March 25, 2023
As Australia’s relations with China were plummeting during the early months of the COVID-19 pandemic, then-prime minister Scott Morrison ordered a review into what to do about the increasingly popular video-sharing application TikTok.
It was July 2020, and Donald Trump was a few weeks away from a clumsy attempt to use his executive authority to force TikTok’s parent company, the Beijing-headquartered ByteDance, to sell the application over concerns about the misuse of users’ private information.
Morrison’s instinct was to also do something, such as banning it on government-issued phones and computers.
But a few months later, Australia’s security agencies came back to the prime minister with unequivocal advice: there were no national security grounds to do anything about TikTok, best known for its feel-good viral dance and lip sync videos.
Later in the year, Joe Biden won the presidential election and shelved Trump’s plan to force TikTok’s owner to divest from the asset, which would have likely encountered a number of legal hurdles.
For almost two years, nothing much happened on the regulatory front as the app continued to explode in popularity. It is now estimated that 7 million Australians use TikTok each month. In the US the app has 150 million users, almost half the total population.
The situation began changing last year when a series of articles in BuzzFeed started appearing, revealing that US user data was accessible, and had been accessed by ByteDance employees in China – contrary to what the company had been insisting for years.
A month later, similar revelations started surfacing in Australia.
In response to a question from the opposition’s cybersecurity spokesman, James Paterson, TikTok Australia confirmed that Australian user data was also accessible in mainland China.
Senior executives at ByteDance were incensed by the reports in BuzzFeed, and they believed that people within the company were leaking the sensitive information.
ByteDance’s Internal Audit and Risk Control department, a Beijing-based unit responsible for conducting investigations into potential misconduct by its employees, started investigating the leaks.
But it couldn’t find anything on its own systems or devices. It then overstepped in a big way.
The unit began using the American journalists’ TikTok accounts to monitor their physical movements through their IP addresses. The aim was to identify the leaker by matching their location with that of the journalists.
This operation was in turn leaked to Forbes, and the company was forced to sack TikTok’s chief internal auditor, Chris Lepitak, and two other employees in the US and China.
Before these revelations were made public, intelligence agencies in Australia, the US and other Five Eyes countries had already started changing their position on the security concerns posed by the application.
This was informed by a growing amount of intelligence showing that Chinese Communist Party figures were being installed in senior positions at ByteDance.
On top of data harvesting, there was now the concern that the Chinese government could use TikTok as a powerful propaganda tool to censor information and promote disinformation on the platform.
The internal concerns, and the public pressure, sparked Home Affairs Minister Clare O’Neil in September to order her department to conduct a review into what to do about TikTok and other social media companies based in authoritarian states.
Out of that process, it became clear to the government that Australia needed to ban the use of the application on federal government devices.
This was then separated from the broader review, with Attorney-General Mark Dreyfus expected to announce the public service ban on TikTok within days.
The decision has already been discussed at cabinet, but last week’s negotiations around the Voice to parliament has delayed the announcement.
Australia will be following its fellow Five Eyes security partners – the US, Britain, New Zealand and Canada – who have all announced similar bans. The Biden administration has privately warned TikTok it is prepared to go far further and ban the app entirely in the US unless it is sold to a new owner outside China.
Paterson, who has been calling for a ban for more than six months, says he is “genuinely mystified why it is taking the Albanese government so long to take the first and most basic step to address the serious national security risks posed by TikTok”.
“Banning it from government devices – as all of our closest allies have done – is the lowest-hanging fruit,” says Paterson, who is chairing a Senate inquiry into foreign interference through social media.
“If they can’t even do that promptly I am very concerned about their ability to address the much more complicated challenge of protecting millions of other Australians on the app.”
The broader six-month review – which was also informed by the Australian Signals Directorate, which sits within Defence – was handed to O’Neil in recent days.
It not only deals with how to protect Australians’ private information, but also looks at Beijing’s potential to use TikTok to promote disinformation in Australia.
TikTok’s Australian general manager Lee Hunter, a former YouTube and Google executive, says he is frustrated by the attention on the app, and the lack of access he has had to key government decision makers.
“We are a hot topic at the moment, we’re something that’s getting a lot of attention but the truth of it is we’re getting singled out unfairly,” he says.
“TikTok doesn’t operate in China, our headquarters are in Singapore and Los Angeles. Australian user data is held in the US, in Singapore. We’ve worked really hard to protect Australian user data.
“We see a lot of accusations around us being a potential national security risk, and that’s in relation to perceived connections to China and the CCP which is just absolutely not true.”
Despite repeated attempts, Hunter and other TikTok executives have not been able to secure a meeting with O’Neil to make their case.
Hunter says the mounting concern about TikTok is driven by the intensifying superpower struggle between the US and China rather than the app itself.
“Whatever the geopolitical context around China, whatever your thoughts are about China – we are not China,” he says. “We are an entertainment app.”
Hunter’s argument is backed up by a paper submitted to Paterson’s Senate inquiry by two experts from the Georgia Institute of Technology who argue the national security risks of TikTok are “non-existent or exaggerated”.
“TikTok is a commercially motivated enterprise, not a tool of the Chinese state,” Milton Mueller and Karim Farhat argue.
“TikTok is not exporting censorship, either directly by blocking material, or indirectly via its recommendations algorithm. Its content policies are governed by market forces.”
As for the app’s data collection practices, Mueller and Farhat say that “we are not aware of any plausible scenario in which aggregate data from TikTok provides special insight into the control of critical infrastructure, military secrets, opportunities for corporate espionage, or knowledge of weapons systems”.
Their position, though, is very much out of vogue in the US – where alarm about both China and TikTok is shared across both major parties – and calls to ban the app are mounting.
Brendan Carr, one of the four members of the US Federal Communications Commission, which enforces American communications law, says the mood in Washington has changed dramatically since Trump first tried to ban TikTok in 2020.
“The issue is really gaining a lot of momentum right now,” he says. “There’s a much longer, clearer record of malign conduct so you now see both Democrats and Republicans coming together to express their concerns.”
In a submission to the Australian Senate inquiry, Carr describes TikTok as a “sophistical surveillance tool” and says it should be banned in its current form.
At a heated US House of Representatives hearing on Friday, politicians from both sides lined up to berate TikTok chief executive Shou Zi Chew. Meanwhile, dozens of TikTok influencers, who credit the app with giving them a voice and allowing them to run businesses, watched in the audience – a reminder to legislators of the political risk involved in targeting such a popular app.
Chew said TikTok had erected a firewall to seal off US user data from unauthorised foreign access. “The bottom line is this: American data stored on American soil, by an American company, overseen by American personnel,” Chew said.
The argument failed to resonate with the committee members. “We aren’t buying it,” shot back committee chair, Republican congresswoman Cathy McMorris Rodgers.
Democratic congresswoman Lisa Blunt said: “We came here hoping to hear some action that would alleviate our concerns. I’ve not been reassured by anything you’ve said so far.”
Meanwhile, the top members of the Senate intelligence committee Mark Warner and John Thune said that all Chinese companies were “ultimately required to do the bidding of Chinese intelligence services, should they be called upon to do so” and that nothing Chew said in his testimony had assuaged those concerns.
Warner and Thune have introduced a bipartisan bill, backed by the White House, that would give the US government sweeping powers to regulate or ban technology produced by authoritarian countries including China, Russia and Iran.
Carr says a ban on Australian government devices is the least of TikTok’s regulatory worries in the months ahead.
“This really only ends one of two ways,” he says. “A ban on TikTok or the complete divestiture from any entity beholden to the Chinese Communist Party.”