TikTok is once again fending off claims that its Chinese parent company, ByteDance, would share user data from its popular video-sharing app with the Chinese government, or push propaganda and misinformation on its behalf.
China’s Foreign Ministry on Wednesday accused the United States itself of spreading disinformation about TikTok's potential security risks following a report in the Wall Street Journal that the Committee on Foreign Investment in the US — part of the Treasury Department — was threatening a US ban on the app unless its Chinese owners divest their stake, The Associated Press said.
So are the data security risks real? And should users be worried that the TikTok app will be wiped off their phones?
Here’s what to know:
WHAT ARE THE CONCERNS ABOUT TIKTOK?
Both the FBI and the Federal Communications Commission have warned that ByteDance could share TikTok user data — such as browsing history, location and biometric identifiers — with China’s authoritarian government.
A law implemented by China in 2017 requires companies to give the government any personal data relevant to the country’s national security. There’s no evidence that TikTok has turned over such data, but fears abound due to the vast amount of user data it, like other social media companies, collects.
Concerns around TikTok were heightened in December when ByteDance said it fired four employees who accessed data on two journalists from Buzzfeed News and The Financial Times while attempting to track down the source of a leaked report about the company.
HOW IS THE US RESPONDING?
White House National Security Council spokesperson John Kirby declined to comment when asked Thursday to address the Chinese foreign ministry's comments about TikTok, citing the review being conducted by the Committee on Foreign Investment.
Kirby also could not confirm that the administration sent TikTok a letter warning that the US government may ban the application if its Chinese owners don’t sell its stake but added, “we have legitimate national security concerns with respect to data integrity that we need to observe.”
In 2020, then-President Donald Trump and his administration sought to force ByteDance to sell off its US assets and ban TikTok from app stores. Courts blocked the effort, and President Joe Biden rescinded Trump’s orders but ordered an in-depth study of the issue. A planned sale of TikTok’s US assets was also shelved as the Biden administration negotiated a deal with TikTok that would address some of the national security concerns.
In Congress, US Sens. Richard Blumenthal and Jerry Moran, a Democrat and a Republican, wrote a letter in February to Treasury Secretary Janet Yellen urging the Committee on Foreign Investment panel, which she chairs, to “swiftly conclude its investigation and impose strict structural restrictions” between TikTok's American operations and ByteDance, including potentially separating the companies.
At the same time, lawmakers have introduced measures that would expand the Biden administration's authority to enact a national ban on TikTok. The White House has already backed a Senate proposal that has bipartisan support.
HOW HAS TIKTOK ALREADY BEEN RESTRICTED?
On Thursday, British authorities said they are banning TikTok on government-issued phones on security grounds, following similar moves by the European Union’s executive branch, which temporarily banned TikTok from employee phones. Denmark and Canada have also announced efforts to block it on government-issued phones.
Last month, the White House said it would give US federal agencies 30 days to delete TikTok from all government-issued mobile devices. Congress, the US armed forces and more than half of US states had already banned the app.
WHAT DOES TIKTOK SAY?
TikTok spokesperson Maureen Shanahan said the company was already answering security concerns through “transparent, US-based protection of US user data and systems, with robust third-party monitoring, vetting, and verification.”
In June, TikTok said it would route all data from US users to servers controlled by Oracle, the Silicon Valley company it chose as its US tech partner in 2020 in an effort to avoid a nationwide ban. But it is storing backups of the data in its own servers in the US and Singapore. The company said it expects to delete US user data from its own servers, but it has not provided a timeline as to when that would occur.
TikTok CEO Shou Zi Chew is set to testify next week before the House Energy and Commerce Committee about the company’s privacy and data-security practices, as well as its relationship with the Chinese government.
Meanwhile, TikTok’s parent company ByteDance has been trying to position itself as more of an international company -- and less of a Chinese company that was founded in Beijing in 2012 by its current chief executive Liang Rubo and others.
Theo Bertram, TikTok’s vice president of policy in Europe, said in a Tweet Thursday that ByteDance “is not a Chinese company.” Bertram said its ownership consists of 60% by global investors, 20% employees and 20% founders. Its leaders are based in cities like Singapore, New York, Beijing and other metropolitan areas.
ARE THE SECURITY RISKS LEGITIMATE?
It depends on who you ask.
Some tech privacy advocates say while the potential abuse of privacy by the Chinese government is concerning, other tech companies have data-harvesting business practices that also exploit user information.
“If policy makers want to protect Americans from surveillance, they should advocate for a basic privacy law that bans all companies from collecting so much sensitive data about us in the first place, rather than engaging in what amounts to xenophobic showboating that does exactly nothing to protect anyone,” said Evan Greer, director of the nonprofit advocacy group Fight for the Future.
Karim Farhat, a researcher with the Internet Governance Project at Georgia Tech, said a TikTok sale would be “completely irrelevant to any of the alleged ‘national security’ threats” and go against “every free market principle and norm” of the state department’s internet freedom principles.
Others say there is legitimate reason for concern.
People who use TikTok might think they’re not doing anything that would be of interest to a foreign government, but that’s not always the case, said Anton Dahbura, executive director of the Johns Hopkins University Information Security Institute. Important information about the United States is not strictly limited to nuclear power plants or military facilities; it extends to other sectors, such as food processing, the finance industry and universities, Dahbura said.
IS THERE PRECEDENCE FOR BANNING TECH COMPANIES?
Last year, the US banned the sale of communications equipment made by Chinese companies Huawei and ZTE, citing risks to national security. But banning the sale of items could be more easily done than banning an app, which is accessed through the web.
Such a move might also go to the courts on grounds that it might violate the First Amendment as some civil liberties groups have argued.
