is nonexistent in the way the CCP operates,” Wray said.