Short video-sharing platform TikTok has been enjoying explosive growth in its mostly young international audience. It has been described in The Washington Post as “the first Chinese app to truly pierce the global Internet mainstream,” in a recent New Yorker profile as “the last sunny corner on the Internet,” and in another extensive piece in The Financial Times “the streaming service Spotify and Apple really need to worry about.” But its rise has also brought scrutiny by U.S. legislators amid broader trade tensions and tech suspicions, as well as the attention of American competitors. TikTok, though it has insistently declared its own independence, is owned by Beijing-based Bytedance, which has made pointed shows of subservience to authorities at home after a series of political transgressions by its various AI-boosted online entertainment platforms. These include Douyin, a near mirror-image of TikTok aimed at a domestic audience.
Despite the ostensibly solid firewall between the two, there has been repeated speculation about TikTok’s susceptibility to censorship pressure from China, with questions raised over its handling of content related to protests in Hong Kong and leaked moderation guidelines expressing Chinese political sensitivities, among others. Users’ private data, some suggest, may be flowing in the other direction. These fears, and a concerted bipartisan barrage of letters from U.S. senators to officials, led to the reported launch this month of a national security review by the Committee on Foreign Investment in the United States of TikTok’s 2017 acquisition of Musical.ly, an American service.
TikTok says it has abandoned the previously leaked moderation rules, and critics’ suggestions that it has suppressed content related to Hong Kong have met some skepticism. Last week, though, The Washington Post’s Drew Harwell and Tony Romm reported former employees’ claims that the Chinese parent company had indeed “imposed strict rules on what could appear on the app in keeping with China’s restrictive view of acceptable speech“:
Following those rules often sparked clashes within the organization, former U.S. employees of the company told The Washington Post. American workers, accustomed to unrestrained expression online, bristled at commands to restrict videos that Beijing-based teams had deemed subversive or controversial, including heavy kissing, heated debates and the kinds of political discussions seen widely across the Web.
[… F]ormer employees who worked in the company’s U.S. offices as recently as this spring said they were instructed to follow rules set by managers at ByteDance’s Beijing headquarters, such as demoting and removing content related to social and political topics, including those censored by the Chinese government. The Post talked to six since-departed workers who spoke on the condition of anonymity out of fear of retribution.
“They want to be a global company, and numbers-wise, they’ve had that success,” said one former ByteDance manager who left this year. “But the purse is still in China: The money always comes from there, and the decisions all come from there.”
[…] Former moderators said flagged videos were either deleted outright or subtly blocked from appearing on the streams through which most videos are seen and shared. This latter method, the moderators said, largely prevented the videos’ creators from even knowing the video had been deemed unacceptable. [Source]
The article quotes Stanford Internet Observatory director and former Facebook chief information security officer Alex Stamos, who commented on Twitter:
It’s trendy to pretend that concerns about Chinese tech domination are just a smoke screen by US executives, but if you actually care about privacy, safety and content moderation then you need to pay attention to TikTok. https://t.co/wg5TDoJN4z
— Alex Stamos (@alexstamos) November 5, 2019
TikTok has specific safety concerns due to its popularity with young people. If your concern is economic espionage, then WeChat is likely already the most powerful tool in the PRC’s arsenal.
— Alex Stamos (@alexstamos) November 5, 2019
Harwell and Romm’s report followed a Post editorial on the alleged danger from TikTok:
TikTok’s leaders protest that they store local information locally, so whatever data the company has on the behavioral patterns or personal attributes of some of the most vulnerable American citizens are not “subject to Chinese law.” But it’s reasonable to wonder whether TikTok might not comply with targeted intelligence requests from the repressive regime ruling over its parent company ByteDance. TikTok’s younger users will be voting in the coming years; down the line, they may hold positions of power. A trove of their information is a valuable asset.
[…] The TikTok anxiety captures a more general concern about China’s ability to export its anti-democratic norms. U.S. companies are largely unable to operate in China on their own terms, if they’re able to operate there at all. Yet the relationship isn’t reciprocal: China seeks to stretch its arms as far as possible and squeeze. Douyin, the mainland’s version of TikTok, is heavily censored. The threat is that the censorship won’t end where the country’s borders do.
[…] TikTok has enabled an explosion of creativity here in the United States, allowing a rising generation to enjoy some of the early promise of the Internet. It’s exactly this promise that China threatens to crush. This government should pull whatever levers it can to ensure that a country that will not allow democracy in is unable to push authoritarianism outward. [Source]
(Last week, CNN’s Katie Pellico focused on the Post’s own use of the platform to offer a glimpse into its newsroom.)
In response to this intense focus, TikTok has been working to boost its lobbying firepower in Washington. From Ben Brody and Megan Wilson at Bloomberg:
The company, which registered its first lobbyist in June, is seeking to add a U.S. policy chief, plans to further expand its internal policy staff and is reshuffling outside lobbyists, according to people familiar with its plans.
