TikTok has offered a comprehensive plan to a secretive government panel that will determine its future in the United States. However, it depends heavily on the American tech giant Oracle to minimize the popular video app’s alleged security dangers.
An anonymous TikTok executive revealed to CyberScoop the company’s approach to the Committee on Foreign Investment in the United States. Aspects of the proposal, known as Project Texas (a likely reference to Oracle’s Austin headquarters), have previously been reported and shared with members of civil society. Still, as talks with CFIUS, which will decide whether the company can continue to operate in the United States, have stalled, the company has begun to describe the proposal in more technical detail.
TikTok would disclose critical areas of its technology to Oracle and a group of third-party auditors who certify that the app is not pushing material following Beijing’s intentions or sharing U.S. user data with China under the plan’s parameters.
The proposal from TikTok, which is owned by the Chinese business ByteDance, is an effort to put an end to a dispute between TikTok and the U.S. government that dates back to the Trump administration about whether it poses a national security danger.
President Trump sought to ban the app and compel its sale to a U.S. corporation in 2020. However, when President Biden took office, he removed the restriction, which had been found unconstitutional in U.S. courts. Nonetheless, attempts to restrict TikTok have reappeared in the last year, and over half of all states have moved to prohibit the app from being used on government-owned devices.
The current discussion over whether TikTok should be allowed to continue functioning in the United States raises complex considerations regarding the app’s enormous influence in the American information ecosystem and popular culture. Moreover, at a time when Washington and Beijing are engaged in a wide-ranging war over who will control tomorrow’s technology, who will manage TikTok is possibly the most critical battlefield.
It’s Political more than Technical.
Concerns concerning TikTok’s presence in the United States are both political and technological. The parts of Chinese legislation mandating local enterprises to give over data at the government’s request are at the crux of the claim that TikTok presents a danger to America.
TikTok’s proposal, in its entirety — including corporate governance reforms, the use of gateways to govern data transfer, and source code and algorithm audits — tries to address that concern. Nevertheless, the provisions of TikTok’s proposal are inadequate for computer security professionals who view these aspects of Chinese law as fundamentally incompatible with operating in the United States.
There are several reasons for TikTok detractors to be concerned. BuzzFeed revealed last year that “China-based ByteDance workers have frequently accessed nonpublic data on U.S. TikTok users,” despite the company’s vow to move American customer data to servers in the United States. Later that year, Forbes revealed that TikTok personnel had utilized internal data to monitor journalists reporting on the firm in order to identify leakers. The app seemed to block material from the protest movement during major anti-China rallies in Hong Kong. In the midst of China’s human rights violations against the Uighur people, TikTok removed material related to events in the Xinjiang area.
States and Congress have taken piecemeal measures against TikTok since there is no overall method to address the app’s hazards. A rising number of states have prohibited TikTok from being used on government devices, and Congress approved legislation prohibiting TikTok from being used on federal equipment late last year. When confronted with a complicated plan before CFIUS to lessen TikTok’s security concerns, Lisa Monaco, the Justice Department’s No. 2 official, is said to be unconvinced that the idea is sufficiently “tough on China,” as The New York Times characterized it. Meanwhile, simply banning the app would spark a major political reaction, particularly among young Americans who rely on it every day.
While the Biden administration has taken a number of aggressive steps to limit Chinese access to American technology, banning an app best known for its viral dance challenges would represent a significant escalation in the White House’s war on Chinese influence — at a time when Washington is attempting to de-escalate tensions with Beijing. “The entire thing is a shambles,” said a former government official who served on CFIUS until recently and spoke on the condition of anonymity to explain the difficulties of reaching an agreement.
MANAGED CYBERSECURITY SOLUTIONS
Rhyno delivers a range of activities that combine to fully protect your infrastructure and data from cybercriminals, anywhere and everywhere, 24/7/365.
About Rhyno Cybersecurity Services
Rhyno Cybersecurity is a Canadian-based company focusing on 24/7 Managed Detection and Response, Penetration Testing, Enterprise Cloud, and Cybersecurity Solutions for small and midsize businesses.
Our products and services are robust, innovative, and cost-effective. Underpinned by our 24x7x365 Security Operations Centre (SOC), our experts ensure you have access to cybersecurity expertise when you need it the most.