TikTok and ByteDance staff around the world have been able to freely access the friend lists of the First Family, top internet stars and other public figures, creating national security risks in a heated election year and endangering the privacy of some of the most powerful people on the planet.
Beyonce to Ed Sheeran, Charli D’Amelio and The Bidens, Members of Congress, and abortion activists are just a handful of the high-profile celebrities and public figures whose closest contacts could be searched and scrutinized by nearly any TikTok or ByteDance employee around the world this year with few restrictions.
According to people familiar with one of the company’s social graph tools and a trove of internal images, videos, audio and communications related to it that were obtained by Forbes, every major social media platform maintains granular information showing who its users are connected to and how. What is also interesting is that whether they’re closed, private accounts with a small network or open, public handles with tens of millions of followers, the companies still have tools that help them analyze that data. That explains why, TikTok is no different than its rivals.
But people who’ve worked there, and at competitors like Meta believe the social mapping tools used by TikTok and its Chinese parent ByteDance may allow more extensive monitoring of users than those in other companies. What sets TikTok apart, they say, is the apparent lack of controls that exist on such intimate data; the ease with which it can be mined by workers who don’t need access to it; and the inferences staff can make about individual users and their social circles from that data.
Despite the company publicly arguing otherwise, sources and experts say that TikTok’s Chinese ownership – and the ability to access such sensitive data in China – magnify concerns over how the tool might be abused.
“Most of the people that will use these things will be responsible, but there is a threat coming from inside the house, too,” said Brian Fishman, former director of Facebook’s team countering terrorism and dangerous organizations.
At TikTok, that threat is driven not only by “bigger-picture ownership questions” but also by the possibility that, like at other tech companies, intelligence agents could embed in the workforce and use internal tools to try to gather information on certain users, he said.
Twitter’s former head of security last year told the U.S. government the company had discovered spies and foreign agents on its payroll who were doing just that. The Justice Department also recently sentenced a Saudi Arabian national employed by Twitter to years in federal prison for using the app to spy on critics and political dissidents. U.S. officials have also expressed serious concerns about the Chinese government gathering intel through Americans’ personal contacts and trying to plant or recruit personnel at tech companies, including by mining prospects on LinkedIn. After publication of this article, TikTok reached out responding to an earlier question from Forbes, saying: “there is no evidence of this happening at TikTok.”
“Any tool that allows you to connect data points, in the hands of a smart investigator, is a powerful tool,” Fishman added. These tools “need to be restricted in their use, and that use needs to be monitored to make sure that it’s actually suiting an appropriate business need, rather than some kind of personal agenda or political agenda. Both of those are risks.”
So far, Facebook limits access to these kinds of tools and has mechanisms in place to monitor usage and investigate violations, noted Fishman, who left the company at the end of 2021. To protect news sources that spoke to Forbes, the name of the tool in question was not shared with TikTok. When a detailed description of the tool and a list of questions about it were sent to the TikTok, it strongly came out that the decision ran “contrary to commonly observed journalistic standards.”
“Forbes has refused to provide the name of the specific tool in question, making it impossible for us to address the claims in this story or provide additional context, something readers should bear in mind,” TikTok spokesperson Alex Haurek, said in a statement. “We have safeguards in place for our tools and limit access to employees who need it to do their jobs.”
The company did not answer questions about what these safeguards are and whether there are oversight processes in place to monitor usage – and potential abuse – of this type of tool. It would not say whether there are any known instances of misuse of such a tool by people working at or with TikTok or ByteDance, including in China.
After publication of this article, TikTok provided the following response to the questions put to it earlier: “We have examined multiple tools potentially fitting Forbes’ vague description. For all of them, employees need permission and a legitimate business reason to obtain access and access is typically time limited. We have yet to find any evidence that any such tools were misused.”
Other searches in the TikTok tool retrieved the close ties of top CEOs, actors, creators and journalists, which could undermine the safety of their sources. They also fetched the contacts of several Biden family members, U.S. senators, governors, state attorneys general, candidates for public office, political pundits and official campaign accounts. (Forbes has omitted their names to protect both the people whose data is exposed and our sources.)
The tool even provided the social circles of the very TikTok executives who have been negotiating with the Biden administration on a national security deal to allay concerns about how the company is handling Americans’ data. TikTok did not comment on any of the specific cases or public figures mentioned in this story. It also did not comment on what it is doing ahead of the 2024 election to safeguard the sensitive information of high-profile users including political figures and those running for