[…] TikTok, which is owned by Beijing-based ByteDance Inc., also has hired Monument Advocacy, a public affairs and lobbying firm known for its expertise in technology policy, according to another person familiar with the matter. The person said TikTok is winding down its relationship with lobbyists at the law firm Covington & Burling LLP, which has close ties to Facebook.
[…] The lobbying push is part of TikTok’s effort to calm U.S. regulators and policy makers and try to persuade them that it’s really a U.S. company, said one of the people. Concerns are growing that TikTok could pose a national security threat because of its Chinese ownership and the risk that the government in Beijing could get access to the app’s growing troves of user data.
[…] ByteDance is expanding its operations aggressively across the U.S., hiring staff in Los Angeles, San Francisco, Chicago and New York. The app has logged more than 564 million installations this year and has been downloaded 1.45 billion times since launching, according to data from Sensor Tower, a San Francisco-based market intelligence firm that tracks the global app market. [Source]
The New York Times’ Jack Nicas, Mike Isaac, and Ana Swanson offered further details on TikTok’s maneuvers in their report on the national security review on November 1:
The ByteDance spokesman said the company hired a consulting firm in Colorado called Special Counsel to analyze TikTok’s app to understand where it sent user data.
Data about TikTok users, including their videos, names, dates of birth and other information, was stored exclusively on computer servers in Virginia and Singapore, said Douglas Brush, who led the analysis for Special Counsel. He added that in the analysis from July to October, which included interviews with TikTok employees and a review of the app’s underlying computer code, his team found no way TikTok could send data to China during those months.
ByteDance has tried to build its relationships in Washington amid the growing scrutiny. TikTok has joined NetChoice, a trade association that has been aggressive in pushing back on critics of tech companies. One of Bytedance’s own staff members registered to lobby for the company this summer. The company also hired the powerful corporate law firm Covington & Burling — whose clients include Facebook, among others — to advocate on its behalf.
[…] TikTok announced last month that it was working with the law firm K&L Gates on its moderation policies, and it joined a nonprofit organization focused on children’s online safety. In February, ByteDance agreed to pay a $5.7 million fine to the Federal Trade Commission to settle accusations that Musical.ly illegally collected information on users under 13. [Source]
Addressing concerns about content removal and suppression, the Times also cited another former employee, who said that “managers in the United States had instructed moderators to hide videos that included any political messages or themes, not just those related to China,” and that “he never received specific instructions to censor content related to China.”
Over the past several weeks, TikTok has been the focus of public statements by Members of Congress and others regarding alleged censorship of content, as well as questions about our data protection practices. TikTok recognizes the importance of these issues and appreciates that Members of Congress – and the public – are focused on them.
At TikTok, we take these issues incredibly seriously as well. We are committed to transparency and accountability in how we support our TikTok users in the US and around the world. In light of recent claims, we believe it is critical to set the record straight on some specific issues.
First, let’s talk about data privacy and security. We store all TikTok US user data in the United States, with backup redundancy in Singapore. Our data centers are located entirely outside of China, and none of our data is subject to Chinese law. Further, we have a dedicated technical team focused on adhering to robust cybersecurity policies, and data privacy and security practices.
Second, in regards to content concerns. Let us be very clear: TikTok does not remove content based on sensitivities related to China. We have never been asked by the Chinese government to remove any content and we would not do so if asked. Period. Our US moderation team, which is led out of California, reviews content for adherence to our US policies – just like other US companies in our space. We are not influenced by any foreign government, including the Chinese government; TikTok does not operate in China, nor do we have any intention of doing so in the future. [Source]
The Verge’s Zoe Schiffer examined the background of the national security review last week:
CFIUS’s focus on tech is still relatively new. For the last 30 years, the committee, chaired by the secretary of the treasury, has been charged with structuring mergers and acquisitions between US and foreign companies in such a way that protects US national security interests. CFIUS typically wants to see companies create US-based leadership teams and have US-based servers to ensure China’s government won’t have free rein over data on American citizens.
[…] In 2018, CFIUS began cracking down on Chinese tech mergers, a sign that it was increasingly concerned about giving foreign governments access to sensitive user data. On January 2nd, 2018 CFIUS rejected Chinese company Ant Financial’s plan to acquire the US financial organization MoneyGram, citing national security risks. “The MoneyGram episode is potentially instructive because it seems that concerns around a Chinese company having access to data on US citizens motivated the blocking of that transaction,” said Williams.
