go to sections menu

Can you believe this? Tik Tok pleads its case in an interview from blog The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: article commentary > Can you believe this? Tik Tok pleads its case in an interview

Go to Homepage, contents or to navigation menu



Can you believe this? Tik Tok pleads its case in an interview

We’re as secure as we can be … we don’t share data with China

I just read this article on the 30th of August that is in an interview style with someone at Tik Tok who claims that they do not share data with China and that they have no reason to do so. The interview even goes on to claim that Bite Dance is a different app similar to Tik Tok, otherwise there is no relationship.

Who is telling the truth here? I have never heard of Bite Dance until they were mentioned in a piece done by the UK paper on Tik Tok which you can search out or search Tik Tok on the blog for all references to them from the network team.

I thought passing this along would be appropriate because it is information about something we’ve covered and it is only right we share information and have discussions on it.

Have you read this article from Cyberscoop or something similar in another place? If so, what did you think?

What to read:

  • TikTok’s security boss makes his case. Carefully.
  • The Interview:

    Below, I’ll paste the interview directly from the article. Note that there may be more, but to be fair, I’ll quote the interview so you can see this much. Click through to the full article to read the entire thing.


    CyberScoop: Can you walk me through how TikTok’s risk profile has changed since it became the subject of focus for the U.S. government?

    Roland Cloutier: Obviously there’s been a lot of noise and untruths spread about sharing of information.

    We simply don’t share data with governments, including the Chinese government. We have very specific processes when law enforcement or government agencies
    were to ask us for things, and because we sit in the United States, it would have to go through the U.S. government. So we don’t share information. Our
    information is protected in both our U.S. and Singapore data centers through all of our controls that you would expect our organizations to have, as well
    as the encryption that we put on protected data assets and objects in our applications. That’s managed out of the U.S. team.

    That aside, we start with the primary focus of ensuring that the platform is safe. Ensuring that, as people come on to the platform, ensuring that the
    information they’re accessing is safe both from things like misinformation and disinformation, protection for our younger users on the platforms, as well
    as ensuring that we don’t have that type of material that’s not part of our community agreements. We’re not going to have pornographic material. We are
    not going to have violence and speech. We are not going to have those things in our community.

    CS: In terms of the data transfers, you said the company is not sharing data with the Chinese government unless there’s a specific request. Is that correct?
    How does the law enforcement data request process work?

    RC: Let’s be clear: We’ve never gotten a request from the Chinese government.

    We publicly disclose, and we will continue to publicly disclose, responsibly in our transparency reports when law enforcement asks us for things.

    Obviously, U.S. law enforcement is very active in the digital space, and we get warrants from them. We’ve gotten it from other countries. We’ve never gotten
    it from China because, quite simply, TikTok does not operate in China.

    Neither TikTok data, nor use, occurs in China, so therefore [the Chinese government] does not have jurisdiction over the platform. It’s pretty simple.
    The data doesn’t even exist in China, so there’s a whole bunch of ways to look at this, but the biggest fundamental truths are that the Chinese government
    doesn’t ask for it, because it doesn’t exist in China.

    (Ed. note: TikTok does not operate in China, but ByteDance operates an app called
    Douyin
    that is a carbon copy of TikTok solely meant for Chinese users. When asked about this after the interview, ByteDance said: “TikTok and Douyin have separate
    markets, users, and content. TikTok is in close to 150 markets around the world, but it is not offered in China. The TikTok and Douyin apps are run entirely
    separately, on separate servers.”)

    There’s a global process by which law enforcement has to do that. In the United States, it falls under the Fifth Amendment, and in other countries there
    are different things, but there has to be a legal process by which information is requested, provided and disclosed. For any country to ask for U.S. data,
    it has to go through the Department of Justice. For the U.S. to ask for data from another country, it has to go through that country of origin.

    CS: How does it work with Bytedance owning TikTok and being based in China, though?

