National-security concerns about the world’s most popular app, TikTok, might be legitimate, but addressing them is proving a master course in Washington dysfunction. Significant questions remain unanswered about the nature of the threat, but lawmakers have already introduced multiple bills in Congress that purport to solve the problem; all would grant far-reaching authority to government.
National-security worries about the video-sharing app run in two directions. The first is that TikTok’s parent company, ByteDance, is Chinese, and China is a country where no company is truly independent of the ruling regime. Which means that the Beijing government may influence the content shown or barred from U.S. viewers on the platform.
There is no evidence that this has happened yet, but that’s not to say the Chinese couldn’t do it in the future. The real question is, Do we care if they did? For a country founded on the idea that citizens possess not just the natural right but the cognitive ability to elect their own leaders, we have a big problem if short videos prepared by China’s regime spell the end of our republic. I have bad news for those that think that banning an app will be the top-down solution to decades of cratering faith in America’s defining institutions and creeds, including capitalism and democracy. You can’t regulate for the minds of free men, and there’s no substitute for persuasion. Which is, of course, the difference between America and regimes such as China’s.
The other national-security problem with TikTok is the data flowing in the other direction, from America to China. There are obvious reasons not to permit TikTok on the equipment owned by the government or strategically sensitive companies, but different issues may arise when considering the risks to an individual user when his information can be accessed and used nefariously by the Chinese state. Fair enough. If many Americans rightly worry that their own government is accessing too much personal information, it follows that they should be wary about the ability of a repressive regime, with a horrifying human-rights record, to access that same information.
This justification for banning TikTok should be buoyed by some specific threats, though. So far as we know, there are no concrete examples of such harm, which makes it easier for TikTok’s defenders to dismiss the asserted threat. TikTok doesn’t collect any more or different data than many other apps do. So what, specifically, is the danger posed by a foreign government’s seeing that data (in the case of private citizens, so long as they are not employed in sensitive jobs) — as repugnant as that particular foreign government may be? As of a hearing on the topic in late March, members of Congress had not received a bipartisan briefing from national-security agencies. That might contain those specific threats.
The biggest problem with legislative plans to single out TikTok for an outright ban is that the CCP could probably pay a private data broker to obtain all the same U.S. user information (markets!). This, and the fact that three of the top five free apps in the Apple App Store are Chinese-owned, have led to broader proposals, going beyond banning TikTok, aiming to control data flows between U.S. users and adversarial governments.
Most notably, Senator Mark Warner (D., Va.) and Senator John Thune (R., S.D.) introduced the RESTRICT Act (Restricting the Emergence of Security Threats That Risk Information and Communications Technology). It would most likely be employed to ban TikTok, but it’s much more sweeping in scope. It empowers the secretary of commerce to “identify, deter, disrupt, prevent, prohibit, investigate or otherwise mitigate . . . any risk arising from any covered transaction by any person” deemed to pose “an undue or unacceptable risk.” Covered areas where risk might be detected include online communications, federal elections, infrastructure, and activities by foreign powers intended to undermine democratic processes, institutions, or policy outcomes.
This bill, like any proposal used to ban TikTok, would have significant First Amendment hurdles to clear, and there are trade-offs about the user benefits, both social and economic, to consider. But RESTRICT goes so far beyond a narrow ban and expands the powers of the federal government so greatly that it’s been met with opposition from the far ends of the political spectrum. Representative Alexandria Ocasio-Cortez (D., N.Y.) took to TikTok itself to oppose the Act. Her video was viewed 2.2 million times in its first 15 hours. Polar political opposite Tucker Carlson also slammed the bill on his former cable show, telling viewers that it would “give enormous and terrifying new powers to the federal government to punish American citizens and regulate how they communicate with one another.” He highlighted the bill’s broad deference to the unelected secretary of commerce in defining terms that might trigger mitigation measures, including “throwing American citizens in prison for 20 years.” On brand, some civil libertarians raised concerns that the bill could be interpreted to make virtual private networks, a common tool to protect online identity and information, illegal. Some have waved off all of these concerns, but the possibility that RESTRICT could be a cure worse than the disease looms large.
If not a narrow (and ineffective) ban on TikTok and not a broader (but problematic) action such as the RESTRICT Act, what should be done?
TikTok’s answer is Project Texas, a proposal to move all U.S. operations into a new subsidiary, which would house all data collected by the app and be the forum for all content-moderation decisions. The new entity would be run by a board of directors approved by and reporting to the Committee on Foreign investment in the United States (CFIUS), a U.S. government agency charged with reviewing and monitoring foreign investments that might pose a national-security threat. The proposal would also require all employees of the new entity to be either U.S. citizens or green-card holders, a stipulation aimed at avoiding any obligations to the Chinese government. Finally, the proposal requires the TikTok platform, including its algorithm and content-moderation functions, to be hosted in Oracle’s cloud. Oracle would also monitor all data flows in and out of the cloud and be obligated to report any security concerns to authorities.
TikTok has already spent $1.5 billion on Project Texas, the company’s attempt to address all of its critics’ national-security concerns, but does it actually accomplish that?
Answering that question should have been the aim of the recent congressional hearing on banning the app. Hearing from legal and technical experts, on both sides of the issue, would have been a useful step in coming to an informed decision about the merits, costs, and risks of various courses of action, including improvements to Project Texas, as well implementation or rejection of it. Instead, the committee spent five hours stumping for spots on cable news and not letting TikTok CEO Shou Zi Chew, a Singaporean citizen, finish a sentence.
Read the full article at National Review.