TikTok national security concerns resurface: What you need to know

Popular video app TikTok is once again in the crosshairs of the US government, as a high-ranking regulator and a group of lawmakers resurrect national security concerns the China-based service may pose.

On Friday, the company responded to a letter signed by nine Republican U.S. senators, including Roy Blunt of Missouri and Marsha Blackburn of Tennessee. The letter expresses concern over a report that the company is giving officials in Beijing “backdoor access” to data about its users.

In a response to senatorsTikTok CEO Shou Zi Chew detailed how the company is working with the Biden administration on a deal that would “fully protect user data and the national security interests of the United States.”

The eight-page letter, which was seen and reported by the New York Timesacknowledged that China-based employees “may gain access to U.S. TikTok user data subject to a series of robust cybersecurity controls and authorization approval protocols overseen by our U.S.-based security team “.

However, TikTok said that while it continues to work on data issues, it expects to “remove US users’ protected data from our own systems and fully pivot to Oracle cloud servers located in the United States

“We know that we are among the most scrutinized platforms from a security perspective, and we aim to remove any doubts about the security of US users’ data,” Chew said in the letter.

Earlier this week, Federal Communications Commissioner Brendan Carr, a Republican appointed during the administration of former President Donald Trump, revealed that he asked Apple and Google to remove TikTok from their app stores. His reason: the app collects user data that poses a risk to US national security.

“It’s not just an app for sharing funny videos or memes,” Carr’s letter to Apple CEO Tim Cook and Google CEO Sundar Pichai read. “It is the sheep’s clothing.”

Google declined to comment. Apple did not respond to a request for comment.

The letters were inspired by a BuzzFeed News report in mid-June that China-based employees of TikTok’s parent company “repeatedly accessed non-public data about US TikTok users.” The report cites leaked audio from internal company meetings, in which engineers in China discussed having access to US data between September 2021 and January 2022.

The recent concerns mark the latest wave of turmoil for TikTok, which is owned by Beijing-based ByteDance. Here are some of the main issues raised by TikTok in the US:

What are the concerns about the TikTok app?

Some U.S. officials fear TikTok poses a national security threat because parent company ByteDance may share data about Americans collected through the app with the Chinese government. This data, they fear, could be weaponized against Americans. In theory, China could use the data to create profiles and spy on individual users, monitor their activity and target them directly. Another worry is that the data could be used in an aggregated way to attack the United States, such as using data to craft disinformation campaigns that could be used to destabilize the US government.

TikTok has repeatedly said it would never do this.

What has the US government done to address the concerns?

In 2020, the app caught the attention of the Trump administration, which ordered ByteDance to divest TikTok although this sale did not actually take place. The app is banned on many US government-issued devices and among the military.

The Biden administration has looked into security issues related to TikTok. The Committee on Foreign Investment in the United States, a group of government agencies that review foreign purchases by American companies, is examining these concerns. According to TikTok’s letter, the company is already taking steps to alleviate concerns from the US government.

Is the threat real?

Probably not. The CIA has concluded that Chinese intelligence authorities could potentially intercept TikTok data, according to a New York Times Report 2020, but that there was no evidence that they had done so. But like all social media companies that collect information about what users like, what they see and how they consume media, the data could be manipulated by any third party to create disinformation campaigns, like we’ve seen it with other platforms, like on Facebook during the 2016 and 2020 election cycles.

National security agencies and lawmakers have long warned of the potential danger to allow technology companies with ties to China to operate in the United States, since by law, companies operating in China could be compelled to share information with the communist government. The US government has already banned the use of telecommunications equipment made by Huawei and ZTE, two Chinese giants. He also has Chinese telecom service providers blocked to operate in the United States due to concerns that they might be used by Beijing to conduct surveillance on American citizens or wage cyber warfare against the United States.

What data does TikTok collect?

Like Facebook, Instagram, and other social media platforms, TikTok collects data about your location, IP address, search history, messages, and what you watch and for how long. It also collects device IDs to track your interactions with advertisers. If you provide access, it may also collect your phone and social media contacts. It also has access to all of your user-generated content through the app, which includes all the videos and images you post.

Like other social media services, TikTok uses this information to deliver content that catches your eye on the app. Like other social media companies, TikTok depends on displaying ads to make money. It therefore uses data to refine advertisements, making them more valuable.

In his privacy policy, TikTok says it does not sell user data. But the company says it “may transmit your data to its servers or data centers outside the United States for storage and/or processing.” The company also states that the third parties it shares data with could also be located outside of the United States.

Did TikTok try to reassure Americans?

In a June 17 blog postTikTok said it stores all of its US-based user data in Oracle’s cloud service. Previously, TikTok US user data stored in the US but kept a backup in Singapore. The company added that it plans to eventually remove US users’ private data from its own data centers.

“We know that we are among the most scrutinized platforms from a security perspective,” wrote Albert Calamug, who works on US public security policy for TikTok, in the blog post. “We aim to remove any doubt about the security of US users’ data.”

His statement apparently reflects a targeted message from the company. This is the exact language that the CEO of the company then used in a June 30 letter to nine U.S. senators.

In May, TikTok also said it had created a new department with US-based leadership to provide “a greater level of focus and governance” on US data security.

Will ByteDance employees still have access to US user data?

In the letter to senators, TikTok’s Chew said ByteDance employees in China still have access to TikTok data, but with “robust cybersecurity controls and permission approval” overseen by a state-based security team. -United. He also said that even though the company is removing US data from its servers in China as it moves it to Oracle’s cloud service, ByteDance employees in China will still work with TikTok.

These employees will continue to develop the algorithm used to provide video recommendations to TikTok users. And he said all public videos and comments will remain available to ByteDance employees under US government-approved terms to ensure “interoperability” between creators and users around the world.

What authority does the FCC have over apps and app stores?

None. The FCC regulates communications networks, which include wired networks using telecommunications and cable infrastructure, as well as networks that use wireless spectrum. This includes radio, television, satellite and cellular services.

The agency doesn’t regulate the internet or the companies that operate on the internet, which means it doesn’t have the power to force companies like Apple or Google to do anything like ban an app from their platforms.

FCC Commissioner Carr acknowledged this fact during an interview Thursday with Yahoo funds.

“We don’t necessarily have direct regulatory authority at the FCC, unlike what we do with Huawei, ZTE and China Mobile, where we have taken action,” he said. “So it’s possible they’ll tell me to pound sand.”

But he added that pressure from others in Washington, such as lawmakers, and a review by President Joe Biden’s Commerce Department could pressure companies to remove the app from their platforms.

“This is just one element of a larger effort by the federal government that brings … a well-deserved review of TikTok, its data practices, and the threat to national security,” he said. declared.

Comments are closed.