    RC: It doesn’t matter. The information is the information. It’s within the jurisdiction or under the legal guidelines of the country of origin. It doesn’t
    change anything. If someone were to unlawfully attempt to take information — it’s like any type of data, intellectual property, trade secrets — we’re required
    to protect that at a level where that can’t happen. So if Russia is hacking the [Democratic National Committee], or if another nation-state is hacking
    a bank, they have a requirement to be able to protect the information so it’s protected. And we do that through a variety of industry best practices for
    access control, access management and encryption. That’s how we handle it.

    CS: So if I understand this 100% correctly, because TikTok user data is stored in the United States, none of that is subject to
    Chinese law,
    right?

    RC: Correct.

    CS: How does it work in terms of TikTok sharing information? It says in the
    privacy policy
    TikTok shares user data with a “parent or subsidiary or another affiliate of the corporate group.” What does that mean?

    RC: If we’re doing some sort of testing or analysis on a new function that another part of the organization may have developed, we may need to test certain
    parts of the dataset to ensure that a product works.

    We may authorize individuals from one of the 48 countries that we operate in to do various testings. Remember, we have various engineers — an A.I. firm
    we bought out of the U.K., development organizations in Germany and Spain, and a large group in India, as well as China.

    We have people all over the globe. The privacy policy is meant to say that, through the appropriate controls and restrictions we have on information, that
    we may use portions of that information to work in our testing and validation of our technologies.

    Quite simply, we have strict employee controls on any data. Protected data, which are the super sensitive things we consider to be [personally identifiable
    information], we go as far to encrypt those throughout the lifecycle that they’re in the platform.

    CS: Is that encrypted user data shared with international affiliates under the terms of the privacy policy? I understand you’re doing testing and security
    and everything needs to be reliable, but is that encrypted user data folded into that in terms of being shared with parties outside the United States,
    whether it be China or elsewhere?

    RC: It wouldn’t be transferred outside the United States, if that’s what you’re asking.

    There may be some work that needed to be done from an engineer in a different location and potentially we would allow them access into the U.S. data store
    to get that information. And we have, obviously, a bunch of limitization, controls oversight, monitoring controls, data exfiltration controls, and all
    of those things in place, as well.

    The data always remains resonant in the U.S. or in Singapore.

    CS: So they can be somewhere else and access the U.S. database?

    RC: No. Let’s not use broad terms like “the database.” They may be able to access a specific set of data if necessary to do that. It would most probably
    not be the entire database. It would most probably be a portion of that data. Again, if they could access it based on requests that were done, and the
    review of the U.S. executive team to allow for that to happen, and then it would be done under the guise and controls of the U.S. security team.

    CS: One of the things about TikTok that stands out is the number of users who are under 18. How do you protect that data compared to the way that you would
    have someone who is an adult?

    RC: Think of it like we’re protecting the whole person. We want to protect the whole person, their information, and their experience on the platform. We
    have a set of tools, technologies and frameworks so that, if you were under 17, it can be applied. And if you’re under 13, it will automatically be applied,
    such things like you can’t [send a direct message], or you can’t look at certain types of content. There’s a host of things I can point you to in terms
    of what happens with our younger users.

    From a data defense standpoint their information is no less or no more important than anyone else’s that we protect. We protect every user from every position
    in society that’s on our site in the same way. They get that same level of assurance.

    CS: What happens next?

    RC: It doesn’t matter, in my space, what the future holds from a business portfolio standpoint. What matters to me is that we still have almost a billion
    users on our platform, we still have a very core mission in front of us, which is to ensure the safety of the community on our platform. Everything on
    my list today to achieve and every business initiative we are driving is still going forward. Whether that’s with company A, B or C, it doesn’t matter.


    That ends the article which was condensed for clarity, but there is more including links to stuff discussed in the interview. Again, I want to let you see the interview for yourself, and you can make your own decisions on this whole mess.


Informazioni sull'articolo

Can you believe this? Tik Tok pleads its case in an interview was released on August 30, 2020 at 8:00 pm by tech in article commentary.
Last modified: August 30, 2020.


Comments (0)

No comments yet.

Leave a comment

Message form







go to sections menu


navigation menu

go to sections menu