An anonymous reader quotes a report from The Intercept: Documents published in the BlueLeaks trove, which was hacked by someone claiming a connection to Anonymous and published by the transparency collective Distributed Denial of Secrets, show the information that TikTok shared with U.S. law enforcement in dozens of cases. Experts familiar with law enforcement requests say that what TikTok collects and hands over is not significantly more than what companies like Amazon, Facebook, or Google regularly provide, but that’s because U.S. tech companies collect and hand over a lot of information. The documents also reveal that two representatives with bytedance.com email addresses registered on the website of the Northern California Regional Intelligence Center, a fusion center that covers the Silicon Valley area. And they show that the Federal Bureau of Investigation and Department of Homeland Security actively monitored TikTok for signs of unrest during the George Floyd protests.
The number of requests for subscriber information that TikTok says it receives from law enforcement is significantly lower than what U.S. tech giants reportedly field, likely because police are more accustomed to using data from U.S. companies and apps in investigations. TikTok enumerates its requests from law enforcement in a biannual transparency report, the most recent of which says that for the last half of 2019, the company received 100 requests covering 107 accounts. It handed over information in 82 percent of cases. Facebook, by contrast, says it received a whopping 51,121 requests over the same period, and handed over at least some data in 88 percent of cases. A 2018 document found in BlueLeaks titled “Law Enforcement Technology Investigations Resource Guide” gives police details on how to obtain records from Musical.ly, which was acquired by ByteDance and merged into TikTok that year. “In the releases shown in BlueLeaks, TikTok handed over multiple IP addresses, information about the devices used to register for accounts, cellphone numbers, and unique IDs tied to platforms including Instagram, Facebook, or Google if the user logged in using a social media account,” the report adds.
“It is unclear whether these data releases were in response to warrants, subpoenas, or other requests, and the company would not give details, citing user privacy. The accounts for which TikTok handed over data in the BlueLeaks dump range from influencers with tens of thousands of followers to people who primarily post for friends.”