Under intense scrutiny from Washington that could lead to a potential ban, the top attorney for TikTok and its Chinese parent company ByteDance defended the social media platform’s plan to safeguard U.S. user data from China.
“The basic approach that we’re following is to make it physically impossible for any government, including the Chinese government, to get access to U.S. user data,” said general counsel Erich Andersen during a wide-ranging interview with The Associated Press at a cybersecurity conference in Sausalito, California, on Friday sponsored by the Hewlett Foundation and Aspen Digital and featuring top government officials, tech executives and journalists.
ByteDance will continue to develop its new app called Lemon8, Andersen said.
“We’re obviously going to do our best with the Lemon8 app to comply with U.S. law and to make sure we do the right thing here,” Andersen said, referring to the new social app developed by ByteDance that resembles Instagram and Pinterest. “But I think we got a long way to go with that application — it’s pretty much a startup phase.”
ByteDance’s most known app, TikTok, is under intense scrutiny over concerns it could hand over user data to the Chinese government or push pro-Beijing propaganda and misinformation on its behalf. Lemon8 was introduced across app stores in Japan in April 2020 and has been rolled out in more countries since then. It’s available for download in the U.S. and could face similar scrutiny to TikTok.
Leaders at the FBI, CIA and officials at other government agencies have warned that ByteDance could be forced to give user data — such as browsing history, IP addresses and biometric identifiers — to Beijing under a 2017 law that compels companies to cooperate with the government for matters involving China’s national security. Another Chinese law, implemented in 2014, has similar mandates.
To assuage concerns from U.S. officials, TikTok has been emphasizing a $1.5 billion proposal, called Project Texas, to store all U.S. user data on servers owned and maintained by the software giant Oracle. Under the plan, access to U.S. data would be managed by U.S. employees through a separate entity called TikTok U.S. Data Security, which is run independently of ByteDance and monitored by outside observers.
Some lawmakers have said that’s not enough. But despite skepticism about the project, TikTok says it is moving forward anyway.
“We’re investing in a system where people don’t have to believe the Chinese government and they don’t have to believe us,” Andersen said.
He also wondered if the skepticism was being driven by something else.
“Where are we falling short here?” he said. “At some point you get beyond the cybersecurity risk assessment, etcetera, and you get to ‘We don’t like your nationality.’”
TikTok CEO Shou Zi Chew has said the company started deleting all historic U.S. user data from non-Oracle servers this month and expects that process to be completed this year. During a congressional hearing held last week, Chew said migrating the data to Oracle will keep it out of China’s hands, but also acknowledged China-based employees may still have access to it before the process wraps up.
TikTok maintains it has never been requested to turn over any kind of data and won’t do so if asked. But whether those promises, or Project Texas, will allow it to stay operating in the U.S. remains to be seen.
The U.S., as well as Britain, the European Union and others, have banned TikTok on government devices. And the Biden administration is reportedly threatening a U.S. ban on the app unless its Chinese owners divest their stakes in the company.
On Friday, Andersen said a ban would be “basically giving up”.
“Banning a platform like TikTok is a defeat, it’s a statement that we aren’t creative enough to find another way,” he said.
China has said it would oppose a possible sale, a declaration that makes it more difficult for TikTok to position itself and ByteDance as a global enterprise instead of a Chinese company. In 2020, the country had also come out in fierce opposition to executive orders by then President Donald Trump that sought to ban TikTok and the messaging app WeChat.
“They were clear about their point of view back in 2020 timeframe when we faced an existential challenge from executive orders under the Trump administration,” Andersen said.
Courts blocked Trump’s efforts, and President Joe Biden rescinded Trump’s orders after taking office. The company has since been in talks about privacy concerns with the Committee on Foreign Investment in the United States, a multi-agency panel that sits under the Treasury department.
Meanwhile, lawmakers on Capitol Hill have been pushing bills that would effectively ban TikTok or give the administration more authority to do so. One bill by U.S. Sen. Josh Hawley was blocked this week by Sen. Rand Paul, the only Republican who has come out in opposition to a TikTok ban. A small number of progressive lawmakers have also said they would oppose a ban, and argued the U.S. should implement a national privacy law to curtail the problem.
Andersen said Friday TikTok would support broad-based privacy legislation.
“Our view is that we would really welcome broad-based legislation that applies broadly and evenly,” he said. “What we don’t like, frankly, is legislation that is sort of targeted at one company.”
TikTok could also be banned through another bill, called the RESTRICT Act, that has garnered broad bipartisan support in the Senate and backing from the White House. The legislation does not call out TikTok but would give the Commerce Department power to review and potentially restrict foreign threats to technology platforms.