- TikTok CEO Shou Zi Chew told U.S. lawmakers that China-based employees at its parent company ByteDance may still have access to some U.S. data from the app.
- He said that won't be the case once its risk mitigation plan, called Project Texas, is complete.
- U.S. officials fear that user data accessed by ByteDance could eventually reach the Chinese government, based on a Chinese law that allows the government to obtain inside information from companies based there for purported national security purposes.
TikTok CEO Shou Zi Chew told U.S. lawmakers that China-based employees at its parent company ByteDance may still have access to some U.S. data from the app but added that won't be the case once its risk mitigation plan, called Project Texas, is complete.
The exchange is significant because it gets at the crux of U.S. officials' fears about TikTok's ownership and also shows how tricky and time-consuming untangling the app from its Chinese parent company can be.
Lawmakers and intelligence officials fear that U.S. user data could get into the hands of the Chinese government via ByteDance. That's because Chinese law allows the government to obtain inside information from companies based there for purported national security purposes, as CNBC has reported.
During Chew's much-anticipated testimony before the House Energy and Commerce Committee, Rep. Bob Latta, R-Ohio, asked Chew if any ByteDance employee in China could currently access U.S. data.
"After Project Texas is done, the answer is no," Chew said. "Today, there is still some data that we need to delete."
Later in the hearing, in an exchange with Rep. Tim Walberg, R-Mich., Chew denied it shares U.S. data with the Chinese Communist Party, saying that TikTok is a "private business" that, like many others, relies on a "global workforce."
In response to a request for comment last week about a remark made in a Wall Street Journal article that TikTok represents a Chinese espionage operation, a TikTok spokesperson said in a statement there was "no truth" to the allegation.
The spokesperson added at the time that "Since October of 2022, all new U.S. user data has been stored exclusively in the Oracle Cloud Environment, with protected data fully out of reach of any foreign government. That data is managed exclusively by U.S. Data Security—a TikTok subsidiary made up of Americans, led and located in America—whose sole focus is to protect U.S. national security interests by securing U.S. user data and preventing outside manipulation of our systems."
TikTok said Thursday that Project Texas is already in action but there are many steps to reach its completion. That includes deleting data from TikTok's servers in Singapore and Virginia, a process it began last week. The data on those servers is the kind that could theoretically still be accessed by China-based ByteDance employees for the time being.
Once that data is deleted, according to TikTok, those employees will no longer have access to U.S. user data from the app.
— CNBC's Rohan Goswami contributed to this report.
WATCH: TikTok CEO Shou Zi Chew: I don't condone effort by former employees to access U.S. user data