in

The US government won’t detail why TikTok is a security threat


The Trump administration is redacting specific information on why TikTok is a security concern.


James Martin/CNET

The US government warns TikTok is a security and privacy concern for millions of Americans, but when it came down to specifics on how the Chinese government could get its hands on the social video app’s data, the Justice Department is keeping the information classified. 

In court filings from the Justice Department on Sept. 25, the agency redacted specific information on how the Chinese government could take your data on multiple occasions.

“For example, although TikTok claimed to store U.S. user data within the United States, the Commerce Decision Memo then explained why the PRC may still be able to gain access to that data through [REDACTED],” the Justice Department said in its court filing. 

Details from the Commerce Department’s memo are also redacted.

Redactions in government documents often keep crucial information hidden from public knowledge. For example, while the Commerce Decision Memo redacted information on TikTok’s backup servers in Singapore, a later court filing on Sunday revealed that the server is owned by the Chinese tech giant Alibaba.

“The Secretary also concluded that the TikTok data of US users is especially vulnerable because TikTok keeps a backup of all its US data in Singapore with a China-based company called Alibaba,” the unredacted court opinion said.

The US government has long argued that TikTok’s parent company Bytedance has ties to the Chinese government and serves as an espionage tool. It’s pointed at the app’s overreaching data collection, and the Chinese government’s national security laws which allow the government to force companies to provide information for investigations. 


Now playing:
Watch this:

TikTok ban delayed, further restrictions on exports to…



1:42

In court documents, TikTok has argued that it wouldn’t comply with the Chinese government’s demands for American data, because the data is stored on US and Singapore servers, not in China. 

While the Commerce Department argues that its Singapore server data is at risk because it’s hosted by Alibaba, a TikTok spokeswoman said it’s secured from the Chinese government. 

“The cloud storage that we rent in Singapore is protected by our own encryption and technology, which is implemented by our US-led security team. In addition, our proposal that the Administration has publicly agreed to in principle would move 100% of US user data to the Oracle storage system,” the company said in a statement.

bytedance-redacted-2.png

The Commerce Department’s memo explaining why TikTok is a security risk has several redactions on specific details.


Alfred Ng / CNET

TikTok faces a national ban in the US by November unless its parent company sells off its assets to an American company. While it was supposed to be removed from app stores on September 21, TikTok won a delay on Sunday after a federal judge ruled in the company’s favor.   

President Trump’s executive order in August to ban TikTok argued that the app would allow China to “track the locations of Federal employees and contractors, build dossiers of personal information for blackmail, and conduct corporate espionage,” but the administration has yet to provide specific details on how the government would do so. 

When the ban was supposed to go into effect on Sept. 20, a senior Commerce Department official declined to give any examples of China using TikTok to spy on Americans. 

“Whether we have any evidence, domestically, of these particular apps taking data is missing the point,” the official said at a press briefing on Sept. 18. “We know what they’re using these apps for overseas. We know what the Chinese government’s intent is here in the United States.”

The US government has also suggested several situations where Chinese espionage would be possible — though these scenarios aren’t unique to Chinese companies.

The Commerce Department’s memo described a situation whereTikTok and Bytedance would be defenseless against cyberattacks from the Chinese government stealing data from the company. 

These attacks have also happened to Equifax, the Marriott hotel chain and the US Office of Personnel Management, but those American companies aren’t designated as a national security threat.  

A New York Times report in August also found that the CIA ran a security check on TikTok, and noted that the Chinese government has never requested data from the app on American users. 

Multiple independent security researchers have analyzed TikTok’s data traffic flow TikTok’s data traffic flow, and found that while the app takes a large amount of data, it hasn’t gone beyond what data-centric companies like Google and Facebook request from your devices. 

 Privacy advocates have argued that the best way to protect US data isn’t banning foreign apps from the country, it’s improving the nation’s privacy laws to make sure it’s no longer an industry standard for apps to siphon hordes of data from millions of people. 

The Justice Department argued that even if Trump doesn’t have evidence of the Chinese government spying on Americans through TikTok, he doesn’t need it. 

“There is no requirement that the Executive must wait for specific harm to occur before responding — the Executive is free to act prospectively based on a risk of harm,” the agency argued in its court filing. 



Source: CNET News, Author: Alfred Ng

What do you think?

Written by Peek Jar

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Loading…

0

Among Us is behind a huge spike in Discord’s mobile app downloads

How to Watch the First 2020 Presidential Debate