TikTok, the massively popular short-form video app, is in the crosshairs of American policymakers again over its ownership by Chinese internet giant ByteDance.
Brendan Carr, a Republican commissioner of the FCC, posted a letter to Apple and Google on Twitter, urging the tech giants to remove TikTok from their respective app stores — calling it “an unacceptable national security risk.”
“TikTok is not just another video app. That’s the sheep’s clothing,” Carr, who was appointed to the FCC in 2017 by Donald Trump, said in the tweet Tuesday accompanying the letter. “It harvests swaths of sensitive data that new reports show are being accessed in Beijing. I’ve called on @Apple & @Google to remove TikTok from their app stores for its pattern of surreptitious data practices.”
Carr’s comments amount to little more than saber-rattling, given that the FCC does not have the authority to regulate apps. His call to have TikTok banned in the U.S. came after a June 17 BuzzFeed News report that TikTok staffers in China have “repeatedly” accessed U.S.-based users’ data.
“TikTok’s pattern of conduct and misrepresentations regarding the unfettered access that persons in Beijing have to sensitive U.S. user data” violate Apple and Google’s policies, Carr claimed in the letter. “TikTok is owned by Beijing-based ByteDance — an organization that is beholden to the Communist Party of China and required by the Chinese law to comply with PRC’s surveillance demands… It is clear that TikTok poses an unacceptable national security risk due to its extensive data harvesting being combined with Beijing’s apparently unchecked access to that sensitive data.”
Apple and Google haven’t responded to Carr’s call to remove TikTok from their app stores.
In a statement, a TikTok spokesperson told Variety, “We will gladly engage with lawmakers to set the record straight regarding BuzzFeed’s misleading reporting. Like many global companies, TikTok has engineering teams around the world. We employ access controls like encryption and security monitoring to secure user data, and the access approval process is overseen by our U.S.-based security team. TikTok has consistently maintained that our engineers in locations outside of the U.S., including China, can be granted access to U.S. user data on an as-needed basis under those strict controls.”
Asked to explain how the BuzzFeed News report was “misleading,” the TikTok rep did not respond.
Following the BuzzFeed report, Albert Calamug, TikTok’s head of U.S. security public policy, said in blog post that same day TikTok has long stored U.S. user data in its own data centers in the U.S. and Singapore but that it has now changed the default storage location of U.S. user data to be routed to the Oracle Cloud infrastructure. “We still use our U.S. and Singapore data centers for backup, but as we continue our work we expect to delete U.S. users’ private data from our own data centers and fully pivot to Oracle cloud servers located in the U.S.,” he wrote.
Carr, in his letter, countered that TikTok’s statement that 100% of U.S. user traffic is routed to Oracle “says nothing about where that data can be accessed from.”
Carr’s concerns about TikTok echo those raised by the Trump Administration two years ago. In August 2020, President Trump — citing national security fears — ordered ByteDance to sell TikTok to U.S. entities under the threat of TikTok’s shutdown. Federal judges ruled that Trump overstepped his authority in ordering TikTok to shut down, finding that the administration’s hypothetical concerns about TikTok’s security risks were unconvincing.
Read Carr’s letter:
TikTok is not just another video app.
That’s the sheep’s clothing.
It harvests swaths of sensitive data that new reports show are being accessed in Beijing.
— Brendan Carr (@BrendanCarrFCC) June 28, 2022