says it has fired four employees who accessed the data of several users located in the US, including journalists. According to , an investigation conducted by an outside law firm found that the employees were trying to locate the sources of leaks to reporters. Two of the employees were in the US and two were in China, where ByteDance is based.
The company reportedly determined that members of a team responsible for monitoring employee conduct accessed the IP addresses and other data linked to the TikTok accounts of a reporter from and . The employees are also said to have accessed the data of several people with ties to the journalists. that ByteDance tracked three of its reporters who previously worked for BuzzFeed News. All three of those publications have published reports on TikTok, including on its alleged ties to the Chinese government. Engadget has contacted ByteDance for comment.
“The misconduct of those individuals, who are no longer employed at ByteDance, was an egregious misuse of their authority to obtain access to user data. This misbehavior is unacceptable, and not in line with our efforts across TikTok to earn the trust of our users,” ByteDance said in a statement to . “We take data security incredibly seriously, and we will continue to enhance our access protocols, which have already been significantly improved and hardened since this incident took place.”
In October, that members of ByteDance’s Internal Audit and Risk Control department planned to use TikTok to track the locations of specific US citizens. , but the report tracks with the results of the internal investigation. The company told the Times it has restructured that department and prevented it from accessing any US data.
“No matter what the cause or the outcome was, [the employees’] misguided investigation seriously violated the company’s Code of Conduct and is condemned by the company,” ByteDance CEO Rubo Liang reportedly told employees in a memo. “We simply cannot take integrity risks that damage the trust of our users, employees, and stakeholders. We must exercise sound judgment in the choices we make and be sure they represent the principles we stand behind as a company.”
Word of the investigation and employees’ dismissal comes amid various attempts to ban TikTok in the US. , including Georgia and Texas, have blocked the app on government-owned devices. Earlier this month, a bipartisan bill sought to TikTok from US consumer devices, along with other social apps that have ties to China, Russia, Cuba, Iran, North Korea and Venezuela.
Meanwhile, the Senate has passed , which includes a measure that would ban TikTok on most devices issued by the federal government. There will be some exceptions for elected officials, congressional staff and law enforcement. The House is yet to vote on the omnibus bill but is expected to pass it on Thursday evening.
According to the Times, ByteDance said the fired employees accessed historical data that it plans to delete from its own data servers in the US and Singapore. The company that all of TikTok’s TikTok user traffic is being routed to Oracle’s servers. That’s now the “default storage location of US user data,” but at the time ByteDance continued to back up the data on its own servers.