With contributions from Nahide Basri, a Legal Intern at the ICC and an LSE LLB and LLM graduate specialising in Human Rights Law

It is no secret that the Cold War between the US and China persists and is indeed intensifying, but this time the tension has surfaced through an unexpected medium – TikTok, a Chinese-owned social networking service that allows users to create and share short music videos. While it has become difficult for an average internet user to avoid the application’s energetic music-clips, the latest Google searches reveal it dominating the web with a different headline: ‘Trump to Ban TikTok’.

On 6 August 2020, Trump issued an Executive Order (EO) which bans ‘any transaction by an person, or with respect to any property, subject to the jurisdiction of the United States’ with ByteDance Ltd, the Chinese parent company of TikTok. This, the Order explains, is because “the spread in the United States of mobile applications developed and owned by companies in the People’s Republic of China (China) continues to threaten the national security, foreign policy and the economy of the United States”.

The EO, however, would not “affect a deal” if what Trump has called “a very American company” decides to buy the Chinese-owned app. TikTok has thus been in negotiations with various US companies, such as Microsoft and Oracle, for a potential take-over of its business. While Oracle has made the most progress so far, a deal is yet to be approved by both Washington and Beijing. The Department of Commerce has stated that if no deal is struck by 12 November, the application will be banned completely.

Typical Trump?

At the outset, it must be acknowledged that while Donald Trump’s TikTok’s ban appears no different to other erratic policy choices steered by his administration, that is not wholly the case. While banning a social media app may seem like another attempt by the President to censor ‘all things he doesn’t like’, TikTok does, in fact, pose serious data privacy risks to its users. Importantly – albeit not unlike other US entities – the company amasses a concerning amount of user data. As per its privacy policy, this includes invasive information collection on users’ usage of the TikTok app, their location history and messaging content. Perhaps even more shockingly, TikTok also gathers (seemingly unnecessary) forms of device information such as users’ IP address, phone type, mobile carrier, time zone settings, screen resolution, operating system, app and file names.

Admittedly, what renders this company’s digital surveillance more alarming than that of say, Facebook or Google, is that it is owned by a Chinese company. Accordingly, this leaves TikTok more vulnerable to political pressures to share data with the Chinese government. Moreover, while the app’s representatives have denied that possibility – alleging that the company has never been subject to such requests and that all user data is stored across the US and Singapore – TikTok has certainly shown some allegiance to Chinese policy in the past. For example, the company has (controversially) censored content featuring topics sensitive to China’s Communist Party. In addition, as per leaked documents published by the Guardian in 2019, TikTok has previously instructed its moderators to censor videos that mentioned the Tiananmen Square protests, Tibetan independence, the religious group Falun Gong, and many others”.

Chinese-owned apps like TikTok are also susceptible to legal coercion by Chinese authorities. According to a 2017 Chinese law, national companies are required to comply with government intelligence operations and to share information when asked to do so. Moreover, given that China lacks an independent judiciary or legal mechanisms that companies could appeal to, the possibility of refusing to cooperate is merely theoretical. In tacit agreement with this dystopian reality, TikTok’s privacy policy confesses that it 'may disclose your information to respond to...government inquiries, and to protect the...interests of...TikTok Inc'. 

Ultimately, ‘should the Chinese government receive access to TikTok’s user data, it remains unclear exactly what the Chinese Communist Party might do with it’. Typically, when China collects bulk data overseas it uses it to fuel state security-like propaganda, influencing the media environment globally and technologically nudging user behaviour in its favour’. As such, Trump’s move to ban the application cannot be dismissed as wholly unwarranted.

Tik-Tok-ing Gone Wrong

It is not all black-and-white, however. While the app does pose cybersecurity risks, there are three central reasons why the EO shows that Trump’s political clock is not ‘tik-toking’ correctly.

Censoring Digital Speech

First, the EO is cruelly negligent of millions of Americans’ freedom of speech and First Amendment rights; the epitome of the President’s hypocritical anti-Americanism. While Trump’s Order prima facie targets the platform, it is its users that will feel the brunt of its censorial effect. Indeed, if TikTok was to disappear, freedom fighters, protestors, online activists, artists, and ordinary users would be thoughtlessly deprived of their central forum for expression. For the US to so carelessly censor users’ speech (including political commentary and activism) raises pronounced constitutional claims. Unsurprisingly, many have commented that Trump’s EO places the country amongst other information-authoritarian states like Egypt, Turkey, North Korea, Russia and (paradoxically) China.

