The Trump administration is considering banning Chinese social media apps inside the United States, Secretary of State Mike Pompeo said Monday. The ban would start with popular short-video platform TikTok.
“We’re taking this very seriously. We’re certainly looking at [TikTok],” Pompeo said during a televised interview with Fox News. He directly and explicitly linked the considered ban on TikTok and other apps to the administration’s actions against other Chinese tech firms.
“We’ve worked on this very issue for a long time, whether it was the problems of having Huawei technology in your infrastructure, we’ve gone all over the world and we’re making real progress getting that out,” he said. “We declared ZTE a danger to American national security, we’ve done all of these things. With respect to the Chinese apps on people’s cell phones I can assure you the United States will get this one right. I don’t want to get out in front of the president, but it’s something we’re looking at.”
Pompeo concluded by recommending users download TikTok “only if you want your private information in the hands of the Chinese Communist party.”
“TikTok is led by an American CEO, with hundreds of employees and key leaders across safety, security, product, and public policy here in the US,” the company said in response to Pompeo’s statement. “We have no higher priority than promoting a safe and secure app experience for our users. We have never provided user data to the Chinese government, nor would we do so if asked.”
A national security risk?
Pompeo’s interview was not the first time US officials have expressed concern over TikTok’s data-collection practices—and the questions have not been limited to the White House or to a single party.
Senators Tom Cotton (R-Ark.) and Chuck Schumer (D-N.Y.) last October asked the Director of National Intelligence to launch a probe into TikTok and its parent company ByteDance. “TikTok’s terms of service and privacy policies describe how it collects data from its users and their devices, including user content and communications, IP address, location-related data, device identifiers, cookies, metadata, and other sensitive personal information,” the senators wrote at the time. “While the company has stated that TikTok does not operate in China and stores US user data in the US, ByteDance is still required to adhere to the laws of China.”
A week later, reports surfaced that the Committee on Foreign Investment in the United States (CFIUS) was indeed investigating the companies on national security grounds. CFIUS, headed by the Treasury Department, brings together members from a dozen different agencies that conduct national security reviews when an international business acquires a US business. CFIUS had its scope and mandate greatly expanded in 2018 when President Trump signed a “modernization” package into law.
TikTok in the US started life in 2014 as the startup, short-form video app Musical.ly. A division of Beijing-based ByteDance—TikTok—snapped up Musical.ly for close to $1 billion in late 2017. In 2018, it decided to sunset the Musical.ly name and product, integrating the two extremely similar apps under the TikTok name. CFIUS did not review the Musical.ly acquisition in 2017, so the committee had authority to launch the investigation retroactively.
Reuters in May was first to report that ByteDance has been actively transferring TikTok’s operations out of China by hugely expanding its presence in California. “The strategy is aimed not only at TikTok, which is not available in China, but all of ByteDance’s non-China focused businesses,” Reuters wrote. Reuters included India-based social networking app Helo in its non-China businesses.
Where India is concerned, that move came too late. TikTok and almost 60 other Chinese apps were banned in India last week after a fatal military confrontation between the India and China border earlier in June. Indian officials said the apps were “stealing and surreptitiously transmitting users’ data in an unauthorized manner to servers which have locations outside India.” Those officials added, “The compilation of these data, its mining and profiling by elements hostile to national security and defense of India, which ultimately impinges upon the sovereignty and integrity of India, is a matter of very deep and immediate concern which requires emergency measures.”
Whether or not Chinese political entities are accessing TikTok user data, its privacy practices more generally are also now the subject of widespread concern.
In May, a group of 20 children’s, consumer, and privacy advocacy groups filed a complaint with the Federal Trade Commission over TikTok’s handling of children’s personal data. The groups claimed TikTok was violating a 2019 settlement the FTC reached with TikTok predecessor Musical.ly over alleged violations of the Children’s Online Privacy Protection Act (COPPA). The company paid $5.7 million, at the time the largest civil penalty ever imposed by the FTC in a COPPA case, to settle claims that it knowingly harvested and used personal data from users under age 13 without obtaining parental consent.
In June, researchers found that TikTok was collecting clipboard data from iOS users. All kinds of sensitive information, including account passwords, often reside on a device’s clipboard after users copy it from one field to paste it somewhere else.
The flaw was first discovered in March. At that time, TikTok promised to end the practice “in the next few weeks.” But clearly it has not.