TikTok’s Project Texas Has Major Flaws, Whistleblower Claims

TikTok's solution to prevent its potential ban may not be as good as it thinks.

A self-proclaimed whistleblower from the company recently revealed that the company's plans to address US data privacy fears are not as airtight as they seem.

TikTok has been fervently opposing the US government's efforts to totally block TikTok from government-issued devices, networks, and systems.

House Committee Advances Bill That Pushes A Ban Of TikTok In The US
Getty Images

TikTok Project Texas Vulnerabilities Details

The TikTok whistleblower, a former member of the company's Trust and Safety Team, revealed that its Project Texas initiative will still let the company connect to parent company ByteDance's Toutiao, a well-known Chinese news app also run by ByteDance, according to an Engadget report citing an article from The Washington Post.

For those unaware, TikTok's Project Texas initiative aims to strengthen TikTok's data security program, per Lawfare Blog. A TikTok subsidiary, called TikTok US Data Seurity Inc., is created under this initiative and will be governed by an independent board of directors, which the company will nominate and the Committee on Foreign Investment in the United States will review.

This subsidiary will ensure that data entering and leaving it will not pose any national security risks, with Oracle providing oversight of the data entering and leaving it.

The whistleblower in question then claimed that Project Texas doesn't go far enough to properly ensure the security of US data from Chinese employees, with him recommending nothing short of a "complete re-engineering" of how the app works to achieve such a goal.

Additionally, the whistleblower alleges that Toutiao could let Chinese employees intercept and possibly view US user data.

The whistleblower in question worked for TikTok for around six months, as a risk manager and head of a unit in TikTok's Trust and Safety Team until early 2022, according to Gizmodo. They also revealed that part of his job was to be in charge of knowing which employees had access to certain tools and user data.

TikTok allegedly fired the whistleblower after he spoke up about his data privacy concerns. Though his departure from the company predates the finalization of TikTok's Project Texas initiative, he reportedly saw enough evidence to blow the whistle.

The whistleblower's allegations follow concerns regarding TikTok's US user controls brought forth by a former ByteDance employee, per Axios. According to the previous whistleblower, TikTok overstates its separation from ByteDance, which relies on proprietary Chinese software that could have backdoors and has tools that allow employees to switch between US and Chinese user data easily.

TikTok's Response To The Claims

TikTok's spokesperson refuted the recent whistleblower's allegations with them saying that Project Texas wasn't completed until after his departure from the company. As such, he doesn't know of the initiative's current status and "the many significant milestones" it reached over the last year.

The spokesperson also mentioned that Project Texas was a full re-engineering of the app and that most of the employees with knowledge of Project Texas' components at the time of the whistleblower's employment did not have full access to its entirety.

© 2024 iTech Post All rights reserved. Do not reproduce without permission.

More from iTechPost

Real Time Analytics