Sen. Josh Hawley (R-Mo.) is pressing the U.S. Treasury Department to conduct a thorough review of new whistleblower allegations regarding the Chinese-owned video app TikTok that were recently brought to his attention.
Hawley said that a TikTok whistleblower has come to him with direct knowledge of the app’s operating practices. The allegations are “deeply concerning” and appear to contradict public statements from senior executives of TikTok and its Beijing-based parent company, ByteDance, over the handling of U.S. users’ data, he said in a letter dated March 8 to Secretary of the Treasury Janet Yellen.
Revelations from leaked recordings that engineers in China had repeatedly accessed the platform’s U.S. data as of January 2022 have raised bipartisan concerns in Congress.
While TikTok’s Chief Operating Officer Vanessa Pappas testified to senators in September 2022 that TikTok has “strict controls in terms of who and how our data is accessed” and vowed that “under no circumstances would we give that data to China,” the whistleblower described the access controls as “superficial” at best, if they exist at all, according to Hawley.
TikTok and ByteDance employees can “switch between Chinese and U.S. data with nothing more than the click of a button using a proprietary tool called Dorado,” Hawley said, citing the whistleblower, who likened it to a “light switch.”
Another tool the whistleblower cited is called Aeolus, which he said allows a China-based employee to access U.S. data with authorization from a manager and a dataset owner.
“I have seen first-hand China-based engineers flipping over to non-China datasets and creating scheduled tasks to backup, aggregate, and analyze data,” the person told Hawley’s office, according to the letter.
The whistleblower also described close coordination between TikTok and ByteDance, both of which he said “rely on proprietary software they engineered in China, thereby reducing foreign scrutiny and enabling Chinese engineers to insert software backdoors,” Hawley wrote in the letter.