June 5, 2023
Software developers in China are working on the code of video sharing app TikTok, prompting warnings the country’s authoritarian government could compel staff to secretly suppress or elevate content that supports Communist Party narratives or sows division within democracies.
The Australian Financial Review has been shown a sample of code that links engineers from Chinese parent company ByteDance to the software development. Much of TikTok’s code is obfuscated, making it hard to tell exactly what is going on, but the sample appears to govern the broadcast and moderation of livestreams.
The sample of code, related to a version of the app used on Android devices, reveals at least a dozen usernames with email addresses linked to ByteDance, the Beijing-headquartered company that owns TikTok and other more China-focused social media platforms such as Douyin.
Sources provided open-source intelligence that verified many of the engineers were working in mainland China. The Financial Review has chosen not to identify the individuals for privacy reasons.
Across a number of Western democratic countries TikTok is battling to convince politicians that it operates independently of ByteDance, which has deep ties to the Chinese Community Party, amid fears China could compel the app owner to share data.
Among a range of other data, intelligence and security legislation, China’s National Intelligence Law of 2017 requires all organisations and citizens to “support, assist and co-operate with the state intelligence work”.
Shadow home affairs spokesman James Paterson said the code was more evidence the TikTok app is made and managed in China, giving weight to fears that the Chinese government could interfere with the popular video sharing app used by more than 1 billion people globally.
“That matters because it means engineers working on it in China can access user data and are captured by the intelligence and security laws of the Chinese Communist Party,” he told the Financial Review.
“They could be compelled at any time to hand that data over to the Chinese government or make changes to the algorithm to please the CCP. And we would never know about it because they would be required to keep it all a secret.”
Mr Paterson said this would “allow the CCP to suppress content critical of their conduct, or elevate content supportive of their narrative, or just to sow division and disunity in our democracies. We know they’ve tried to do this on Western headquarters platforms they don’t control, so it’s safe to assume they would do so on TikTok, which they do.”
Last month, Attorney-General Mark Dreyfus issued a directive to ban TikTok on government-issued devices, amid fears about data security.
Many of the usernames and emails identified in the code have been found in posts asking other developers and engineers for help fixing code as well as contacts for recruitment ads for ByteDance engineers and developers. These include jobs located in Beijing, Shanghai, Shenzhen, Guangzhou and Chengdu, working on various ByteDance apps.
Some recruitment ads also include options to work in Singapore, where TikTok has ramped up hiring as part of its efforts to prove to Western governments that the app is separate from ByteDance.
A TikTok spokeswoman did not deny China-based employees worked on the app’s code. “As we’ve stated publicly, we have product development and engineering teams all over the world – including in the US, UK, Ireland, Singapore and China – collaborating to deliver the best product experience for our community,” a TikTok spokeswoman said.
“All changes to our code are tracked and logged, and we have multiple teams outside of China who write, update and review the code every day.”
The spokeswoman said the code in question might be reused by different apps “for similar functionalities like live streaming or gifting”.
“The employees who developed this sample code over two years ago were responsible for providing templates for app functions that did not require access to TikTok user data or algorithms, and in many cases no longer work in those roles.”
TikTok has repeatedly denied any connections to the Chinese Communist Party.
In March, the Financial Review revealed a senior ByteDance executive had resigned from TikTok’s Australian subsidiary and another still remains.
The TikTok spokeswoman said strict protocols govern employee access data, no matter where they are based, and that TikTok Australian user data is stored in Singapore, Malaysia and the US.
In July 2022, the Financial Review revealed Australian user data could be accessed by staff in mainland China, after an admission by TikTok in a letter to Mr Paterson.