The situation becomes almost ironic when one zooms out for a wider view of American constitutional traditions. The US has traditionally attached utmost value to the right to free speech, placing it firmly above other ‘European-originated’ values such as the right to privacy and data protection. In fact, unlike the gold-plated protection of free speech in the First Amendment, no Amendment explicitly protects American citizens’ right to privacy. It was only in 1965 in Griswold v Connecticut that the Supreme Court of United States (‘USSC’) pronounced the latter as a right implied in the Due Process Clause of the 14th Amendment. The hierarchy between the two rights is also revealed in where the burden of proof attaching to each right lies. Any threat to free speech is usually regarded as censorship and thus places the burden of proof firmly on the censor. By contrast, the burden is reversed with regard to the right to privacy: it is the victim that must defend their privacy and demonstrate evidence of harm (an ever tougher threshold given the intangible and immeasurable nature of privacy-related injuries).1 As such, the sheer ease with which the US scraps a right that it has upheld so dearly in lieu of another that it barely values, or even recognises, comes as a curious contingency, to say the least.

US Hypocrisy

Second, the EO’s “ethos” is inconsistent with the sheer extent of data that American companies like Facebook, Apple, and Google cultivate and extract from their users. From Google’s hidden microphones in its smart security devices such as Nest Guard, to Amazon’s smart speakers secretly spying on users, these companies have exemplified how far they are willing to go to enrich their seething data reservoirs. In this light, in her International Bestseller book “The Age of Surveillance Capitalism: The Fight for a Human Future at the New Frontier of Power”, Shoshana Zuboff emphasises the striking parallel between the surveillance activities undertaken by Silicon Valley and the Chinese government. Furthermore, the Snowden revelations and the Cambridge Analytica scandal have evidenced that “information snooping” in the US is, in fact, far from restricted to the private sector but, very pronouncedly, extends to the government itself.  

Pretentious Privacy

Third, and most importantly, the EO fails to actually address US citizens’ data privacy problem. Ultimately, no ban or radical policy choice will safeguard users’ online information. TikTok’s alleged data collection is more so a symptom than a cause; it is philosophically legitimised by the disregard for data protection outside the EU. Were the US (or, ideally, cyber-space as a whole) to have legislation mirroring Europe’s GDPR, American users would be able to oblige all social media platforms to reveal the essence and specifics of their information collection, and to delete, transfer or halt their data processing. While the European data protection regime under the GDPR is certainly not perfect and is at times overly-idealistic, the comprehensive regulatory model it initiates is a step in the right direction. At the very least, it is better than an EO that randomly singles out a foreign company.

In addition, a potential deal between Oracle and TikTok would only aggravate data privacy concerns. Last month, The Privacy Collective, an NGO, filed a lawsuit against Oracle and Salesforce in the Netherlands for allegedly infringing the GDPR. The consumer privacy campaign group claims that the American companies collected personal data through cookies and then used it for dynamic ad pricing services, all without user consent. If such accusations are proven true, Oracle may not be the best entity to oversee the activities of a social media company also possibly guilty of questionable conduct regarding user data.

Finally, it is important to remember that the EO makes no explicit mention of data protection or privacy, instead relying on national security as its raison d’etre. This accentuates what many have fervently posted about; Trump’s order is more so an expression of the longstanding political (and, as per recently) technological battle that China and the US have fought since the Cold War era than an attempt to safeguard users’ digital privacy.

Missing the Mark

While it is clear that TikTok does pose a risk to its users’ data privacy, Trump’s ban is clearly a suboptimal solution. The EO’s inadequacy is best highlighted in the threat to freedom of speech that the ban poses, the US hypocrisy in tolerating its own Tech Giants’ “surveillance capitalism”, and its ingenuity in actually safeguarding American citizens’ online data.

[1] Julie E Cohen, Between Truth and Power: The Legal Constructions of Informational Capitalism (2019 OUP)