[… A]ccording to [the Australian Strategic Policy Institute’s Samantha] Hoffman, true independence will be difficult to come by — especially for TikTok’s parent company. “If we’re talking about a company based in the [People’s Republic of China], I would say it’s impossible for them not to be influenced by the Chinese government,” she said. “It doesn’t matter about the intent of the person setting up the company. It’s not about that. It’s about how the system operates.” [Source]
At The Washington Post’s Monkey Cage blog, the Brookings Institution’s Geoffrey Gertz anticipated the review’s possible outcomes:
The worst-case scenario for TikTok? CFIUS could demand divestment, as occurred with Grindr and PatientsLikeMe. Unwinding the Musical.ly acquisition would be particularly difficult, however, because Musical.ly and its users are fully integrated into TikTok.
Would divesting mean reverting to the Musical.ly brand and interface? It’s not clear Musical.ly would have much value as a stand-alone company anymore, following the TikTok rebranding. Alternatively, divestiture could mean ByteDance selling off the entire TikTok venture, including all of its users in Europe and Asia, but this would fundamentally disrupt the company’s plans for international expansion.
Between these two extremes lies what is probably the most likely scenario — that CFIUS will produce a list of requirements for TikTok to satisfy any national security concerns. CFIUS calls these deals mitigation agreements, and they typically involve measures such as increased government reporting, auditing, and compliance training requirements, or promises to host certain data in the United States. [Source]
Although entangled in the Trump administration’s broader crusade against China’s expanding technological influence, wariness of TikTok is substantially bipartisan. Besides letters from Democratic Senate Minority Leader Chuck Schumer, Business Insider’s Aaron Holmes highlighted another example:
Kiersten Todt, a former cybersecurity advisor to President Barack Obama, said she believes those concerns are warranted. Todt doesn’t attribute that risk to any of TikTok’s specific practices, but rather to the near-unilateral control the Chinese government holds over local companies and its demonstrated interest in collecting peoples’ data.
“One of the primary issues is that China has an entire nation at its disposal, whether it’s academics, whether it’s researchers, whether it’s institutions,” Todt told Business Insider in an interview.
“China has documented that it is collecting lots of data, and when you look at those apps, i think there are definitely legitimate security concerns,” said Todt, who is managing director at the Cyber Readiness Institute. [Source]
Broad suspicion of Chinese tech also has prominent detractors, however. From Marrian Zhou at Nikkei, for example:
“Huawei, like all goods and services, should be subject to an objective test,” Gates said at The New York Times DealBook Conference. “The rule that everything that comes from China is bad … that is one crazy approach to trying to take advantage of innovation.”
[…] The billionaire philanthropist said the U.S. and China should take advantage of each other’s innovations, rather than turn against one another.
Microsoft has provided Windows source code to governments in the past, Gates said, and those officials became comfortable with the American company’s products after examining the system. Huawei could adopt the same approach, he said.
[…] “If you are so paranoid, what about the codes that are being written by somebody whose grandmother or great-grandmother was Chinese?” Gates said. “Is there any piece of software in the world that you are willing to trust?” [Source]
Another U.S. tech leader who has been outspoken on TikTok is Facebook’s Mark Zuckerberg, who has adopted the firm as a rhetorical nemesis in his abrupt and skeptically received pivot from aggressively courting Beijing to loudly championing American free speech standards and financial leadership in the face of rising Chinese alternatives.
At Slate, New America’s Jennifer Daskal and Samm Sacks argued that while the technological threat from China is real, “case-by-case attacks on particularly powerful Chinese-controlled companies can’t adequately address the underlying trends and concerns“:
The U.S. should engage with China for a broad range of security, economic, civil liberties, and geopolitical reasons. But this does not mean that we turn a blind eye to abuses and other forms of malicious influence. We need red lines—points at which both the government and our private sector refuses to cooperate and operate. American tech companies should not be selling the surveillance technology used to digitally cage the Uighur community in Xinjiang. U.S.-based social media companies operating in China should resist Beijing’s efforts to turn over user information at the behest of authorities. There also are times when it is appropriate for the United States to restrict Chinese foreign investment in the United States or blacklist companies or research partners when there is evidence that they are working hand in hand with China’s security or military establishment. […]
[…] And we also need to recognize that the Mark Zuckerberg–preferred approach—that U.S. regulators give Facebook a pass when it comes to regulation so the United States can maintain its edge over China—doesn’t work, either. If U.S. companies are perceived to be uncontrolled behemoths that fail to protect privacy and hinder competition elsewhere, then other governments will place checks on their ability to operate and innovate. […] Put simply, an unchecked tech sector is not the right torchbearer for competition with China (or the rest of the world) when it comes to setting the rules and norms for the internet.
The United States would be wise to spend less time trying to clip the wings of rising entrants to the market and more time working on legislation and the development of standards to better protect privacy, secure data, and manage online content. Failure to do so will allow more space around the world for companies controlled by China to flourish, and Beijing’s vision for the internet with it. [Source]