It turned out that an employee of TikTok's parent company ByteDance was trying to track down the IP address of an American journalist

An employee of ByteDance, which operates TikTok, has been found to have compromised data on two American journalists and their associates in an attempt to identify the company's employees who contacted the reporter and filed a whistleblower complaint. did. In total, four people were involved in the compromise, including members of a team led by a direct report to the ByteDance CEO.

ByteDance Inquiry Finds Employees Obtained User Data of 2 Journalists - The New York Times
https://www.nytimes.com/2022/12/22/technology/byte-dance-tik-tok-internal-investigation.html

TikTok admits tracking FT journalist in leaks investigation | Financial Times
https://www.ft.com/content/e873b98a-9623-45b3-b97c-444a2fde5874

TikTok's parent company accessed the data of US journalists - The Verge
https://www.theverge.com/2022/12/22/23522808/tiktok-journalists-data-accessed-bytedance-internal-audit

This time, the problem that ByteDance was accessing TikTok data to explore journalist trends was discovered in October 2022 when TikTok was trying to exploit user data. Emily Baker-White, a reporter for the economic newspaper Forbes, said in the article, ``The team of Song Ye, head of audit and risk management reporting directly to Lubo Liang, CEO of ByteDance, used TikTok to identify We are planning to track the location information of individuals.'

Report that ByteDance, a parent company headquartered in China, is planning a terrible plan to track user location information using TikTok - GIGAZINE

ByteDance, which had asked an outside law firm to investigate the matter, announced on December 22, 2022 that several of its employees had improperly obtained data on two American journalists and those around them. I acknowledged that it was found that

In an email to employees, TikTok's general counsel, Eric Andersen, said, 'Persons involved in our efforts to investigate leaks of confidential information have abused their powers to gain access to TikTok's user data. These individuals investigated the IP addresses of the two journalists who reported on the content of the leaked documents and records, as well as the journalists' IP addresses with the aim of confirming their contact with our employees, and obtained confidential information. We tried to determine whether the employee suspected of leaking information and the reporter were in the same place.' In addition, since only approximate location information can be obtained from the IP address, it was not possible to identify the employee who leaked the information.

The unauthorized access to the data was targeted by Baker-White, a former BuzzFeed reporter who belongs to Forbes at the time of writing the article, and Christina of the Financial Times, who reported on issues related to TikTok's working environment. Mr. Criddle. A number of TikTok users associated with the two men were also victimized, although ByteDance declined to identify anyone other than the two.

Baker-White tweeted, 'I remember reporting in October that ByteDance was trying to spy on certain Americans, and TikTok asserting that it 'never targeted journalists.' I know it's new, but it turns out that the reports were indeed true, because they were actually targeting me.'

Remember back in October when we reported that ByteDance sought to surveil specific US citizens, and TikTok assured everyone that they weren't targeting journalists? Well, turns out they were.

I know because they targeted me. https://t.co/ZFdU5BVC8H https://t.co/bfU1tkiVOl

—Emily Baker-White (@ebakerwhite) December 22, 2022

Four ByteDance employees, including Ye's direct subordinates, were involved in the fraud, two of them in China and the other two in the United States. Four people have already been laid off, and the audit and risk management department has also been reorganized after being stripped of access to US data.

``Accessing user data in connection with an investigation of a confidential information leak was a serious violation of our code of conduct,'' Andersen said in an email to employees. Liang also wrote in an internal document about this matter, ``I was deeply disappointed when I heard the situation explained by Mr. Andersen in an email.''

In the United States, the `` TikTok Prohibition Bill '' has been submitted to Congress due to concerns that ByteDance will hand over TikTok data to the Chinese government, and the comprehensive spending bill announced on December 19, 2022, The budget included a ``provision prohibiting the use of TikTok on government smartphones''. Therefore, the news media The Verge points out that this news was the worst timing for TikTok.

``Clause prohibiting the use of TikTok on government smartphones, etc.'' is included in the 220 trillion yen expenditure bill announced by the US Congress-GIGAZINE