TikTok and the Great Firewall of America
On Wednesday, the Trump administration announced The Clean Network program, which is supposed to protect Americans’ private information from “evil actors,” namely China. The basic idea is that, except for Chinese applications and companies, America will be safe again. “Building a clean fortress around our citizens’ data will ensure the security of all our nations,” the State Department statement said.
This is similar to the language that lawmakers are using against TikTok. “An American company must buy TikTok so that everyone can continue to use it and their data is safe,” US Senate Minority Leader Chuck Schumer (D-N.Y.) Recently tweeted. “It is about privacy.
The argument is that the Chinese-owned app TikTok, which has access to the personal data of millions of Americans, could pose a threat to national security. Taken literally, that position is not unreasonable. The problem is the assumption that American companies can be trusted to keep personal data private and secure. This is not necessarily true.
No, this is not “what it is about terrorism” or “The United States also does bad things.” It is simply to say that we don’t even know for sure if TikTok is mishandling personal data or monitoring ordinary citizens. We know that American companies are. So why aren’t more people talking about this threat to national security?
Last week, President Trump threatened to ban TikTok in the U.S., raising the weird specter of a world in which teens jump on America’s Great Firewall to use a Chinese app. Trump backed off a bit, saying the United States would shut down TikTok on September 15 unless Microsoft or another “very American” company bought it. He also said that the US government should get a share of the sale.
Just for the sake of argument, let’s give the White House the benefit of the doubt and assume this is not the election year that hits China or outdated protectionism. The idea of a foreign-owned company possessing a honeypot of personal data on millions of Americans, data subject to third-party hack, or pressure from a government, is not a great scenario.
“The problem is the assumption that American companies can be trusted to keep personal data private and secure.”
But American companies are also vulnerable to these threats. Last year, the New York Times published a deep dive into how mostly unregulated companies use mobile phones to track the movements of tens of millions of people, and they also store that information.
“Within the United States’ own representative democracy, citizens would surely rise in outrage if the government tried to order every person over the age of 12 to wear a tracking device that reveals their location 24 hours a day,” the article noted. “However, in the decade since the Apple App Store was created, Americans have given their consent, application by application, to that system run by private companies.
The Times was also able to use that same dataset to track, in a matter of minutes, the location of President Trump. If that’s not a national security problem, what is? If journalists can use this type of data to find a US president, foreign spies could probably do the same.
“Here we are going crazy with TikTok, when people’s cell phone operators are doing things that threaten our security much more seriously,” said Rebecca MacKinnon, founding director of Ranking Digital Rights, a research program at the New America expert group.
Nor is excessive data collection limited to cell phone companies. Google’s data hoarding is well known. Not long ago, Facebook allowed data firm Cambridge Analytica to access the private data of 50 million users.
In a widely viewed TED talk from 2017, academic Zeynep Tufekci reminded the world of how Facebook tracks every status update, Messenger conversation, and login location, not to mention all the information it buys from data brokers. His talk concluded with the petition: “We need a digital economy in blockchain where our data and attention are not sold to the highest-level authoritarian or demagogue”.
In the case of TikTok, the fear is that Beijing may demand data on American users, and the owner of TikTok, ByteDance, would have no choice but to deliver it. Especially in a time of intense tensions between the United States and China, many Americans would be uncomfortable with this, and it is understandable.
But some of those same Americans probably wouldn’t want their own government to monitor them either. However, the data stored by US companies has facilitated precisely that situation. As cryptologist Bruce Schneier wrote in his book, “Facts and Goliath”:
The National Security Agency did not build a massive internet eavesdropping system from scratch. He realized that the corporate world was already building one, and he took advantage of those corporations sometimes working with the NSA voluntarily. Sometimes courts compel them to release data, largely in secret.
Governments, of course, are only part of the problem. Non-state hackers can also wreak considerable havoc, as evidenced by the 17-year-old in Florida who allegedly broke into some of the world’s leading Twitter accounts. The stories of massive data breaches are becoming too familiar. The researchers found that 2019 was the worst year on record, with nearly 8 billion records exposed.
Data honeypots are dangerous, regardless of their nationality. Activists have proposed solutions, including the breakup of tech giants. Ranking Digital Rights recommends a federal privacy law that would include strong data minimization and purpose limitation provisions.
Ideally, “data collection, retention and sharing can only occur with the very explicit consent and acceptance of the user,” said MacKinnon. “But that is not the case. We have very loose legal protections for users about what is happening to our data.”
“The failure of Congress to pass a strong federal privacy law is a national security flaw,” added MacKinnon.
Another solution would be the popularization of decentralized blockchain social media platforms where users control their own information. The idea is to store personal data in a distributed ledger rather than in a centralized entity like Facebook. This, in theory, would help to tackle the honeypot problem. While this idea is often talked about in the blockchain and crypto community, we are still far from seeing a platform like this to unseat incumbent tech giants.
Now that data security is back in the headlines, it’s a good time to refocus on this topic. We can start with American lawmakers who recognize that this problem is much bigger than TikTok and will not be solved simply by putting more data in the hands of American companies.
Disclaimer: This press release is for informational purposes information does not constitute investment advice or an offer to invest. The views expressed in this article are those of the author and do not necessarily represent the views of infocoin, and should not be attributed to, Infocoin.