TikTok, the popular video-sharing app, may face a ban in the US if Chinese parent company ByteDance refuses to sell its stake in the company. While many users may consider using virtual private networks (VPNs) to access the app in case of a ban, there are doubts that such workarounds would be successful. Here are the key things under consideration.
What a ban or forced sale could look like
The Committee on Foreign Investment in the US (CFIUS) is evaluating national security concerns around the app to determine how to minimize risk if it continues to operate domestically. The group can recommend to President Joe Biden that ByteDance’s 2017 acquisition of Musical.ly, a TikTok precursor, be unwound, forcing a sale of those assets. TikTok has recommended a mitigation plan as an alternative to a forced sale, but CFIUS has already threatened a ban if ByteDance won’t sell its stake.
Should the US ban TikTok, the mechanics of what happens from there become murky. Oracle is the cloud hosting service for all of TikTok’s usage in the US, and internet service providers like Comcast and Verizon direct traffic to end-users. The app stores controlled by Apple and Google are the primary places for consumers to download the TikTok app.
The security concerns
Concerns around TikTok’s security risk come down to two main issues. The first is who can access US consumer information, and the second is who has the ability to determine what information reaches US users. Under Chinese law, companies can be required to hand over internal information to the government for supposed national security purposes.
TikTok has sought to reassure the US government that US user data is stored outside of China. The company has developed an elaborate plan known as Project Texas that includes the vetting of its code in the US and a separate board of directors for a domestic subsidiary, with members reviewed by the US government.
The road ahead
Should a TikTok ban take place, the typical consumer would find it difficult to access a government-banned service, said Douglas Schmidt, an engineering professor at Vanderbilt. While there will likely always be cracks that can be exploited by a subset of computer-literate users, going that route would still likely require app store credentials, which will indicate a user’s location. In other words, a VPN won’t be enough, and there is also technology available to detect when a user is trying to access an app with a VPN. TikTok CEO Shou Zi Chew, who’s set to testify before a US House panel next week, told The Wall Street Journal that Project Texas would do just as much as divestment to resolve any security concerns.