TikTok’s global chief security officer Roland Cloutier, who oversees cyber security, is stepping down from his role as the company faces scrutiny from US officials over privacy concerns.
TikTok’s global chief security officer Roland Cloutier, who oversees cyber security, is stepping down from his role as the company faces scrutiny from US officials over privacy concerns
Cloutier, who is based in Florida, will be replaced by New Jersian Kim Albarella, who has been appointed as the interim head of TikTok’s global security organization – the change goes into effect on September 2.
The move follows a bombshell BuzzFeed News report that revealed US user data has been ‘repeatedly accessed’ by China-based employees.
‘With our recent announcement about data management changes in the US it’s time for me to transition from my role as Global Chief Security Officer into a strategic Advisory role focusing on the business impact of security and trust programs, working directly with (CEO) Shou, (ByteDance VP of Technology) Dingkun and other senior leaders,’ Cloutier wrote in a Friday memo.
Cloutier was brought in two years ago to help TikTok handle traditional cybersecurity issues, as well as data security issues unique to TikTok due to its Chinese ownership.
However, TikTok has been reshuffling its global security team and moving China-specific security issues, including ringfencing it from ByteDance, to more localized teams.
It recently announced a dedicated US data security team known as ‘USDS’ as a gatekeeper for US user information, Minimizing China’s access to data.
The company is discussing a structure under which the team would operate autonomously and not be under TikTok’s control or supervision, Reuters previously reported.
Cloutier, who is based in Florida, will be replaced by New Jersian Kim Albarella (pictured), who has been appointed as the interim head of TikTok’s global security organization
TikTok, whose leadership is based in the US and Singapore, is considering rolling out similar data security teams in other regions including the EU, according to a source.
The company hired Cloutier from Payroll processing company Automated Data Processing Inc (ADP) in 2020 and Albarella previously worked for ADP for more than a decade.
The BuzzFeed News report, published on June 17, seems to have opened Pandora’s Box for TikTok – there have been several changes within the company and US officials are now calling for the app to be banned in the US.
The report claims to have listened to leaked audio of more than 80 internal TikTok meetings.
The recordings, which were captured from September 2021 through January 2022, include 14 statements from nine TikTok employees who met to discuss ‘Project Texas’ – the classified effort to stop engineers in China from retrieving the data.
An audio clip is of a director at TikTok who referred to a ByteDance engineer as a ‘Master Admin’ who ‘has access to everything’, according to BuzzFeed News.
Then on June 29, Brendan Carr, commissioner of the Federal Communications Commission (FCC), posted on Twitter urging Apple and Google to TikTok ‘from their app stores for its pattern of surreptitious data practices.’
Carr included a letter to Google CEO Sundar Pichai and Apple CEO Tim Cook, expressing why TikTok needs to be removed, citing a report from last week that ‘shed fresh light on the serious national security threats posed by TikTok.
On June 29, Brendan Carr, commissioner of the Federal Communications Commission (FCC), posted on Twitter urging Apple and Google to TikTok ‘from their app stores for its pattern of surreptitious data practices.’
The letter continues with ‘some concerning’ evidence about why the China-owned app should be removed.
This includes an incident in March 2020 when researchers discovered the app, through Apple’s App store, was accessing users’ sensitive data – passwords, cryptocurrency wallet addresses and personal messages.
Carr also notes that several US military branches have banned TikTok on government-issued devices and have urged personnel to remove the app from their personal smartphones.
It also cites TikTok’s decision in 2021 to pay $92 million to settle dozens of lawsuits that accuse the app of collecting personal data without the user’s consent – and most of these users were minors – and selling it off to advertisers.
Carr gave Apple and Google until July 8 to either remove the app or explain why they chose not to comply.
DailyMail.com has contacted Carr for comment and has yet to receive a response.
TikTok’s troubles, however, did not stop there: Nine Republican Senators wrote the company a lengthy letter with questions about privacy issues.
And TikTok CEO Shou Zi Chew responded on June 30, confirming China-based employees can access US user data.
The letter from TikTok does not clearly state US user data has been or can be accessed by employees outside of the country, but it answers 11 questions that the Senators requested answers to by July 18.
‘[W]e are confident that when you review our responses, you will see that TikTok has not, at any point, misled Congress about our data and security controls and practices,’ Chew wrote.