TikTok has Western governments fuming. The Chinese-owned software that is popular among teens all around the world is under fire for allegedly aiding espionage, failing to protect user data, and even poisoning the brains of children.
In recent months, governments in the US, UK, Canada, New Zealand, and all of Europe have taken steps to outlaw the use of TikTok on official personnel’s phones. The software might be subject to more limitations if hawks get their way. The Chinese parent firm of TikTok, ByteDance, has been ordered by the White House to sell the app or face a complete ban in the United States.
But do the claims hold up? Little information has been provided by security officials as to why they are taking action against TikTok. That might be because national security issues are sensitive, or it might just mean that the rhetoric is lacking in real substance.
Shou Zi Chew, the CEO of TikTok, will be questioned by lawmakers from both political parties about the risks associated with the app on Thursday in front of the U.S. Congress. Politico provided some of the themes they may pick up on:
1. The Chinese government’s potential access to vast amounts of data from TikTok’s millions of users is perhaps the biggest cause for alarm.
ByteDance may be subject to Chinese national security laws, specifically the 2017 National Security Law, which obliges Chinese corporations to “help, aid, and collaborate” with national intelligence efforts. This is according to Western security officials. They claim that this law gives China’s intelligence agents free rein.
According to Western sources, TikTok’s hundreds of Chinese engineers and operational employees, any of whom might be employed by the state, have access to user data. Several ByteDance workers in China and the US targeted journalists at Western media outlets using the app in December 2022. (and were later fired).
Last month, employees of EU institutions were prohibited from using TikTok on company-issued phones. Because this application is gathering so much information on mobile devices that could be used to launch an attack against the Commission, an internal email sent to employees of the European Data Protection Supervisor, which POLITICO has seen, stated that the goal of the move was “to reduce the exposure of the Commission from cyberattacks.”
Also, the Irish Data Protection Commission, TikTok’s primary EU privacy authority, will decide in the coming months whether the corporation improperly transferred the data of European users to China.
The Chinese government could easily purchase massive amounts of user data from brokers with little regulation, according to critics of the security argument. They point out that US social media companies like Twitter have experienced issues protecting user data from the prying eyes of foreign governments.
According to TikTok, it has never provided data to the Chinese authorities and would refuse if prompted. ByteDance is technically incorporated in the Cayman Islands, which according to TikTok would exempt it from being bound by legal responsibilities to support Chinese agencies. ByteDance is owned by its founders and Chinese investors to the tune of 20%, international investors to the tune of 60%, and employees to the tune of 20%.
The business has outlined two distinct plans to protect data. Project Texas, a $1.5 billion scheme in the United States, aims to erect a wall between the American company and its Chinese shareholders. The majority of TikTok’s European data would be transferred to European servers as part of the €1.2 billion European version, Project Clover.
But, Theo Bertram, the head of TikTok’s European lobby, also stated in March that it would be “practically exceedingly difficult” to entirely halt the transfer of European data to China.
2. Western authorities claim that if Chinese agencies are unable to legally access TikTok’s data, they can just enter through a back door.
China has some of the best cyber spies in the world, and keeping data or digital infrastructure on Chinese soil will make their job simpler.
Government employees in the Netherlands have been warned by Dutch intelligence services to delete apps from nations conducting an “offensive cyber operation” against the country, particularly China but also Russia, Iran, and North Korea.
The Citizen Lab at the University of Toronto conducted a research in 2021 that showed that the app did not display the “overtly hostile behavior” as would be expected of malware. This study is often cited by opponents of the cyber espionage theory. But, the lab’s director claimed that scientists lacked knowledge on what happens to TikTok data stored in China.
Project Texas and Project Clover on TikTok address both legal data access and measures to allay concerns about cyber espionage. According to the EU plan, a European security provider (whose identity has not yet been chosen) would have the authority to assess cybersecurity policies and data controls and to impose access restrictions on specific personnel.
Bertram claimed that this provider might communicate “without us [TikTok] being involved, to convey trust that there’s nothing to conceal,” with European security authorities and regulators.
The business, according to Bertram, was seeking to hire more engineers outside of China.
3. Particularly in the U.S., where there are no fundamental legal privacy rights for people, critics of TikTok have accused the program of mass data collecting.
TikTok is frequently accused of breaking privacy regulations in areas with rigorous privacy laws.
Due to its handling of customer data belonging to minors, the corporation is under investigation in Ireland, the United Kingdom, and Canada. Its privacy policies regarding tailored advertising and for neglecting to restrict children’s access to its platform have also been probed by watchdogs in the Netherlands, Italy, and France.
4. TikTok has denied accusations leveled in some of the reports and argued that U.S. tech companies are collecting the same large amount of data.
Meta, Amazon, and others have also been given large fines for violating Europeans’ privacy.
The claim that TikTok is a component of an all-encompassing Chinese civilizational conflict with the West is perhaps the gravest accusation, and it is undoubtedly the most unique legal charge. Its purpose is to promote discord and indifference in young Western minds by disseminating false information and dulling content.
The head of the U.S. National Security Agency issued a warning earlier this month that the Chinese government’s use of TikTok’s algorithm would enable influence operations among Western people. According to TikTok, there are about 300 million active users in the US and Europe. The app had the highest download count in 2022.
In 2019, rumors claimed that TikTok was suppressing videos and content that supported LGBTQ rights and that referenced Tiananmen Square. In addition, ByteDance has been charged for promoting pointless time-wasters to Western children instead of the beneficial educational material offered on its Chinese app Douyin.
In addition to being accused of conducting “influence operations,” TikTok has come under fire for failing to safeguard kids from app addiction, risky viral challenges, and misinformation. The app’s content monitoring is still in the “very early stages,” according to the French regulator’s statement from last week. This week, TikTok’s Italian headquarters were searched by the consumer protection agency and Italian police enforcement as part of an investigation into the company’s kid protection policies.
According to Citizen Lab researchers, TikTok doesn’t impose blatant censorship. Some detractors of this claim have noted that other nations have also manipulated platforms controlled by the West, such as Russia’s operation on Facebook to influence the 2016 American elections.
Since 2019, TikTok claims to have modified its content moderation process, and it periodically publishes a transparency report detailing what is taken down. The business also boasted of the opening of “transparency centers” in the U.S. in July 2020 and in Ireland in 2022. Also, it has declared that it would abide by the Digital Services Act, a new EU regulation on content moderation that calls for platforms to grant authorities and researchers access to their algorithms and data.