April 5, 2023
The Albanese government is banning Chinese-owned TikTok on government-issued devices as it mulls further measures to tackle national security concerns and protect the social media data of Australians.
Australia joins Five Eyes allies the US, Canada, New Zealand and United Kingdom in banning TikTok on government devices, and the European Commission has announced a similar edict.
"After receiving advice from intelligence and security agencies, today I authorised the secretary of the Attorney-General's Department to issue a mandatory direction under the Protective Security Policy Framework to prohibit the TikTok app on devices issued by Commonwealth departments and agencies." Attorney-General Mark Dreyfus said.
"The direction will come into effect as soon as practicable."
Mr Dreyfus said the government recently received the Review into Foreign Interference through Social Media Applications from the Department of Home Affairs. Its recommendations are under consideration.
At the weekend, The Australian Financial Review revealed the government is considering adopting onshore data storage requirements, known as data localisation or data residency, among measures to deal with concerns with apps such as TikTok and political interference in China.
TikTok admitted in a letter to Liberal senator James Paterson last July, obtained by the Financial Review, that Australian user data is accessible in mainland China.
Mr Paterson welcomed the ban but said Australia has been trailing behind the other western nations.
"I have been calling on the government to address this serious issue since 12 July 2022, when TikTok admitted in correspondence to me that Australian user data was accessible in mainland China," Mr Paterson said.
"Now that this risk is being addressed, we must urgently turn our attention to the broader cybersecurity and foreign interference threat posed by TikTok to the millions of other Australian users."
TikTok Australia general manager Lee Hunter said the company was disappointed by the decision.
"We are also disappointed that TikTok, and the millions of Australians who use it, were left to learn of this decision through the media, despite our repeated offers to engage with government constructively about this policy," he said.
"Again, we stress that there is no evidence to suggest that TikTok is in any way a security risk to Australians and should not be treated differently to other social media platforms."
In July 2022, analysis by Canberra-based cybersecurity and intelligence firm Internet 2.0 showed that TikTok checks its users' device location at least once an hour. It also continuously requests access to contacts even if the user originally denies.
China's National Intelligence Law of 2017 requires organisations and citizens to "support, assist and co-operate with the state intelligence work." The legislation was a major consideration in the Australian government's 2018 ban on Chinese telecommunications companies, including Huawei and ZTE, from providing equipment in the rollout of 5G mobile phone networks.
Data localisation makes up a key component of TikTok's Project Texas, a $US1.5 billion ($2.2 billion) effort to try to persuade US politicians that people's user data is safe.
Project texas would store American user data in the US on servers run by Oracle, a Texas-headquartered tech firm. TikTok's plan would allow Oracle and government-approved, third party inspectors to assess TikTok's data and source code.
Earlier this year, the Financial Review revealed that federal politicians and their staff were warned by the Department of Parliamentary Services about installing apps "such as TikTok" on parliamentary and personal devices.
In 2021, the Financial Review reported that Home Affairs and Defence had already banned TikTok on department-issued mobile phones.
