TikTok, the popular video app, is again in the crosshairs of US officials, with a high-ranking regulator and a group of lawmakers taking aim at national security concerns the Chinese-owned service may pose.
Earlier this week, Federal Communications Commissioner Brendan Carr, a Republican appointed during former President Donald Trump’s administration, revealed that he had asked Apple and Google to remove TikTok from their app stores. The reason: the app collects data from users that poses risk to America’s national security.
“It is not just an app for sharing funny videos or memes,” read Carr’s letter to Apple CEO Tim Cook and Google CEO Sundar Pichai. “That’s the sheep’s clothing.”
Google declined to comment. Apple didn’t respond to a request for comment.
Separately, nine Republican US senators, including Roy Blunt of Missouri and Marsha Blackburn of Tennessee, sent a letter to TikTok expressing concern over a report the company had given officials in Beijing “backdoor access” to data on its users.
The letters were prompted by a BuzzFeed News report last month that China-based employees of TikTok’s parent company “have repeatedly accessed nonpublic data about US TikTok users.” The report cited leaked audio of internal company meetings, during which engineers in China discussed that they reportedly had access to US data between September 2021 and January 2022.
TikTok said it’s addressing concerns around access to US user data and would “gladly engage with lawmakers to set the record straight regarding BuzzFeed’s misleading reporting,” according to a TikTok spokesman.
“Like many global companies, TikTok has engineering teams around the world. We employ access controls like encryption and security monitoring to secure user data, and the access approval process is overseen by our US-based security team,” the company said in a statement. “TikTok has consistently maintained that our engineers in locations outside of the US, including China, can be granted access to US user data on an as-needed basis under those strict controls.”
The recent concerns mark the latest round of turbulence for TikTok, which is owned by Beijing-based ByteDance. In 2020, the app caught the attention of the Trump administration, which ordered ByteDance to divest TikTok though that sale hasn’t happened. The app is banned on many US government-issued devices.
National security agencies and lawmakers have long cautioned about the potential danger of allowing technology companies with ties to China to operate in the US. The US government has already banned the use of telecommunications gear made by Huawei and ZTE, both Chinese giants. It has also blocked Chinese telecommunications service providers from operating in the US because of concerns they could be used by Beijing to conduct surveillance on American citizens or wage cyberwarfare against the US.
Here are some of the key issues TikTok raises in the US:
What are the concerns about the TikTok app?
Some US officials are concerned TikTok threatens national security because parent company ByteDance could share data about Americans collected through the app with the Chinese government. That data, they worry, could be weaponized against Americans. In theory, China could use the data to build profiles and spy on individual users, monitor their activity and target them directly. Another worry is the data could be used in aggregate to attack the US, such as using data to craft misinformation campaigns that could be used to destabilize the US government.
TikTok has repeatedly said it would never do this.
Is the threat real?
Probably not. The CIA concluded Chinese intelligence authorities could potentially intercept TikTok data, according to a 2020 New York Times report, but that there was no evidence they had done so.
What data does TikTok collect?
Like Facebook, Instagram and other social media platforms, TikTok collects data about your location, IP address, search history, messages, and what you look at and for how long. It also collects device identifiers to track your interactions with advertisers. If you provide access, it can also collect your phone and social network contacts. It also has access to all your user-generated content through the app, which includes all those videos and pictures you post.
Like other social media services, TikTok uses this information to serve up content that keeps your attention on the app. Like other social media companies, TikTok depends on displaying advertising to make money so it uses the data to fine tune ads, which makes them more valuable.
Has TikTok tried to reassure Americans that China isn’t using its data to spy on them?
In a June 17 blog post, TikTok said it’s storing all of its US-based user data in Oracle’s cloud service. Previously, TikTok stored US user data in the US, but it kept a backup in Singapore. The company added that it plans to eventually delete US users’ private data from its own data centers.
“We know we are among the most scrutinized platforms from a security standpoint,” Albert Calamug, who works on US security public policy for TikTok, wrote in the blog post. “We aim to remove any doubt about the security of US user data.”
In May, TikTok also said it had created a new department with US-based leadership to provide a “greater level of focus and governance” on US data security.
What authority does the FCC have over apps and app stores?
None. The FCC regulates communications networks, which includes wired networks using telecommunications and cable infrastructure, as well as networks that use wireless spectrum. This includes radio, television, satellite and cellular service.
The agency doesn’t regulate the internet or any companies that operate on the internet, which means it has no authority to force companies like Apple or Google to do anything, such as ban an app from their platforms.