Is the clock ticking for TikTok?
As someone from the boomer generation, I continue to be surprised and amused at the growing role social media plays in modern discourse. Younger generations can’t seem to go more than a few minutes without it. Two of the media giants in the field are TikTok and Twitter, neither of which I use directly, which may make me unqualified to discuss them, but I’m going to forge ahead anyway, but with respect to just one of the many issues both raise: their implications for U.S. national security.
TikTok is owned by ByteDance, a Chinese company, but its status has been under review by the Committee on Foreign Investment in the United States (CFIUS) for several years because of its 2018 merger with Musical.ly, a transaction CFIUS could unwind if it concludes there is a threat to our national security. The Trump administration attempted to ban TikTok, which the courts prevented, or force its sale to a U.S. company. The Biden administration is not pursuing a ban, but rumors of a possible sale continue to pop up, followed by denials. It seems that nobody who actually knows anything is talking.
CFIUS considers whether an investment would constitute a threat to U.S. national security. Superficially, it is hard to see how teenage dance videos and other entertainment content would be a security threat, but as is usually the case with media acquisitions or mergers, the issue involves data the company obtains, where it is stored and who can access it.
The data that social media entities acquire are largely personal information about the individuals who use the media. That leads to concerns if an adversary — in this case China — is able to access data that they might use to influence public opinion through misinformation or propaganda, or for some other nefarious purpose. FBI Director Christopher Wray recently told the House Homeland Security Committee that “the Chinese government could use it to control data collection on millions of users, or control the recommendation algorithm, which could be used for influence operations.”
For a time, TikTok denied that China could access its data, but it recently acknowledged this is not always true. That puts the burden on CFIUS to determine whether the data is available to the Chinese government and, if so, does that matter? One way to avoid that debate would be to approve the sale of the company to a U.S. entity. An inevitable condition of that, however, would be a requirement that TikTok surrender control over its data — a condition the company might well reject and one that could cause China to block ByteDance from agreeing to the sale.
Twitter, in contrast, is a U.S. company now owned by a U.S. person, Elon Musk. His actions and statements have led to demands, in Congress and elsewhere, that Twitter’s acquisition be investigated. President Biden, when asked, said he thought it should be looked at but indicated he wasn’t suggesting the company did anything wrong. Treasury Secretary Janet Yellen, after initially saying she saw no reason to investigate, has now backtracked — in part — and said she misspoke, suggesting instead that if there is a risk, then an investigation would be appropriate. That puts her in better alignment with the president. The issue is that Musk has minority foreign partners, allegedly Saudi Arabian and Chinese.
Thanks to the Foreign Investment Risk Review Modernization Act of 2018 (FIRRMA), CFIUS has authority to look at minority foreign investments where foreign control is not explicit. However, the criterion is the same as for TikTok: Is the investment a threat to national security? In a case not involving direct foreign control of the company, CFIUS would look for evidence that the foreign parties are in a position to influence the direction of the company, or whether they have access to sensitive proprietary data. That would include determining whether they have seats on the board or any role in the company’s management. Particularly important in cases involving social media entities is whether the foreign parties can access inside information about the company or the data that is one of the company’s biggest assets.
Twitter no longer has a board of directors, and there does not seem to be any evidence that the foreign investors have a role in its management. This leaves the issue of who controls or has access to the massive amounts of personal data Twitter accumulates. I agree with the president that that deserves an investigation, but at this point, it does not seem likely that it will conclude that there is anything to worry about from a national security point of view.
The calls for an investigation, however, do raise the issue of whether weaponizing CFIUS is a good idea. The people concerned about Musk’s stewardship of the company may be using CFIUS as a convenient tool for investigating him, but that seems to have little to do with an actual national security threat. If that becomes a habit, however, it will have a chilling effect on inbound investment that will restrict future economic growth and job creation.
Finally, both these cases remind us of the growing importance of data in our lives. When people discuss security, they usually mean hardware or software, but the ubiquity of social media and the personal data it generates and stores raises genuine national security issues about whether data can be used to compromise individuals or to influence them with misinformation. In that regard, the case against TikTok is likely stronger than one involving Twitter, but perhaps a close look at what is going on with both is a good idea.
William A. Reinsch holds the Scholl Chair in International Business at the Center for Strategic and International Studies in Washington, D.C.
Copyright 2023 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.