How the U.S. Ignored a Chance to Make TikTok Safer
16:41 JST, May 30, 2024
To save itself, TikTok in 2022 offered the U.S. government an extraordinary deal.
The video app, owned by a Chinese company, said it would let federal officials pick its U.S. operation’s board of directors, would give the government veto power over each new hire and would pay an American company that contracts with the Defense Department to monitor its source code, according to a copy of the company’s proposal. It even offered to give federal officials a kill switch that would shut the app down in the United States if they felt it remained a threat.
The Biden administration, however, went its own way. Officials declined the proposal, forfeiting potential influence over one of the world’s most popular apps in favor of a blunter option: a forced-sale law signed last month by President Biden that could lead to TikTok’s nationwide ban.
The government has never publicly explained why it rejected TikTok’s proposal, opting instead for a potentially protracted constitutional battle that many expect to end up before the Supreme Court. Since federal officials announced an investigation into TikTok in 2019, the app’s user base has doubled to more than 170 million U.S. accounts – including Biden’s reelection campaign.
But the extent to which the United States evaluated or disregarded TikTok’s proposal, known as Project Texas, is likely to be a core point of dispute in court, where TikTok and its owner, ByteDance, are challenging the sale-or-ban law as an “unconstitutional assertion of power.”
The episode raises questions over whether the government, when presented with a way to address its concerns, chose instead to back an effort that would see the company sold to an American buyer, even though some of the issues officials have warned about – the opaque influence of its recommendation algorithm, the privacy of user data – probably would still be unresolved under new ownership.
“The government essentially threw up its hands at the possibility of any kind of regulation or cybersecurity measure,” said Anupam Chander, a Georgetown University law professor who researches international tech policy.
“TikTok proposed this incredible array of protections, but none of it mattered,” he added. “In the government’s thinking, it wasn’t: ‘Can this app be protected?’ It was: ‘There’s a Chinese owner.’ That became the death knell. The government had a complete absence of faith in [its] ability to regulate technology platforms, because there might be some vulnerability that might exist somewhere down the line.”
A senior Biden administration official said in a statement that the administration “determined more than a year ago that the solution proposed by the parties at the time would be insufficient to address the serious national security risks presented. While we have consistently engaged with the company about our concerns and potential solutions, it became clear that divestment from its foreign ownership was and remains necessary.” The official declined to specify what made the plan insufficient.
In their legal challenge, TikTok and ByteDance argue the sale-or-ban law violates the First Amendment by suppressing a platform Americans use for information and self-expression. Courts traditionally evaluate such speech disputes on whether the government is pursuing a compelling state interest through the least-restrictive means possible.
The government, some legal experts said, probably will be asked to explain why Project Texas wasn’t a reasonable solution for its national security goals. The Biden administration hasn’t publicly detailed why the proposal was inadequate, saying only that the possibility of future Chinese data-gathering or propaganda merited an aggressive response.
In a statement, a Justice Department spokesperson said the law “addresses critical national security concerns in a manner that is consistent with the First Amendment and other constitutional limitations. We look forward to defending the legislation in court.”
Jodi Seth, a spokeswoman for TikTok, said in a statement that the company has voluntarily subjected itself to rigorous examination, including opening its source code to outside inspectors for ongoing technical review. “No other entertainment or social media platform provides a similar level of third-party oversight, even though they employ large numbers of foreign nationals and have development centers around the world,” Seth said.
TikTok and ByteDance leaders prepared the plan as part of their negotiations with the Committee on Foreign Investment in the United States, or CFIUS, a group composed of officials from nine federal agencies that reviews business deals for national security concerns.
TikTok outlined its proposals in a draft “national security agreement” totaling more than 90 pages, a copy of which The Washington Post reviewed last year. That proposal would have bound the company contractually to government controls in exchange for the ability to stay online in the United States.
The deal included extensive provisions never before offered to the government by a private company – including TikTok’s U.S.-based peers in the tech industry, such as Google and Facebook.
The plan would have largely blocked ByteDance’s global executives, including in its Beijing headquarters, from decision-making authority over the U.S. operation and would have siloed most of the U.S. app’s functionality in a discrete subsidiary subject to Washington oversight.
An American board of directors shaped by federal authorities would have been empowered to scrutinize the company’s content-moderation decisions and data flows, the draft agreement said. It also would have offered a “shutdown option” that the government could use to suspend TikTok in the United States if the company broke its part of the deal.
