Cyberwarfare / Nation-State Attacks , Endpoint Security , Fraud Management & Cybercrime

DOJ Official Spells Out Concerns About TikTok, WeChat

Assistant Attorney General Says China Could Use Data Gathered for Intelligence Purposes
DOJ Official Spells Out Concerns About  TikTok, WeChat
John Demers, assistant attorney general for national security, recently spoke about the data that TikTok collects. (Source: Department of Justice)

See latest update on new executive order from President Donald Trump regarding TikTok.

See Also: 2024 Threat Landscape: Data Loss is a People Problem

China could collect the personal data on Americans through the social media apps TikTok and WeChat for intelligence-gathering purposes, a senior Justice Department official says in explaining why the White House wants to ban these apps.

Earlier this month, President Donald Trump signed two executive orders that would effectively ban the two apps from the U.S. and not allow citizens or businesses to work with their parent companies unless they’re sold to an American firm.

Concerns about China using these apps for espionage is one of the main drivers for the president's actions, says John Demers, assistant attorney general for national security, in a recent interview with the Center for Strategic and International Studies.

The TikTok and WeChat apps raise national security concerns because millions of Americans are voluntarily handing over their data to the apps’ Chinese owners, Demers says.

Data Mining

"What's interesting about TikTok is you have one of the first instances in which individuals are signing up and providing the app with their sensitive personal data," Demers says. That data can include users' phone and social-network contacts, GPS position and details such as age and phone number, along with any user-generated content posted, such as photos and videos. The app can store payment information as well, according to a Wall Street Journal report.

"And then there's the data that the app collects about you while it's on your phone. And like a lot of other apps, that app is collecting geolocation data. If you enable it, it's connecting to your contact list and it is following your use of the phone and other apps on the phone. Once they’re interested in somebody… they can mine those existing data sources to find out what that person’s financial life is like, what their health life is like, what their married life is like," Demers says.

China could use this type of data to identify an individual who’s of interest and use it to gather even more sensitive information, Demers says.

In June 2017, China passed the National Intelligence Law that can compel domestic and foreign companies operating in that country to cooperate with Beijing's intelligence-gathering activities, Murray Scot Tanner, principal policy analyst for Alion Science and Technology, explained in a Lawfare article. China-based TikTok and WeChat both must comply with this law, experts say.

Trump's executive order notes that TikTok, a mobile social media app that enables users to create brief, shareable videos, has reportedly been downloaded over 175 million times in the U.S. and over 1 billion times globally. WeChat, a messaging, social media and electronic payment application, reportedly has over 1 billion users worldwide.

Earlier Actions Against TikTok

Before Trump issued his executive order, parts of the federal government had banned employees downloading TikTok on their government-owned mobile devices. For example, in January, the U.S. Army joined the Navy in banning the social media app (see: Trump Signs Executive Orders Banning TikTok, WeChat).

Trump's executive order concerning TikTok notes the U.S. Department of Homeland Security and the Transportation Security Administration have also banned the app.

Other Issues

Some members of Congress are raising new concerns about TikTok.

On Thursday, Republican senators Jerry Moran of Kansas and John Thune of South Dakota sent a letter to the Federal Trade Commission asking the agency to investigate how the app collects data, according to The Hill.

The Wall Street Journal reported this week that TikTok collected user data through MAC addresses in violation of the rules regarding Google's Android mobile operating system. A company spokesperson told the Journal its newer version does not collect MAC addresses from users.


About the Author

Chinmay Rautmare

Chinmay Rautmare

Senior Correspondent

Rautmare is senior correspondent on Information Security Media Group's Global News Desk. He previously worked with Reuters News, as a correspondent for the North America Headline News operations and reported on companies in the technology, media and telecom sectors. Before Reuters he put in a stint in broadcast journalism with a business channel, where he helped produced multimedia content and daily market shows. Rautmare is a keen follower of geo-political news and defense technology in his free time.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.