Hawley Rakes TikTok, Apple Over Cybersecurity Coals
Says China connections could compromise U.S. data security
Sen. Josh Hawley (R-Mo.) read TikTok and Apple the riot act in absentia Tuesday (Nov. 5) after the Chinese-backed social media platform and the social media giant declined to send representatives to his hearing on Big Tech's data handling, or mishandling, and risks from their connections to China.
Sen. Hawley began the hearing asking about all the data TikTok is collecting from American users. Hawley warned that the short-form mobile video platform and its massive data collection could be leveraged by the Chinese government against the U.S.
He then lit into Apple for providing cloud services to China.
Hawley said he wanted to get it on the record that TikTok is collecting "a lot of data," including content, location, contacts, behavioral data on use of the platform, and information from messages and users' phone books.
He said that was comparable to the "massive data harvesting" machines Google and Facebook.
And while TikTok said that data is stored in the U.S. and Singapore, Hawley pointed out that TikTok's parent is ByteDance, which is based in China and subject to a 2017 Chinese national intelligence law that requires Chinese companies to cooperate with state intelligence work.
He said that means TikTok's doors could be opened at any time to the Chinese Communist Party and Beijing could tell parent ByteDance to scoop up data on Americans and give it to Beijing.
NEXT TV NEWSLETTER
The smarter way to stay on top of the streaming and OTT industry. Sign up below.
Hearing witness Klon Kitchen, senior research fellow at the Heritage Foundation, said that was "without a doubt true."
Related: Sen. Whitehouse Hammers Social Media
Hawley ticked off some of the ways TikTok or another Chinese platform could abuse all that data, particularly using data to help artificial intelligence train autonomous weapons systems to identify targets--China is reportedly investing heavily in AI tech.
Asked how the U.S. could ensure that TikTok or other Chinese tech companies weren't Trojan Horses gathering data on Americans and sending it back to the Chinese government. "I'm not sure we can," said Kitchen. He said that anyone who thinks a Chinese company, even if a portion of the company is in the U.S., can say no to the Chinese government, "that is a fundamental misunderstanding of the way the government in Beijing works."
Apple, which was another hearing no-show, took it on the chin from both Hawley and Kitchen.
Hawley said he was concerned about American companies--specifically Apple, which provides cloud services to China--storing both data and the tools to decrypt it in China.
Kitchen said that while Apple was providing decryption keys for Chinese data stored there, doing so would give China a better understanding of the inner workings of Apple's iCloud accounts and could allow them to collect data "outside of that border."
Hawley asked Kitchen whether he thought Apple and others were compromising U.S. data security by storing both data and encryption keys. He said, yes, any company complying with China cybersecurity laws was risking not only data security but national security.
Related: Sen. Hawley Says Big Tech Is Exploiting Digital Tread Mill
Kitchen followed that with his most sobering observation/allegation, one that particularly struck Hawley, who said it summed up the problem: "China imprisons and tortures and kills religious minorities and political dissidents, and it is using compliant companies to do this at scale."
Neither Tik Tok nor Facebook had responded to a request for comment at press time on the tenor of the hearing or the company's decision not to participate.
But Vanessa Pappas, GM of TikTok U.S. has posted on the issue, saying: "[W]e store all U.S user data in the United States, with backup redundancy in Singapore. TikTok’s data centers are located entirely outside of China. Further, we have a dedicated technical team focused on adhering to robust cybersecurity policies, and data privacy and security practices."
Contributing editor John Eggerton has been an editor and/or writer on media regulation, legislation and policy for over four decades, including covering the FCC, FTC, Congress, the major media trade associations, and the federal courts. In addition to Multichannel News and Broadcasting + Cable, his work has appeared in Radio World, TV Technology, TV Fax, This Week in Consumer Electronics, Variety and the Encyclopedia Britannica.