The plan was drafted over months of meetings in consultation with CFIUS officials, who told TikTok that they were close to a final agreement, according to two people familiar with the negotiations who spoke on the condition of anonymity to discuss internal talks.
But shortly after TikTok submitted the proposal in August 2022, “CFIUS without explanation stopped engaging,” TikTok and ByteDance wrote in their legal petition to the appeals court. The companies said they “repeatedly asked why discussions had ended and how they might be restarted, but they did not receive a substantive response.” (The administration official contends that the administration told TikTok at the time that divestment was the only viable option.)
TikTok officials requested meetings with Deputy Attorney General Lisa Monaco and other agency leaders, who declined, arguing that the company was already meeting with the appropriate officials, a U.S. official told The Post. Around that time, officials from the White House and Justice Department, including Monaco, were holding meetings with the forced-sale bill’s co-sponsors and other lawmakers critical of TikTok to offer advice on how they could draw up a bill that would survive a legal challenge, congressional members and staffers told The Post.
“There was clearly a bait and switch that happened here,” said a person who observed but was not involved in either side of the negotiations, who spoke on the condition of anonymity because they were not authorized to discuss what they had witnessed. “There was a 100-page national security agreement draft that was excruciatingly detailed. They went down the road and started building a lot of stuff to comply with that. Then at some point the government just changed its mind.”
Despite the lack of agreement from the government, TikTok adopted a number of the proposal’s components, saying in its legal filing that it has spent more than $2 billion to “resolve the very concerns publicly expressed by [the law’s] congressional supporters.”
The company moved the TikTok teams responsible for overseeing U.S. user information, security and content moderation into an American subsidiary, U.S. Data Security, that now employs more than 2,000 workers. Nearly all are Americans, a company spokesperson said, except for a few dozen British and Australian workers hired for around-the-clock support.
The company also shifted American users’ data to servers run by Oracle, the Texas-based tech giant that the U.S. military entrusts with some of its most highly classified cloud-computing work.
Some of its efforts, however, have been stymied by the government’s reluctance to engage, U.S. Data Security officials said at a briefing this month for the Center on Technology Policy, a policy think tank at the University of North Carolina at Chapel Hill that has received funding from foundations and tech companies including Google, Meta and TikTok.
According to attendees at the briefing, TikTok said it had submitted to the government a list of nominees for directors, but that federal officials had yet to approve them. That has left U.S. Data Security without an independent board.
The administration official declined to offer a response on this point. Without an agreement in place, it’s unclear how any such board nomination would apply.
TikTok also pledged to allow the U.S. government to set the rules for hiring, including requiring all new hires to be U.S. citizens or green-card holders, to consent to background checks and to accept that their employment offers could be revoked by government officials as they saw fit.
With no agreement in place, however, TikTok has been conducting its own background checks, the officials said in the briefing. A spokesperson said TikTok’s human resources work for U.S. employees still runs through ByteDance but that the company expects to fully transition the work into U.S. Data Security within a matter of weeks.
The stalled arrangement also has undermined Oracle’s ability to conduct third-party review. Though Oracle employees are actively reviewing TikTok’s source code for flaws and vulnerabilities, the U.S. Data Security officials said the government’s failure to participate has meant the code reviewers have no clear process for how they would report any red flags they might find.
Matt Perault, a former Facebook policy director who leads the UNC center, said those missed connections have weakened the government’s ability to guard against the risks it has long characterized as national threats.
“For the system to have the level of verification the government seems to want, the government has to play ball,” Perault said. “If you’re serious about trying to address concerns, you would suggest a set of remedies. And essentially what the government has said is there’s no remedy other than a sale.”
Some critics of TikTok’s plan label it a “catch me if you can” proposal that would require the government to sniff out risks. In March, the co-sponsors of the House legislation, Reps. Raja Krishnamoorthi (D-Ill.) and Mike Gallagher (R-Wis.), who resigned last month, said in a resolution that Project Texas would have allowed the app’s algorithm and source code to “remain in China under ByteDance’s control” and potentially expose U.S. users to “malicious code, backdoor vulnerabilities, surreptitious surveillance, and other problematic activities.”
