Two TikTok Updates npr.org

So where are we at with TikTok? Over the past couple of years, the momentum it had built up transformed into a global phenomenon. But critics have questioned the app’s ties to its Chinese parent company, leading to a letter sent to Tim Cook and Sundar Pichai from FCC commissioner Brendan Carr asking them to pull the app from their app stores. (Maybe you read my commentary.) Only one problem with that demand.

Karl Bode, Techdirt:

If you were to dig through the resulting news reports covering Carr’s empty letter, you’d be hard pressed to find a single one that could be bothered to note that Carr doesn’t have any regulatory authority over social media or app stores, the letter has absolutely no meaningful legal backing to support his request, or that Carr himself has absolutely zero credibility on consumer privacy issues.

Perhaps Carr intended this letter in the same way other public figures write letters of support for a position without having direct control. It is maybe a way to move the needle and generate discussion. But, still, it should have been pointed out by everyone reporting on this letter how ineffectual this demand is.

Bode’s coverage of Carr’s regulatory history is also worth reading. If the collection of and access to Americans’ private data — maybe by a foreign government — really is a giant security concern, there are meaningful levers Carr could pull. But it is easier to blame this one app because it is very popular.

For its part, TikTok responded to several Republican senators’ concerns. Bobby Allyn, NPR:

Shou Zi Chew, TikTok’s chief executive, wrote that the company is nearing a final agreement with the U.S. government to ensure its data-sharing practices do not raise national security concerns.

As part of that arrangement, TikTok says all U.S. user traffic is now being routed to servers controlled by California-based Oracle, rather than TikTok’s own infrastructure. Soon, he said, TikTok hopes to delete all U.S. data from the company’s servers and rely completely on Oracle’s storage “with access limited only to authorized personnel, pursuant to protocols being developed with the U.S. Government,” Chew wrote.

I guess a good question for skeptics would be whether any measures are enough. If TikTok were truly spun off as an entirely separate company and there were no remaining connections to ByteDance, would that create enough separation between the app’s data and intelligence agencies in China? For those worried about Chinese data access, surely a more comprehensive privacy approach is required.