Phone with TikTok screen in the hands of a girl showing TikTok ban due to national security

South Dakota Enacts TikTok Ban for Government Employees Over National Security Concerns

TikTok will need to be scrubbed from any government devices in South Dakota, as the state becomes the first to ban the app over national security concerns. The prospect of a national TikTok ban has been in the air since the final year of the Trump administration, with the Biden administration as well as Congress and the Committee on Foreign Investment continuing to scrutinize the app for potential risks of it being used as an espionage or propaganda tool by the Chinese government.

South Dakota TikTok ban demonstrates continuing suspicion despite moves to localize US user data

The South Dakota TikTok ban applies to the devices of government agencies, employees and contractors; the app can no longer be downloaded or accessed via web browser, as per an order signed by Governor Kristi Noem on November 29. If the device is owned or leased by the state, TikTok is no longer welcome on it.

Noem cited widely discussed national security concerns as the reason for the TikTok ban, saying that South Dakota would no longer have a part in the “intelligence gathering operations of nations that hate us.” Noem directly accused the Chinese Communist Party of gathering personal information via the app, but there is still a lack of clear public evidence indicating that this is happening. The national security concern has been based more on China’s national security laws, which allow the government to seize any information stored on any servers in the country at any time without any kind of warrant or judicial review process. The other concern is that the Chinese government might direct TikTok to manipulate its recommendation algorithm to deliver propaganda on its behalf, but this is another item that is thus far more speculation than proven practice.

Noem also urged Congress to take up a similar TikTok ban at the federal level. The potential for TikTok to negatively impact national security has been debated since 2020, when the Trump administration threatened it with a ban from US app stores. TikTok avoided this fate via a combination of pledging to move all US data outside of China and firewall it off from the country, and the 2021 changeover to the Biden administration which has thus far taken a much slower pace in reviewing the app.

TikTok continues to face scrutiny, however, particularly after recent incidents that demonstrated that Chinese engineers and staff likely still have access to US user data. The primary point of review at the moment is the Committee on Foreign Investment (CFIUS), an inter-agency body that focuses on the national security impact of foreign money or access to US operations. The Republican party also recently took control of the House of Representatives in the 2022 elections, and its members have already contacted TikTok to advise it that it appears to have provided misleading information and can expect further examination from legislators in the coming year.

There is bipartisan concern, however, as FBI Director Christopher Wray and Treasury Secretary Janet Yellen also both recently expressed concern about how the app might be used by China to breach national security. Democratic Senator and Chair of the Senate Intelligence Committee Mark Warner has also told the media that he feels a TikTok ban is inevitable and that Congress needs to “bite the bullet” and get it done.

National security concerns about TikTok theoretical, but well-founded

TikTok’s fresh round of troubles began earlier this year, when a trove of leaked internal meetings revealed that Chinese engineers retained a great deal of access to US user data (despite assurances to the contrary). TikTok’s US side apparently does not have the technical expertise needed to do everything required to keep the platform functioning, and needs to turn to Beijing-based staff often enough that wide lanes of access have been kept open.

Just as TikTok was attempting to quell this trouble with promises that Chinese engineers would only have access to non-specific data to protect personal information, a November privacy policy update in the EU indicated that residents of the bloc could now expect their data to be shared with staff in China (along with a number of other third countries) as well.

Rajiv Pimplaskar, CEO of Dispersive Holdings, notes that the threat created by this goes beyond the Chinese government. The potential presence of backdoors and broad sharing of data with remote workers and third party contractors creates additional security risks that TikTok users should be aware of : “The core issue here is the rising prevalence of nation state threat actors within the fabric of public cloud infrastructure and Internet apps that can create insidious backdoors and circumvent typical security safeguards.  Apart from managing a blacklist of vendors, Governments and businesses need to more aggressively embrace advanced zero trust strategies such as stealth networking that obfuscates users, apps and data and mitigate the harvesting of potentially sensitive information in the first place.”

TikTok will need to be scrubbed from any government devices in South Dakota, as the state becomes the first to ban the app over #nationalsecurity concerns. #privacy #respectdataClick to Tweet

Given that the app has an estimated 80 million monthly active users in the United States, or nearly a quarter of the country’s population, a TikTok ban from app stores (as Trump initially proposed) would certainly raise a storm of discontent. A ban on federal government use with a national security justification, likely followed closely by more states adopting similar bans, seems to be the more likely outcome in the coming year. But the government may also look to increase awareness of the personal risks of continuing to use TikTok, along with applying continued pressure on the US operation to entirely divorce itself from China.