IBM OpenPages GRC Services | GRC Consulting – iTechGRC

TikTok Ban in the U.S.: Important Takeaways

For GenZs, TikTok is where the newest trends are set. Lately, the social media app has been trending, and the buzz has been about declaring whether it threatens user privacy and national security in the U.S.   

In this blog, we will discuss the reasons for the national security probe against TikTok, its legendary rise as a top entertainment app, and the impact of the Senate’s legislation to sell or ban the platform.   

Would boycotting TikTok help permanently stave off data privacy and security threats from China? Let’s find out.  

What’s ‘Ballooning’ Lawmakers’ Interest to Ban TikTok? 

TikTok is one of the first social media apps by a Chinese tech company to achieve phenomenon success in the U.S. In 2019, it recorded a billion installs on the App Store and Google Play. The COVID-19 pandemic catapulted TikTok into a global online culture in 2020, capturing the GenZ market. It currently boasts a user base of 170 million in the U.S.    

Since the start, there have been speculations about whether the Chinese government is accessing user information, such as location data, through the app. Because several Chinese laws allow their government to demand data from companies and citizens for intelligence monitoring and operations. These concerns escalated fears of unauthorized surveillance and data access by China for spreading misinformation and propaganda during the Israel-Hamas war and the 2024 U.S. presidential elections.  

U.S.-China’s strained trade relations, tech wars, militarization of islands in the South China Sea, and the recent Chinese surveillance balloon incident ‘ballooned’ U.S. lawmakers’ efforts to barricade TikTok’s operations under a U.S.-based firm. 

Critics have alleged that the app’s content recommendations have spread antisemitism. Though TikTok has denied these allegations, stating that it would reject requests to share or spy on user data, the U.S. continues banning its usage on government-issued devices.     

What’s in the Bill of Divest-or-Ban TikTok? 

On March 5, the U.S. House of Representatives introduced the bill, ‘Protecting Americans from Foreign Adversary Controlled Applications Act’, which aims to penalize app stores that list TikTok for downloads. The bill was introduced after President Biden’s executive order to prevent large-scale sensitive personal data of American countries that have been flagged for gathering and misusing citizens’ data. The order targets China, Russia, Iran, North Korea, Venezuela, and Cuba.  

On April 23, the U.S. Senate passed a bill requiring TikTok’s parent company, ByteDance (BDNCE), to cease all ties with China by selling it to a U.S. company within a year or face a nationwide ban. President Biden recently signed the bill. The proposed ban is part of the U.S. foreign policy package, which includes a $61 billion fund allocation as foreign aid to Ukraine, Israel, and Taiwan.    

What Does the TikTok Ban Mean? 

There needs to be more clarity about how the U.S. government will impose the TikTok ban on privately-owned devices at a national level. The bill divulges the banning of TikTok from app stores, web hosting companies, and network providers. Non-compliance can result in fines of amount derived from multiplying the total number of users by $5,000.  

The bill also includes hosting websites and apps that allow foreign adversary’s control as a potential security threat. It also covers apps or websites that allow users to create accounts to share and view content in real-time, with 1,000 K monthly active users every quarter that are yet to be declared threats.    

ByteDance has 260-odd days to sell TikTok. If the company follows through on the sales deal, President Biden can authorize a 90-day extension. If the deadline arrives after the elections and Donald Trump is re-elected President, the extension will go toward his orders.   

How the TikTok Ban Would Work? 

These are the cybersecurity experts’ estimations on how the U.S. government would impose the TikTok ban. Blocking internet access to specific sites by filtering network traffic can ban users with specific IP addresses or domain names. Internet service providers can also block certain domain names. However, these methods would require passing new legislation for the government to enforce the rule on internet service providers. 

Additionally, they can leverage deep-packet inspection to review and analyze data packets using specific keywords or patterns coming through their networks. URL filtering and banning certain sites through content filtering other ways of exercising the TikTok ban.  

How Will the Ban Affect TikTok Influencers, Businesses, & Users? 

The TikTok ban will impact influencers, brands, and businesses that invest heavily in TikTok ads and influencer marketing. A ban in the U.S. would cause a dip in followers and engagement rates as many users lose access to TikTok content. It could also mean the end of several brand endorsement deals and contracts for influencers.    

Delisting will affect the younger audience (GenZs) who may find new ways to circumvent the blacklisting on U.S.-based app stores. Amid the TikTok ban, brands and advertisers will migrate to Meta’s Facebook and Instagram.  

Creators and users would also look at similar alternatives by moving to short video platforms with TikTok-like features and algorithms.  

As per the bill, if the ban is imposed, TikTok must share account and content data with users upon their request. Failure to provide user data can result in a fine of $500, derived by multiplying the total number of users.    

Who Would Benefit from the TikTok Ban? 

According to expert observations, if ByteDance ever decides to sell TikTok, Microsoft (MSFT) and Oracle would be its potential buyers. However, the sale would also mean seeking the Chinese government’s approval to export the technology powering the app.  