Others have alluded to the pitfalls of taking over responsibility for a digitally complicated cultural juggernaut. At a congressional hearing in March, FBI Director Christopher A. Wray acknowledged that U.S. officials might find it “extraordinarily difficult to detect” if the Chinese government had forced ByteDance to promote videos that would agitate Americans or boost Chinese Communist Party ideals.
The law gave ByteDance 270 days from the day of Biden’s April 24 signing to sell TikTok, with an option for a 90-day extension if Biden determines that “significant progress” has been made toward a sale. In a filing, ByteDance argued the possibility of an extension was not feasible, given that it requires the company to take an action that it is fighting in court.
If ByteDance does not divest itself of TikTok’s U.S. assets by the deadline, the government will make it unlawful to “distribute, maintain, or update” the app within the United States.
Tech experts expect the order would largely be carried out by private companies: Apple and Google’s app stores would be required to stop pushing out app updates or downloads, and Oracle would be forced to stop hosting the app’s data and infrastructure on its U.S.-based servers.
Apple and Google declined to comment, but two people familiar with those companies’ thinking said the companies do not expect to weigh in on the matter.
One of the people said federal officials had not shared any evidence with the companies substantiating their national security concerns about TikTok. “Everyone internally thinks it’s the biggest bunch of bulls—,” this person said of the concerns, “but they’ve just decided to stay out of harm’s way.”
TikTok, ByteDance and a group of TikTok creators who sued over the law joined with the Justice Department in asking the U.S. Court of Appeals for the D.C. Circuit to fast-track the case and offer a ruling by Dec. 6. That would allow time for either side to seek a Supreme Court review of the ruling before the current forced-sale deadline of Jan. 19.
Because the law requires all challenges to run through the appeals court as its “exclusive jurisdiction,” the case will operate differently from traditional legal battles, court filings show. Instead of a discovery or fact-finding phase where evidence and witnesses would be presented, usually handled by a district court, the parties will file legal briefs for the court’s judges to review.
On Tuesday, a panel of three judges ordered that the companies and the creators must submit their briefs by June 20, and the Justice Department by July 26, a filing shows. Oral arguments are scheduled to begin in September.
The Justice Department told the court in a separate filing earlier this month that it is “evaluating” whether it needs to file an evidentiary submission that would contain “classified material to support the [law’s] national security justifications.”
While the government has offered some classified briefings for lawmakers, it hasn’t publicly shared any evidence showing the Chinese government has exercised influence over the app. In March, Sens. Richard Blumenthal (D-Conn.) and Marsha Blackburn (R-Tenn.) asked the Office of the Director of National Intelligence to declassify information about TikTok so as “to better educate the public on the need for urgent action.” A spokeswoman in Blumenthal’s office said they haven’t received a response. An ODNI spokesperson said they were continuing “engagement with Congress on the issue.”
Chander, the Georgetown law professor, said the lack of government substantiation after five years of investigating has made it hard to understand the government’s current urgency over an app millions of Americans use for news and entertainment.
“It’s hard to square this as an immediate threat if the Biden campaign keeps posting TikToks,” he said.
"News Services" POPULAR ARTICLE
-
North Korea Long-Range Ballistic Missile Test Splashes Down between Japan and Russia (UPDATE 1)
-
Japan’s Nikkei Stock Closes at 2-week Peak as Tech Shares Track Nasdaq Higher (Update 1)
-
Nissan Plans 9,000 Job Cuts, Slashes Annual Profit Outlook
-
Iran Arrests Female Student Who Stripped to Protest Harassment
-
Chinese Solar Firms Go Where US Tariffs Don’t Reach
JN ACCESS RANKING
- Streaming Services Boost Anime Popularity Overseas; Former ‘Geeky’ Interest More Beloved Among Gen Z than 3 Major U.S. Sports
- Malaysia Growing in Popularity as Destination for Studying Abroad; British-style Education Available at Low Cost
- ‘Women Over 30 Would Have Uteruses Removed’; Remarks of CPJ Leader, Novelist Naoki Hyakuta Get Wide Attention
- Japan Business Circle Calls for China Resuming Visa-Free Travel; Keizai Doyukai Visit to Country Marks 1st in 8 Years
- Typhoon Kong-rey to Reach South of Japan’s Okinawa on Thursday; JWA Urges High Alert for Strong Winds, Heavy Rain