WASHINGTON (NEXSTAR) – Federal lawmakers and leaders are sounding the alarm about the dangers of TikTok after new reports revealed that the private data of United States users is being accessed in China.
The popular app is owned by the Chinese company ByteDance, but is used by tens of millions of people in the U.S.
While Americans use the app to create and watch videos with dances, jokes and memes, Commissioner Brendan Carr with the Federal Communications Commission believes there is danger among that seemingly harmless content.
“Beneath the surface, TikTok is pulling all sorts of sensitive and personal data. Everything from search and browsing history, keystroke patterns and rhythm, biometrics including faceprints and voiceprints,” Carr said.
For years, TikTok executives have tried to reassure U.S. users that their data is protected and kept separate. But in June, Buzzfeed News reported that Chinese engineers and executives have been given full access to the private data of U.S. users. That caused concern among lawmakers, leaders and cybersecurity experts. They fear China could use the private data for things like targeted blackmail, political manipulation and technical advancements in building artificial intelligence.
That potential is something Sen. Mark Warner finds alarming.
“To have China have access to that should scare the dickens out of all of us,” Warner, D-Va., said. “This is a security concern. It is, quite frankly, a business advantage to the Chinese overall.”
That’s why he and Sen. Marco Rubio, R-Fla., are asking the Federal Trade Commission to investigate TikTok and their data-sharing practices.
“My hope is the FTC will respond and we can put in place the kind of privacy protections that, right now, are just not being provided to Americans,” Warner said.
Commissioner Carr also found the latest revelations unsettling, and is supportive of federal agencies investigating. He points out that, in addition to the request for the FTC to investigate TikTok, the Treasury Department and Commerce Department have also launched investigations into the app.
“It was really disturbing to me, knowing what we know about China’s nefarious intentions,” Carr said. “We need to have a full transparent disclosure from TikTok about where all this data has been flowing. Let’s just be upfront and honest about it. And I think we need to very quickly move forward with all of those pending federal inquiries.”
Carr also asked the CEOs of both Apple and Google to take the app out of their app stores. He says he hasn’t gotten a response from them yet, but is hopeful they will.
He acknowledges that a certain amount of harm has already been done, with the private data already exposed and potentially in the hands of China. However, he says the need for action is urgent because we haven’t seen the full repercussions of that exposure.
“All of that are harms that are yet to be realized, so there is value in taking action right now,” Carr said. “Whether it’s the FTC, Treasury, Commerce – we take immediate action and stop these surreptitious flows of data back into China.”
Dr. Aaron Brantly, a Virginia Tech cybersecurity expert who runs the Tech4Humanity Lab, is not optimistic that federal regulators will impose strong enough regulations. Instead, he’s pushing for Congress to pass data privacy legislation.
“The best solution would be a legislative solution to require onshoring of U.S. national data. So no data of U.S. persons should be allowed to leave the territorial boundaries of the United States without the express legal written permission of the user,” Brantly said.
If we don’t strengthen data privacy protections, Brantly warns that gives China a meaningful edge against the U.S. because China actually bans U.S. platforms within their boundaries.
“So we don’t have that kind of reciprocal access to data that they are acquiring and leveraging to train and build artificial intelligence and other types of platforms. And so that puts us at a comparative disadvantage for being able to engage in types of activities that they might be engaging in against us,” Brantly said.
Sen. Warner also thinks a national data protection law is long overdue, but doesn’t agree that full onshoring U.S. data is the solution.
“I’m not sure the full solution is all data localization country by country because, in many ways, that could in a sense almost break the internet,” Warner said. “If every country says, ‘we want to keep all our data on a localized basis,’ one – that would undermine American companies. But two – it doesn’t guarantee the kind of level of protection that we’d need.”
In response to the reporting, TikTok said it is now storing all of its U.S. user data in Oracle’s cloud service. However, that didn’t do much to mitigate concerns.
“The tools were built by China, in China. So I don’t think that’s going to be a solution in and of itself,” Carr said.
As U.S. leaders put pressure on federal agencies to act, they’re also publicly warning people that their private information could be at risk.
“TikTok is quite popular. But it shouldn’t be that popularity at the cost of every American’s individual privacy,” Warner said.