Artificial IntelligenceCryptocurrencyMetaverseCybersecurityTech Forward

TikTok said U.S. data didn’t reach its Chinese servers⁠—then admitted it can be accessed there. Now senators urge FTC to probe ‘deception’

July 6, 2022, 12:45 PM UTC
Senators Mark Warner and Marco Rubio
Sen. Marco Rubio (at right), a Republican from Florida and ranking member of the Senate Intelligence Committee, and Sen. Mark Warner, a Democrat from Virginia and chairman of the committee, during a hearing in Washington, D.C., on March 10, 2022.
Al Drago—Bloomberg/Getty Images

The two sides of the U.S. Senate don’t agree on much these days, but ByteDance’s TikTok has managed to prompt a rare moment of bipartisanship.

Late Tuesday, Senate Intelligence Committee chair Mark Warner (D-Va.) and vice chair Marco Rubio (R-Fla.) jointly urged the Federal Trade Commission to investigate the hugely popular app, over the fact that it let Chinese employees access the data of U.S. users.

The senators asked FTC Chair Lina Khan to investigate TikTok under the agency’s consumer protection remit, “on the basis of apparent deception by TikTok, and coordinate this work with any national security or counterintelligence investigation that may be initiated by the U.S. Department of Justice.”

Last year, after new President Joe Biden scrapped his predecessor Donald Trump’s effort to force TikTok to sell up to Oracle and Walmart over national-security concerns, the company’s U.S. policy chief testified to the Senate Commerce Committee that there was no “overt” transmission of American users’ data to the Chinese government. He also said “a U.S.-based security team…handles access to user data.”

That line fell apart in the past few weeks, following a BuzzFeed News story that—based on leaked audio from internal TikTok meetings—reported ByteDance employees in China had “repeatedly accessed nonpublic data about U.S. TikTok users.”

What’s more, the report stated, U.S. employees sometimes had to “turn to their colleagues in China to determine how U.S. user data was flowing.”

In late June, a handful of Republican senators wrote to TikTok to demand an explanation.

Meanwhile, Republican commissioner Brendan Carr of the Federal Communications Commission (FCC) fruitlessly urged Google and Apple to remove TikTok from their app stores, because the video-sharing app “functions as a sophisticated surveillance tool that harvests extensive amounts of personal and sensitive data.”

Last week, TikTok responded to the senators that actually, yes, some China-based employees can access some information on U.S.-based users—but still insisted the data isn’t shared with the Chinese government.

Nonetheless, Warner and Rubio said Tuesday that the revelations “undermine long-standing claims by TikTok’s management that the company’s operations were firewalled from demands of the Chinese Communist Party.”

“In light of repeated misrepresentations by TikTok concerning its data security, data processing, and corporate governance practices, we urge you to act promptly on this matter,” they told Khan, highlighting Chinese access to users’ birth dates, phone numbers, device identification information, and potentially biometric data including faceprints and voiceprints.

Also on Tuesday, the FCC’s Carr seized on TikTok’s admission about China-based employees accessing U.S. data. “I don’t have a lot of trust left in TikTok,” he told Bloomberg.

Warner and Rubio noted in their letter that Chinese intelligence laws “provide extensive and extrajudicial access opportunities for [Chinese Communist Party]-controlled security services.”

U.S. intelligence laws give American agencies similar powers to hoover up information on foreign users of Big Tech—a fact that could yet scupper the ability of U.S. tech giants to import Europeans’ personal data.

However, with TikTok becoming a rare example of a non-American social-media app hitting big-time in the U.S., the shoe is now clearly on the other foot.

“For two years, we’ve talked openly about our work to limit access to user data across regions,” TikTok spokesperson Brooke Oberwetter said in an emailed statement. “As we’ve said repeatedly, TikTok has never shared U.S. user data with the Chinese government, nor would we if asked.”

This article was updated on July 6 to include TikTok’s statement.

Editor’s note: The headline has been changed from: TikTok denied U.S. user data was accessed in China. Then it admitted it was. Now senators urge FTC to probe ‘deception’

Sign up for the Fortune Features email list so you don’t miss our biggest features, exclusive interviews, and investigations.