As TikTok attempts to strengthen its position in the United States, its representatives have repeatedly insisted that officials in China are unable to access the data of its U.S. users. A recent flurry of reports tells a different story.
An exposé in Forbes revealed that employees at TikTok’s parent company, ByteDance, used TikTok user data to track multiple journalists who had called out the app in widely-circulated articles. The alleged surveillance effort, dubbed Project Raven, attempted to locate the source of leaks within the Beijing-based corporation.
Reporters monitored by the project included Emily Baker-White, who authored the Forbes piece, and Cristina Criddle of the Financial Times. In June, Baker-White published a BuzzFeed article in which she wrote that Chinese officials had in fact accessed the data of U.S. TikTok users, despite ByteDance’s claims to the contrary.
Subscribe for daily Tubefilter Top Stories
Criddle’s TikTok coverage includes a July article that uncovered internal strife within the U.K. division of TikTok Shop. That report sapped the momentum of TikTok’s ecommerce initiative, though it has since made its way to the U.S.
In hopes of discovering the identity of internal sources who may have leaked information to the press, the architects of Project Raven used TikTok data and reporters’ IP addresses to see if the journalists were in the same approximate location as ByteDance employees.
In response to the Forbes report, ByteDance launched an internal investigation. The company noted that Project Raven did not successfully plug any leaks, and four employees involved in the scheme have been let go. “This misconduct is not at all representative of what I know our company’s principles to be,” TikTok CEO Shou Zi Chew wrote in an internal memo. “I’m disappointed to hear that anyone, even a very small subset of people, would have considered it acceptable.”
Chew’s admissions regarding Project Raven are a departure from TikTok’s typical PR stance, as the app tends to downplay associations with its parent company. “I was deeply disappointed when I was notified of the situation…and I’m sure you feel the same,” ByteDance CEO Rubo Liang wrote in an email shared with Forbes. “The public trust that we have spent huge efforts building is going to be significantly undermined by the misconduct of a few individuals…I believe this situation will serve as a lesson to us all.”
The details about Project Raven could hamper a different project — Project Texas. That’s the codename for TikTok’s attempt to cut a deal with the U.S. government in order to secure its stateside operations. Though the app has reportedly spent $1.5 billion on that effort, it may now have a hard time convincing lawmakers that it is actually keeping U.S. user data away from Chinese officials.
On the other hand, Project Texas could serve as an olive branch, as it would give an American corporation (likely Oracle) oversight of TikTok’s U.S. data. Chew described Project Texas as a “testament” to TikTok’s serious attitude regarding data security.
But pressure won’t just come from D.C. The publications wrapped up in Project Raven have pledged to continue their investigations. Forbes Chief Content Officer Randall Lane called the scheme a “direct assault on the idea of a free press.” In a statement, The Financial Times said it would “be investigating this story more fully before deciding our formal response.”