As TikTok, the social media platform that has perfected the art of short-form communication by video, has risen to market dominance, so has awareness of its potential geopolitical threat. Launched just three years ago, it now has more than 500 million active users and was the most downloaded app on the app store in the first quarter of 2019. And its owner is ByteDance, a leading Chinese technology company.
In a letter to Joseph Maguire, the acting director of national intelligence, Sens. Chuck Schumer and Tom Cotton warned: “With over 110 million downloads in the U.S. alone, TikTok is a potential counterintelligence threat we cannot ignore.” On Tuesday, Sen. Josh Hawley joined the bandwagon, so apoplectic about the security threat that he derailed his own committee hearing. Meanwhile, the Committee on Foreign Investment in the United States has reportedly started a probe into the national security risks of ByteDance’s 2017 acquisition of the app Musical.ly, the precursor of TikTok.
The fear is that TikTok serves as a vessel that extends Beijing’s influence and control outside of China. And it’s a legitimate concern. TikTok is perhaps the first Chinese tech export with the potential to reshape the global internet. Unlike Alibaba and Tencent, TikTok does not just cater to overseas Chinese users or focus on expanding in emerging economies. Teenagers in democracies across Europe as well as India, South Korea, and Australia are flocking to the app to record 15-second video clips of themselves singing and dancing. Most probably don’t realize that, because TikTok is a Chinese company, their communications might be restricted and monitored by Beijing.
TikTok has pushed back on the specific censorship and surveillance concerns. In response to Washington critics, it has insisted that its U.S. operation is independent from its Chinese parent, including with respect to what content is permitted on its site and what personal data gets shared with its Chinese handlers. Whether and to what extent that is true is a matter of significant dispute. BuzzFeed recently found evidence that TikTok may not have been removing posts about the protests in Hong Kong despite suggestions to the contrary. But Washington Post interviews with former workers in the United States suggest that prior content-based decisions—including demands that videos depicting heavy kissing and certain political messages be kept off the app—were dictated at least in part by Beijing. In 2018, ByteDance increased its content censor team to 10,000 people after authorities took issue with vulgar jokes on a different app under its umbrella. And while it is a myth that the Chinese government has an open pipeline to all data accessible to Chinese-owned companies, the reality is that if and when Beijing makes a demand, it is hard for Chinese-based companies to say no.
So what can we do? To start, the United States should demand privacy protections for data that it (and all U.S.-based companies) collects, including limits on retention and sharing. The fact that TikTok is now committing to make content decisions independently, without being swayed by Beijing, is a good thing—something that can and should be encouraged.
But the furor over TikTok is about something much bigger. Case-by-case attacks on particularly powerful Chinese-controlled companies can’t adequately address the underlying trends and concerns. And the United States can’t go at this alone. Even if the U.S. took the drastic step of banning TikTok, the company will continue to thrive elsewhere.
Just look at what happened when the U.S. banned Huawei from 5G next-generation networks and tried to convince allies and partners in Europe to do the same. In October, Germany delivered a slap in the face to the Trump administration by announcing it would not ban Huawei from 5G (although that, like everything else in this space, continues to shift). Even at home, U.S. chipmakers flouted the U.S. ban by shipping products to Huawei using loopholes in export control law. Chinese drone-manufacturing companies are the latest addition to the blacklist, although here, too, there is nothing the U.S. can do to protect against the sales elsewhere.
We need a more effective strategy for dealing with Beijing’s growing influence over global technologies. This is a much harder task than company-whack-a-mole, but the U.S. is already losing that game anyway.
China-based tech companies are increasingly dominant global players. This success provides an avenue for China to export norms, power, and practices globally. This is hardly a new phenomenon. U.S. tech dominance has long given a massive competitive advantage to domestic law enforcement and intelligence services. Perhaps not surprisingly, the terms of service of companies like Facebook and Twitter and Google have, at least until recently, heavily reflected the particularities of First Amendment–influenced norms. Now China is exercising an all-too-familiar kind of global power. Whether we allow China-owned companies to operate in the United States or not, they will spread—and are highly attractive—elsewhere. If the U.S. simply withdraws its market and its potential influence, it will cede power and control, including the ability to shape global norms, policies, and practices, to Beijing.
The U.S. should engage with China for a broad range of security, economic, civil liberties, and geopolitical reasons. But this does not mean that we turn a blind eye to abuses and other forms of malicious influence. We need red lines—points at which both the government and our private sector refuses to cooperate and operate. American tech companies should not be selling the surveillance technology used to digitally cage the Uighur community in Xinjiang. U.S.-based social media companies operating in China should resist Beijing’s efforts to turn over user information at the behest of authorities. There also are times when it is appropriate for the United States to restrict Chinese foreign investment in the United States or blacklist companies or research partners when there is evidence that they are working hand in hand with China’s security or military establishment. (If, for example, the U.S. intelligence community probe into TikTok finds evidence that Beijing is using data gathered by the app to target Americans in national security positions, then blacklisting, or, at a minimum, restrictions on use by U.S. government personnel, would be warranted.)
Perhaps most importantly, we need an alternative, affirmative internet that is powerful and attractive to users around the world in its own right. Right now, the choice is between the U.S. internet—dominated by Silicon Valley companies who proclaim the need for “internet freedom” to justify their hands-off approach to hate, terrorism, bullying, and election manipulation—and China’s.
It is much easier to tear things down than to build them up. But that doesn’t mean it’s impossible to remake the U.S. internet. Among other things, we need to stop pretending that every flower can bloom online. Even a small number of bad actors can wreak significant harm. We need appropriate content controls and rules governing law enforcement access that can respond to those harms, while also protecting free speech and privacy—responding to harms while ensuring that a wide range of idiosyncratic, nonmainstream voices can still be heard.
And we also need to recognize that the Mark Zuckerberg–preferred approach—that U.S. regulators give Facebook a pass when it comes to regulation so the United States can maintain its edge over China—doesn’t work, either. If U.S. companies are perceived to be uncontrolled behemoths that fail to protect privacy and hinder competition elsewhere, then other governments will place checks on their ability to operate and innovate. Take India, where the government is seeking to stop Silicon Valley companies from engaging in “data colonialism” by restricting their ability to send data out of the country. The European Court of Justice already once restricted data flows from Europe to the United States—and may very well do so again—because of a concern about the absence of sufficient privacy protections in the United States. Put simply, an unchecked tech sector is not the right torchbearer for competition with China (or the rest of the world) when it comes to setting the rules and norms for the internet.
The United States would be wise to spend less time trying to clip the wings of rising entrants to the market and more time working on legislation and the development of standards to better protect privacy, secure data, and manage online content. Failure to do so will allow more space around the world for companies controlled by China to flourish, and Beijing’s vision for the internet with it.
This article has been updated to clarify how the U.S., and not just American tech companies, should engage with China.