A former executive of ByteDance, the parent company of TikTok, is alleging in a court filing in San Francisco Superior Court that the Chinese Communist Party (CCP) has access to user data through a "backdoor" in TikTok’s code, even if stored by a U.S. company. Yintao "Roger" Yu, who was the head of engineering of the U.S. offices of ByteDance from August 2017 until he was fired in November 2018, claims that the company was aware of the backdoor in the code, but chose not to remove it because it feared the CCP would ban its valuable Chinese-version apps. Yu also alleges that the CCP has a special office known as the "committee" that has access to all the company data, even data stored in the United States.
Yu further claims that ByteDance promoted content that expressed hatred for Japan and demoted content that expressed support for the protests in Hong Kong, while it promoted content that expressed criticisms of the same pro-democracy demonstrations. The lawsuit argues that ByteDance has "served as a useful propaganda tool for the Chinese Communist Party." Yu also alleges that he observed a culture of lawlessness within the company, and the attitude was to violate the law first, continue to grow, and pay fines later.
In March, TikTok CEO Shou Zi Chew testified before the House Energy and Commerce Committee on TikTok’s plan to have all U.S. data routed to the U.S.-company Oracle. Chew claimed that the U.S. user data would be managed by U.S. employees through a separate entity called TikTok U.S. Data Security, to be operated independently of TikTok’s parent company, ByteDance. However, many lawmakers expressed skepticism, arguing that only banning the video sharing app could adequately sever the CCP’s tentacles.
Yu claims that he alerted Wenjia Zhu, formerly senior vice president of engineering and current Global TikTok R&D Chief at ByteDance, numerous times about the company’s "illegal scraping program" that involved using software to systematically strip user content from competitor’s websites without the users’ permission and populate its own video services with these videos in an effort to make its own services appear more popular to end users. However, Zhu allegedly dismissed Yu’s concerns, and the program was later modified but continued to scrape content from U.S-based users when they are abroad. The lawsuit claims Yu was eventually fired while on medical leave as retaliation for sounding the alarm to his U.S. employees and is now seeking damages.