CyberCX has released its annual Digital Forensics and Incident Response Year in Review Report for 2023 →

TikTok starting up Australian technology lab following security risk concerns

Melbourne, Australia – 8 August, 2023


TikTok has started a massive recruitment drive in Australia amidst concerns that the company poses “serious espionage and data security risks”.

The China-based social media giant is currently advertising 47 positions across engineering, cybersecurity and data analysis for their inner-city Sydney office.

The recruitment drive — the company’s first in the research and development space in Australia — comes as TikTok becomes one of the social media companies named by a parliamentary committee into foreign interference through social media as a potential national security risk.

Chief among government concerns centred on how TikTok’s parent company ByteDance was reportedly headquartered in China, meaning they were required to “secretly cooperate with Chinese intelligence agencies” under the country’s security laws.

In a statement to the ABC, a TikTok spokesperson said: “Australia has been chosen as the latest location for a TikTok product engineering hub.”

“The move to further invest in the Australian market reflects its importance in the global TikTok ecosystem,” they said.

The spokesperson also said they were expecting to grow the team to more than 120 people in the coming 12 to 18 months.


TikTok is ‘reading the room’ in Canberra

Katherine Mansted, executive director of cyber intelligence and public policy at Cyber CX, says the move is likely a reaction to concerns around how the company deals with Australians’ data, and its links to the Chinese Communist Party.

“This [recruitment drive] is TikTok, in a sense, reading the political room,” she told the ABC.

“It recognises that we now live in a world where governments and private citizens are rightly concerned about ownership structures of social media and who can access our data.

“I would imagine [TikTok] is attempting to show that there is a separation between its business in Australia and links back to the Chinese Communist Party.”

However, Ms Mansted said a “partial on-shoring” of technology development may not be enough to sway decision-makers in Canberra.

“All social media companies are increasingly on notice that they need to do more to demonstrate that they are protecting Australians,” she said.

Fergus Ryan, senior analyst at the International Cyber Policy Centre, said that as long as engineers in China can access Australian’s data, it is “at risk of being accessed and used by PRC [People’s Republic of China] intelligence services”.

“TikTok’s plans to hire for R&D positions in Australia are unlikely to change this key fact,” he added.


Transparency expectations different in the West

Australian law requires social media companies to provide data to assist in law enforcement investigations.

Statistics around these interactions are made public every six months, with recent results showing that TikTok sees far fewer data requests than its Western counterparts.

When it came to the Chinese government, however, neither TikTok, Meta nor Google disclosed any data requests at all in the second half of last year.

Ms Mansted says this “reflects the reality of the Chinese regime that the Chinese Communist Party and the Chinese government is, in general, a closed system that is not transparent”.

“Western democracies have a level of transparency that they hold themselves to,” she said.

“We’re just seeing an example of that difference.”


TikTok disputes parliamentary committee findings

Last month, TikTok’s Australian director of public policy Ella Woods-Joyce appeared in front of the parliamentary committee into foreign interference through social media.

When questioned on whether the company was based in China, Ms Woods-Joyce answered she didn’t know where the company’s “formal headquarters” were.

This led to senator James Paterson accusing her of “obfuscation”.

“Your reluctance to acknowledge basic facts about the parent company with whom you are ultimately employed is not a promising start to your willingness to honestly answer these questions,” the senator said in the hearing.

“It appears like obfuscation to me.”

The committee’s final report recommended introducing new regulations to ensure all platforms operate under transparency requirements or be banned from use across the country.

The report also stated that foreign interference was Australia’s principal national security threat.

Ms Woods-Joyce responded to the report by saying “we disagree with many of the characterisations and statements made regarding TikTok”.

“We welcome the fact that the committee has not recommended a ban,” she said.

“We are also encouraged that recommendations largely appear to apply equally to all platforms. TikTok remains committed to continuing an open and transparent dialogue with all levels of Australian government.”

A Department of Home Affairs spokesperson said it would not comment on the operation of a corporate entity within Australia or whether it would be accepting the committee’s recommendations.

“The government will take the appropriate time to consider the report’s findings and recommendations,” they said.

Ready to get started?

Find out how CyberCX can help your organisation manage risk, respond to incidents and build cyber resilience.