Australia has joined a range of other countries prohibit the popular app TikTok for sharing videos from government devices, such as multiple outlets reported today.
The move comes after a period of seven months judgement on the initiative of the Minister of the Interior Clare O’Neil to security risks of social media platforms.
Last week, TikTok CEO Shou Zi Chew was put to the test by US politicians during a more than five-hour congressional hearing. To ask mainly focused on TikTok’s handling of user data and whether it is accessible to the Chinese Communist Party, as well as how harmful content (such as content about self-harm and eating disorders) spreads through the app.
TikTok has maintained that user data is stored securely and kept private, with CEO Shou Zi Chew telling Congress:
Let me say this unequivocally: ByteDance is not an agent of China or any other country.
But the evidence seems to indicate that a ban was long overdue.
Read more: ‘Anorexia coach’: Online sexual predators target teens who want to lose weight. Platforms look the other way
Some background
Since it was acquired by a Chinese company ByteDance in 2017, TikTok (formerly Musical.ly) faced persistent rumors about its handling of user data and privacy.
Despite its assurances, TikTok’s privacy policy allows user data, including browsing history, location, and biometric identifiers to be collected and shared with
business partners, other companies in the same group as TikTok, content moderation services, measurement providers, advertisers, and analytics providers.
More worrying is this provision:
Where and when required by law, we will share your information with law enforcement or regulators, and with third parties pursuant to a legally binding court order.
“Where and when required by law” includes China’s provisions National Intelligence Actwhich entered into force in 2017. It obliges organizations to cooperate with state intelligence agencies and would oblige Bytedance to share TikTok data from Australia that may be considered relevant to national security.
ByteDance has tried to move away from the perception that it is a Chinese company. According to TikTok’s vice president of policy in Europe, Theo Bertram60% of ByteDance is owned by global investors, 20% by employees and 20% by the founders.
Read more: TikTok tries to distance itself from Beijing, but will it be enough to avoid global blacklist?
But it hasn’t been enough to allay the fear. In 2020, India was one of the first countries to impose a permanent nationwide ban on TikTok (and dozens of other Chinese apps), citing privacy and security concerns.
In December 2022, Taiwan imposed a ban in the public sector following the US Federal Bureau of Investigation the app warned posed a risk to national security. That same month, the U.S. House of Representatives issued a ban on devices used by members and staff.
More recently were legislators from the European Union banished from have TikTok on their devices.
A large number of others to land have also issued bans, including Canada, Latvia, DenmarkBelgium, UK, New Zealand, France, the Netherlands and Norway.
What are Australia’s concerns?
Australia and its allies are engaged in a so-called gray zone conflict with China; this is where TikTok becomes a major concern.
Gray zone conflicts can be understood as competition between states and non-state actors set in a nebulous reality between peace and war. It includes the strategic use of disinformation, propaganda, economic coercion, cyberattacks and other forms of non-kinetic (subtle and non-coercive) action.
The Danger TikTok proposes to Australia that there would be resources for foreign intelligence agencies to track the location of government officials, build files of personal information and conduct espionage.
A depth analysis of The TikTok software code from Australian cybersecurity company Internet 2.0 makes for interesting, if not alarming, reading.
The company found that TikTok requests almost full access to a user’s smart device while the app is running. This data includes their calendar, contact lists, and photos. If the user denies access, the app will continue to prompt every few hours until access is granted.
Co-founder Robert Potter told the ABC:
When we did that (breaking apart the code), we saw that the layer of permissions the phone was asking for was significantly more than what they said they were doing publicly. When the app is in use, it can scan the entire hard drive, access contact lists, and view all other apps installed on the device.
Potter points out that these permissions are “considerably more” than what a social media site actually needs.
This is not an isolated incident. Last year, Buzzfeed released leaked audio from more than 80 internal TikTok gatherings in the US that raised the alarm. That reports the Buzzfeed reportChina-based ByteDance employees had repeatedly accessed non-public data about US TikTok users.
In a September 2021 meeting, a senior TikTok executive from the US referred to a Beijing-based engineer as a “master admin” who “has access to everything”. A US-based Trust and Safety staffer was also heard to say “everything is seen in China”.
The tapes overwhelmingly contradict TikTok’s repeated emphasis on user data privacy.
Read more: Concerns about TikTok passing user data to Beijing are back – and there’s good evidence to support it
The larger context
Australia’s ban on TikTok on government phones is not surprising. A partial ban has been in place for some time.
The decision addresses the larger issue of balancing national security interests against the trade relationship with our largest trading partner. The TikTok ban is just the latest manifestation of this struggle.
In 2018, Australia decision to exclude Huawei’s decision to install its 5G network was based on advice from the Australian Signals Directorate that it would give the Chinese government the means to paralyze the country’s 5G-enabled critical infrastructure during wartime. A number of other countries came to a similar conclusion.
China is a nation that the long sight when it comes to geopolitical strategy. The planning horizon extends over many decades and even centuries.
Against a backdrop of escalating gray zone conflicts, TikTok is an example of a potentially weaponized tool in China’s cyber arsenal that can collect massive amounts of data for nefarious purposes. And it’s probably not the last such tool we’ll be dealing with.
The wisest course of action for Australia would be to also develop a long-term orientation, making plans that stretch many decades ahead – and not as far as the next election cycle.
