Zachary Karabell
The U.S. Congress hasn’t passed a budget on time since 1996, and many members spend more time preening and posturing than legislating. Yet at the beginning of the month, the Energy and Commerce Committee of the House of Representatives voted 50-0 on a bill that would have de facto given the president the authority to force ByteDance, the parent company of TikTok, to divest its control of U.S. operations or face a ban of the app. The full House passed the bill less than a week later by a margin of 352-65.
But that speed should give us pause. The question of what to do about TikTok depends on what TikTok is actually doing. And the evidence of clear and present danger just isn’t there yet. As things stand, banning TikTok is not just bad policy; it’s hollow as well. It won’t make the United States safer, and it will allow those in government—both in the national security bureaucracy and in Congress—to pretend that it is doing something without doing much at all to address the real issues of data, privacy, and foreign influence.
The main national security argument for forcing TikTok to sell to a U.S. owner or face an effective ban is that Chinese laws require ByteDance to turn over user data to the Chinese government if requested. That leads to fears that user data could provide a way for the Chinese Communist Party (CCP) to perform massive surveillance of Americans, and that the party could (and may already) use the algorithms that power TikTok’s feed to manipulate public opinion in the United States to the detriment of U.S. democracy and civil society, and hence tilt the nascent China-U.S. cold war in China’s favor.
Each of these cases rest on very thin reeds. And what’s more, almost all of the threats cited are about what TikTok could potentially do, and not about what it has been or is doing.
First, yes, Chinese law does obligate companies to turn over data. Arguably, though, every government can commandeer user data through whatever laws empower either domestic police or foreign intelligence gathering (in the United States, that would include the FBI for domestic issues, and the CIA and National Security Agency for foreign intelligence, though the lines blur at times). But in the United States, companies can often resist initial demands to turn over data, although courts can compel them. No such recourse exists in China.
And yes, ByteDance has by necessity genuflected toward the CCP, a stance that it and any other Chinese company has no choice but to take. TikTok has countered that its data is not housed on servers accessible to the CCP, but rather on Oracle servers in the United States, though it has also said that some data provided by content creators is stored in China.
But as for the concern articulated by White House national security spokesman John Kirby “about data security and what ByteDance and what the Chinese Communist Party could do with the information that they can glean off of Americans’ use of the application,” that is, well, a bit much. In essence, the issue should not be that TikTok is obligated to hand over data to the CCP; it should be whether any of that data is really private anyway, and whether it could be obtained by the CCP regardless of if ByteDance turned it over willingly or not.
User data is constantly harvested by apps of all kinds, from social media platforms to financial institutions. That data has some protections for sure, and most of it is anonymized. But as anyone in the ecosystem of data mining knows, enough user data can render those anonymity protections almost useless, and there is, to say the least, a robust private market for that data. Monetizing user data is the business model for countless tech companies, and one of the easiest ways is to sell it to other people.
And as a recent Wall Street Journal report so clearly demonstrated, so much data is collected by private companies—and collected so effectively—that government agencies often buy from them on the sly rather than spending the money to collect and collate it themselves.
It all goes back to what early internet tech titan Scott McNally said in the early days of the IT revolution: “You have no privacy. Get over it.” Consumer data has some of the least comprehensive privacy protections in the world, whether it’s gathered through Facebook, TikTok, Amazon, Snapchat, Walmart, or on and on. Even benefits and financial data—or at least, in anonymized form that can often trace back to specific individuals—is more easily obtainable than most of us would like to think.
The idea that TikTok user data is somehow uniquely susceptible to being hoovered by the Chinese government flies in the face of the reality that most of our data is hooverable by both private companies and governments. TikTok is not unique in that.
Hence, banning TikTok or forcing its divestiture won’t make it significantly more difficult for China’s spy agencies to obtain that data if they want it, either via buying it from private companies or collecting it themselves. Yes, it might make it harder as in more time-consuming or expensive, but not sufficiently more time-consuming or expensive to create real friction.
And it would not make U.S. user data meaningfully more secure; if the CCP were a private company with limited resources, then raising time and cost just might be a security buffer for U.S. data. But the CCP runs a government, and if it wants to obtain the data by fair means or foul, it can. This bill won’t alter that equation.
In short, if the concern is spying and the security of the kind of consumer data that can be gathered from those using the TikTok app, then there would need to be far more aggressive legislation of all social media and data companies to even begin to move that needle.
Yes, some believe that the presence of the TikTok app on your phone is akin to Chinese spyware that could covertly activate your camera, snatch your email, and even access encrypted WhatsApp and iMessage communications. None of that has been proven, and those who have sat in on classified briefings to lawmakers have not testified that such concerns have been validated by any U.S. intelligence agency, though all of those agencies have banned TikTok from their personnel’s phones.
Is such spyware via the app technologically possible? Probably, but that then goes back to the issue that if TikTok could do that, so could countless other apps. Data is easy to copy and sell, whoever collects it originally.
The other issue is whether the Chinese Communist Party could direct ByteDance to manipulate the feed algorithms to then either sow chaos in U.S. public opinion or engineer outcomes and decisions favorable to China at the United States’ expense.
The usual benchmark for that concern is the belief that Russia took advantage of social media to muddy the waters of the 2016 U.S. presidential election, and hence TikTok could do so in the future even more effectively. But that assumes a) that in the worlds of pet videos and cooking videos and comics and dating and essentially everything, algorithms could effectively force a binary or specific outcome and b) that it is relatively simple to engineer specific outcomes.
The concern is also that information can be effectively censored for political ends, or that some ideas or videos can be buried by the algorithms. The skew of anti-Israeli and pro-Palestinian content on TikTok has been offered by congressional Republicans as one proof point, but it has been clear on deeper analysis that the skew of that content closely follows attitudes among the largely younger demographic that uses the app.
There has been some evidence that before 2020, TikTok did reduce the visibility of anti-CCP videos, but since the explosion in usage, that pattern has been less evident. With so many users, it is actually quite difficult to bury content that people want to see.
Others have floated the idea that while the algorithms aren’t yet sophisticated enough to effectively manipulate public attitudes and behavior in some Manchurian Candidate style of mass brainwashing, that is because these tools are still relatively primitive compared to what they will be in an artificial intelligence-fueled data world coming soon. Hence, we need to cut off TikTok from the Chinese threat now, while the capabilities are still nascent.
If that happens, Americans will need far more domestic protections, law and technologies to guard against a myriad of possible threats to privacy, democracy, and security that changing ownership of TikTok will do nothing to ameliorate.
Banning TikTok will not make us safer from any of these challenges. In fact, in the guise of claiming to make us safer, this bill will do the opposite. It will be used by proponents as a demonstration that steps are being taken to guard against the misuse of data by foreign actors without actually impeding the ability of foreign or domestic actors to misuse that data. There are real issues of how our personal data is used, who collects it, where it is stored, and how it is bought and sold.
There are dangerous shoals as China and the United States attempt to navigate profound differences in values and governmental systems. The determination of the CCP to stay in power and eliminate any opposition means that its approach to speech and democracy will remain antithetical to the West. But one of the remaining strengths of the United States is that it is an open society, where ideas flow freely and are not easily controlled.
TikTok is one of several platforms where ideas flow—maybe not in complete anarchic freedom, but certainly they do flow. That’s also why the app is not available in China. Removing it in the name of security may feel like a positive step in a dangerous time. In truth, it is a hollow gesture that sacrifices openness for the illusion of action.
No comments:
Post a Comment