After yet another user data breach in China, the social media app TikTok is once again in the crosshairs of U.S. officials, this time from the FCC.
Earlier this month, BuzzFeed reported that ByteDance, the Chinese company that owns TikTok, had access to private data information about American TikTok users. Now, FCC Commissioner Brendan Carr has reached out to executives at Apple and Google to request that the two tech giants remove the TikTok app from their app stores.
In a letter addressed to Apple CEO Tim Cook and Google CEO Sundar Pichai, Carr warns about the national security threat posed by the social media app that is popular with Americans, especially teens and 20-somethings.
“TikTok is not what it appears to be on the surface,” Carr wrote. “It’s not just an app for sharing funny videos or memes. That’s the sheep’s clothing. At its core, TikTok functions as a sophisticated surveillance tool that harvests extensive amounts of personal and sensitive data.”
According to the BuzzFeed report, audio recordings at ByteDance collected between September 2021 and January 2022 revealed that nine employees located in China had openly discussed accessing sensitive American user data, including phone numbers and birthdates.
On one recording from last September, a ByteDance employee in TikTok’s Trust and Safety department says, “Everything is seen in China.”
In his letter, Carr claims that ByteDance “is beholden to the Communist Party of China and required by Chinese law to comply with the PRC’s surveillance demands.”
And Carr is just the latest to sound the alarm regarding TikTok. Politicians from across the political spectrum — including President Biden, former President Trump, Sens. Chuck Schumer and Tom Cotton, and others — have expressed misgivings about TikTok.
“The concerns over TikTok are shared on a bipartisan basis,” Carr notes.
TikTok has recently attempted to quell some of those concerns. On the same day that the BuzzFeed report dropped, TikTok announced publicly that “100% of US user traffic is being routed to Oracle Cloud Infrastructure.”
Routing U.S. user traffic through Oracle, an American company headquartered in Austin, does not fix the problem, though, according to Carr, since the data can still be accessed outside the United States, including in Beijing.
Because of the severity of the security issues that TikTok has repeatedly demonstrated, and Apple’s and Google’s obligation to honor their own security standards and protocols, Carr closes the letter by asking Apple and Google to remove the app entirely from their stores.
Otherwise, he demands that they explain in writing how “the surreptitious access of private and sensitive U.S. user data by persons located in Beijing, coupled with TikTok’s pattern of misleading representation and conduct, does not run afoul of any of your app store policies.”