A former executive at ByteDance, the Chinese company which owns the popular video app TikTok, has said in legal papers that some members of the ruling Communist Party used data held by the company to identify and locate protesters in Hong Kong.
Yintao Yu, formerly head of engineering for ByteDance in the US, says those same people had access to US user data – an accusation that the company denies.
Mr Yu, who worked for the company in 2018, made the allegations in a recent filing for a wrongful dismissal case filed in May in the San Francisco superior court.
In the documents submitted to the court he said ByteDance had a “superuser” credential – also known as a god credential – that enabled a special committee of Chinese Communist Party (CCP) members stationed at the company to view all data collected by ByteDance, including those of US users.
The credential acted as a “backdoor to any barrier ByteDance had supposedly installed to protect data from the CCP’s surveillance”, the filing says.
Mr Yu said he saw the god credential being used to keep tabs on Hong Kong protesters and civil rights activists by monitoring their locations and devices, their network information, SIM card identifications, IP addresses and communications.
ByteDance said in a statement that Mr Yu’s accusations were “baseless”.
“It’s curious that Mr Yu has never raised these allegations in the five years since his employment for Flipagram was terminated in July 2018,” the company said, referring to an app that ByteDance later shut down for business reasons.
“His actions are clearly intended to garner media attention.
“We plan to vigorously oppose what we believe are baseless claims and allegations in this complaint.”
Charles Jung, Mr Yu’s lawyer and a partner at the law firm Nassiri and Jung, said his client chose to raise the allegations because he was “disturbed to hear the recent Congressional testimony of TikTok’s CEO” when Shou Zi Chew, a Singaporean, vehemently denied Chinese authorities had access to user data.
Mr Jung said: “Telling the truth openly in court is risky, but social change requires the courage to tell the truth.
TikTok is under intense scrutiny in the US and worldwide over how it handles data and whether it poses a national security risk.
Some American legislators have expressed concern that TikTok’s ties to ByteDance means the data it holds is subject to Chinese law.
They also contend that the app, which has more than 150 million monthly active users in the US and more than a billion users worldwide, could be used to expand China’s influence.
During the combative US house hearing in March, lawyers from both parties grilled Mr Chew over his company’s alleged ties to Beijing, data security and harmful content on the app.
Mr Chew repeatedly denied TikTok shares user data or has any ties with Chinese authorities.
To allay such concerns, TikTok has said that it would work with Oracle to store all US data within the country.
In an earlier court filing, Mr Yu accused ByteDance of serving as a “propaganda tool” for the Chinese Communist Party by promoting nationalistic content and demoting content that does not serve the party’s aims.
He also said that ByteDance was responsive to the Communist Party’s requests to share information.
Mr Yu also accused ByteDance of scraping content from competitors and users to repost on its sites to exaggerate key engagement metrics.
He said he was sacked for sharing his concerns about “wrongful conduct” he saw with others in the company.
In mainland China, ByteDance operates Douyin, which is targeted at the domestic market. TikTok is its global app which is available in most other countries.
It was also available in Hong Kong until TikTok pulled out of the market in 2020 following the imposition of a sweeping national security law.
Anyone who tries to open TikTok from within Hong Kong will see a message that reads “We regret to inform you that we have discontinued operating TikTok in Hong Kong.”