Tick Tock for TikTok

This week’s column is about Twitter and TikTok, and I begin by saying that I personally am not a user of either, although the Scholl Chair does tweet regularly. That either makes me ignorant and ill-suited to discuss the topic, or fair and balanced—take your pick. I do not propose to get into whether the two companies represent a new, happy era of elevated public discourse or are a scourge on the republic leading us down a path of outrageous toxicity. As usual, the truth is probably somewhere in the middle. So, instead of blathering on about whether or not they are plagues on society, I will focus on the trade-related issues they raise. In both cases, it is really a matter of data.

The case of TikTok is the more complicated one. The company, which is owned by ByteDance, a Chinese company, has been under review by the Committee on Foreign Investment in the United States (CFIUS) for several years because of its merger with Musical.ly. That transaction was concluded in 2018, but CFIUS has authority to force the unwinding of completed transactions if it concludes there is a threat to our national security. The Trump administration attempted to ban TikTok—which the courts prevented—or force its sale to a U.S. entity. The Biden administration dropped the legal effort to ban it, but negotiations about a sale have continued, with occasional reports that a deal is imminent followed by denials from unnamed sources. It appears that nobody who actually knows anything is talking, at least on the record.

The issue for CFIUS is always whether an investment would constitute a threat to U.S. national security. At first glance, you might wonder why an app that predominantly features teenage dance videos and other similar content would threaten our security. (CFIUS doesn’t deal with threats to our culture or way of life.) The answer lies in the massive amounts of personal data that TikTok accumulates, where it is stored and who can access it.

There appear to be two concerns about the data if it is accessible to the Chinese government. First, it could provide China with personal information about millions of Americans that they might use for some nefarious purpose. Second, the data presents an opportunity to send propaganda or misinformation to U.S. listeners that could affect public opinion and, ultimately, U.S. policy. Last week, FBI director Christopher Wray told the House Homeland Security Committee that “the Chinese government could use it to control data collection on millions of users, or control the recommendation algorithm, which could be used for influence operations if they so chose.”

Until recently, TikTok denied that its data was available to Chinese parties, but it recently acknowledged that in some limited circumstances that was not true. That leaves CFIUS with two questions: Is the data available to non-U.S. parties? And if so, does that matter? One way to finesse both questions is to engineer the sale of the company to a U.S. entity. That, however, would require TikTok to surrender control over the data in a way that would satisfy CFIUS, and thus far that has been elusive.

The case of Twitter is simpler. It is a U.S. company that has been purchased by a U.S. person, Elon Musk. A lot of people, including some important politicians, are annoyed with Musk for a variety of reasons, and that annoyance has manifested itself in demands that his acquisition of Twitter be investigated. The administration has sent mixed signals on that. President Biden, when asked, said he thought it should be investigated but made clear that he wasn’t suggesting anything was wrong. Treasury Secretary Janet Yellen, in contrast, said she didn’t see a reason to investigate. The issue is not that Musk is Chinese in disguise but that he has minority foreign investing partners, allegedly Saudi and Chinese.

CFIUS can look at investments that on their face do not constitute foreign control of a U.S. company, such as a minority foreign investment, but their criterion is the same as for TikTok: Is the investment a threat to national security? In making that judgment, they would look for evidence that the foreign parties are involved in running the company. Do they have seats on the board? Do they have roles in the management structure? Most important, do they have access to inside information about the company, or in this case, the data that forms the foundation of the company?

Since Musk abolished Twitter’s board and so far seems determined to run the company on his own, the real issue is control of the massive amounts of personal data Twitter accumulates. President Biden is right that that deserves an investigation, but based on the facts available at this point, it seems unlikely the investigators will find anything worrisome from a security perspective.

As both of these cases play out over the next months, there are some useful lessons. One is the danger of weaponizing CFIUS. It appears that politicians are upset with Elon Musk for reasons that have very little to do with him being a security threat, but CFIUS is a convenient tool for looking into his stewardship of the company and possibly other things.

Another lesson is the newly appreciated importance of data. We tend to think of security in terms of hardware and software, but the growing ubiquity of social media and the massive amounts of personal data it generates and stores raise the security issues mentioned above—whether data can be used to compromise individuals or to ply them with misinformation. The case against Twitter is weak; the case against TikTok is stronger. In both cases, a close look at what is going on would be prudent.

William Reinsch holds the Scholl Chair in International Business at the Center for Strategic and International Studies in Washington, D.C.       

Commentary  is produced by the Center for Strategic and International Studies (CSIS), a private, tax-exempt institution focusing on international public policy issues. Its research is nonpartisan and nonproprietary. CSIS does not take specific policy positions. Accordingly, all views, positions, and conclusions expressed in this publication should be understood to be solely those of the author(s).      

© 2022 by the Center for Strategic and International Studies. All rights reserved.