If TikTok accepts the federal government’s decision to ban it, Meta and Alphabet will benefit the most in revenue, user subscriptions, and brand investments.   

Oracle, the primary cloud vendor for TikTok in the U.S., also met with the Senate Commerce Committee and Senate Intelligence Committee to discuss the user data hosting on its cloud servers. According to the market analyst reports, the TikTok ban will lead to Oracle losing one of its biggest Gen 2 cloud servers’ customers.    

Oracle Cloud Infrastructure (OCI) has a current annual revenue of $7 billion and a yearly growth rate of 52%. A Bernstein analyst pointed out that OCI’s revenue could increase over the next six months, and the TikTok ban may not affect its business.    

TikTok’s Retorts Says Ban Violates Americans’ Free-speech Right  

TikTok responded to the divest-or-ban bill stating that blacklisting the app will ‘infringe on the free-speech rights of over 170 million American users.’ Recently, the app took to X to express and warn how the force banning TikTok, which contributes to $24 million annually, would hurt the U.S. economy. TikTok public policy team announced that the company will legally fight the legislation in court based on First Amendment Rights 

The company reacted to the U.S. House of Representatives bill, stating that all investments will be directed towards enhancing data security.    

The American Civil Liberties Union also commented against the move, calling it the government imposing too much authority on social media. It further stated that blacklisting the app would have profound implications on the constitutional rights of millions of Americans to free speech and free expression.     

TikTok Fights Back by Increasing Ad Spend   

TikTok has responded to the impending divest-or-sell in several ways. In March, the app reportedly asked its users over a pop-up message to oppose its ban. Since then, TikTok has spent more than $2.5 million on television ads, according to data from AdImpact. Investment in digital ads reaches $900,000.  

TikTok has doubled its advertising spend to $4.5 million per campaign to fast-track legislation to prevent its delisting. The company’s ad efforts include spending in Nevada, Montana, Wisconsin, Ohio, and Pennsylvania, which Senate Democrats represent.   

 The most recent TikTok ad,’ Freedom of Speech’ was aired in Philadelphia.   

Would the TikTok Ban Really Work? 

It cannot be ruled out that TikTok users would find a new way to access the app. Users could gain access to ByteDance services outside of the U.S. over browsers or through a Virtual Private Network (VPN) with a geolocation where the ban does apply. They can bypass the blocking by using proxy servers, mobile networks, and encrypted connections.   

The U.S.’ fragmented internet control structure would require more legal and technological efforts to contain its control over the nationwide banning of TikTok. However, it is not the first country to sever ties with the TikTok app. Several other countries, including India, France, Denmark, Canada, Belgium, Australia, Afghanistan, mainland China, and others, banned using TikTok over cybersecurity and data privacy concerns.   

Would the Bill Conclude the TikTok Ban? 

The recent bill culminates the enduring legal altercations between TikTok and the U.S. government. In 2019, the Federal Trade Commission fined TikTok $5.7 million for violating children’s privacy laws. The same year, U.S. lawmakers proposed a national security investigation into the app.  

In 2020, the app was already under several cybersecurity experts and government scrutiny to review its content policies and introduce new controls for user safety. Then President Donald Trump issued an executive order against ByteDance which chose to divest TikTok in the U.S. with Microsoft. Trump opposed the deal, and TikTok filed a lawsuit against the executive order in the U.S. District Court Central District of California. The court ruled Trump’s executive order unconstitutional (case number 2:20-cv-7672). 

In September 2020, the Commerce Department published regulations against TikTok that it won’t be available on app stores or internet hosting service providers in the U.S. The same day, ByteDance and TikTok creators sued the U.S. government’s executive order for flouting the Administrative Procedure Act, the right to free speech, and other clauses. ByteDance fought to remove the federal order divestiture and effectively ban TikTok’s U.S. presence. The backlash against delisting the app sent mixed signals about TikTok’s future, prolonging the legal battle between the company and several state governments.  

Biden’s administration also favored selling the app to a U.S.-approved buyer even though his campaigns were run on TikTok. Nearly 30 states have joined forces with the federal government to ban TikTok on government-issued devices. Universities and college campus Wi-Fi also prohibit the use of the app.  

Will the bill conclude the ongoing U.S.-TikTok conflict?  

It is worth the wait.  

Government Intervention in the Era of Democratized AI and Data Risks is a Given  

Several congressional hearings on the TikTok issue and countries coming to a consensus about the public-sector ban on the app stirred debates on citizens’ democracy. Given the boom and misuse of democratized GenAI, government and legal interventions to safeguard social media security and user privacy outweigh the TikTok users’ wishes to forego the ban. AI is at the creme of innovation and disruptions, and the lack of a standard methodology to treat and prevent cybersecurity risks will have a broader impact on governance, risk, and compliance (GRC) issues.    

At iTech GRC, we know the race to implement strong AI and data controls. As an IBM RegTech partner who is an expert in maximizing the value of IBM OpenPages solutions, we empower cybersecurity teams to build their data governance and risk management 

Let’s get together to get started with a robust and proactive GRC framework with OpenPages with Watson