July 15, 2022
James Paterson
The Daily Telegraph
Friday 15 July 2022
TikTok is a wildly popular social media platform for sharing viralvideos, with an estimated seven million Australian users.
It is particularly popular with young Australians.
For some time there have been privacy and cyber security concerns about the appbecause its Chinese owner, ByteDance, has a close relationship with the Chinesegovernment and is subject to China’s all-encompassing national security laws.
But two years ago, TikTok Australia assured the parliament and Australians thatour data would be safe because it would be stored in the United States andSingapore, not China. It gave similar assurances in other Western democracies,including the United States.
All that changed last month in an explosive report in BuzzFeed when a TikTok USwhistleblower leaked hours of recordings of internal meetings that revealedthat, although US user data was stored on shore, it was accessible and hadbeen repeatedly accessed in mainland China. One company engineer in China waseven described as a “Master Admin” who “has access to everything”.
In response, nine US senators wrote to TikTok in the United States to demandanswers and the company admitted US user data was in fact accessible in Chinaand had been repeatedly accessed by its Chinese employees.
As shadow cyber security minister, I wrote to TikTok Australia to seek the sameinformation. This week, the company reluctantly admitted Australian user datais in the same boat: it is accessible and has been accessed in China.
In its reply, TikTok Australia assured me – just as it did two years ago – thatthe company would never hand over Australians’ data to the Chinese government.
Every Australian, particularly parents with young children who use the app, hasthe right to be concerned.
China’s national security legislation, including its 2017 National IntelligenceLaw, requires Chinese citizens and companies to co-operate with Chineseintelligence agencies when asked, putting our data within reach of the ChineseCommunist Party.
What’s more, they are required to keep that co-operation secret. Even if webelieved the company’s assurances that it would not co-operate with Chineseintelligence agencies, its employees are required to do so and are compelled toconceal this from their employer.
Sadly, based on the public comments of ByteDance’s chairman and founder, ZhangYiming, we have every reason to expect the company would in factenthusiastically co-operate with the Chinese government.
In 2018, Zhang publicly apologised for failing to sufficiently promote theCCP’s socialist ideology on the company’s platforms and promised to educate hisstaff about the importance of working closely with the party to achieve itsobjectives. Zhang specifically noted his concerns that TikTok had “deficienciesin education on the socialist core values and deviation from public opinionguidance”.
He further stated his company needed to do more on “strengthening the work ofparty construction, carrying out education among our entire staff on the ‘fourconsciousnesses’ (of Xi Jinping), socialist core values (and correct) guidanceof public opinion”.
This reinforces other concerns that TikTok is a permissive platform forauthoritarian state-backed disinformation campaigns and also censors contentcritical of the Chinese government’s human rights record.
At a time when our own intelligence agencies have assessed that foreigninterference, espionage and cyber attacks are at record levels, and that theCCP is the primary culprit, this is a serious national security problem. Itrequires a serious response.
Anthony Albanese appointed a Cyber Security Minister, Clare O’Neil, to hiscabinet in June, to much fanfare.
But so far there is no evidence the Albanese government has taken any action toaddress these new revelations, despite the calls to do so from many cybersecurity experts. In the United States, the Federal Communications Commissionis examining removing TikTok from the Apple and Google stores for failing toadhere to its terms of service.
In an age of strategic competition, where information is power, we mustinvestigate all possible regulatory responses to protect Australians’ privacyand cyber security.
Senator James Paterson is the shadow minister for cyber security.
