Regardless of how the immediate U.S. efforts to ban TikTok and WeChat turn out – temporary court injunctions have halted both bans – the issues raised cry out for a more comprehensive approach to ensuring the security of apps used by U.S. citizens. As in so many cases, sunlight is likely to be the best disinfectant. Before embarking on censorship and app bans, U.S. policymakers should put in place requirements for transparency and accountability reviews for all apps, not just those with foreign or Chinese ownership.
These reviews should check for security issues including backdoors and eavesdropping code that allow information to be transmitted to foreign intelligence agencies. They should also look for evidence of censorship and disinformation campaigns. Such reviews would be a first step to protect the U.S. against hostile surveillance and manipulation.
TikTok has proposed the beginnings of such a regime. In testimony last week before the Australian Select Committee on Foreign Interference through Social Media, TikTok executives said the computer instructions that guide the content presented to TikTok users would be made more widely available for inspection “in a public setting for regulators, governments, commercial entities.”
It is worth taking TikTok at its word and building out a robust review system that can detect and prevent foreign surveillance activity in apps available to U.S. citizens. Inspecting source code, of course, is not the only way to conduct audits, especially if policymakers are worried about manipulation and propaganda in addition to cyber-attacks and intrusions. It would also be necessary to conduct input-output studies that measure the prevalence of certain kinds of content on social media platforms and allow inferences about possible censorship, bias, or disinformation campaigns. The key is the independence of the outsider reviewers from control by the companies involved.
But what’s sauce for the goose should be sauce for the gander. It is not just foreign apps that should be subjected to these broad security checks. The similar services provided by their U.S. counterparts Facebook, Google, Amazon and Apple create risks that deserve greater regulatory and security attention. Facebook is no stranger to accusations that its algorithm favors certain content, although its critics cannot make up their minds whether it favors or disfavors conservative content. As many have proposed, the operation of these domestic platforms should be open to review by independent auditors. Those reviews should include security checks.
These cases, of course, raise large questions of the free flow of information and the future of an integrated global economy in a time of geo-political competition between the U.S. and China. Many commentators, businesses and government officials throughout the world, and certainly in China, have concluded that the real objective of U.S. actions against Chinese technology companies is to check China’s economic and technological rise, especially in the crucial area of AI.
It is true that the U.S. faces its first real technological challenge in high tech since the Japanese semiconductor challenge in the 1980s, and just as then, it is confronting a rival whose political system is far more efficient at funneling resources toward research, development, investment and implementation of strategic technologies. The best U.S. response is not to try to cripple an economic and technological competitor, but, as advocated in separate ways by both Republican Senator Marco Rubio and Democratic Senator Mark Warner, to marshal our own resources to meet this very real challenge to U.S. technological supremacy.
The U.S. says that restraining China is not its goal, but the rush to ban Chinese apps from their most lucrative market outside their home country lends credence to the charge. It is not a good sign for the strength of the Administration’s case that the proposed bans did not pass their first preliminary court reviews. General concerns about Chinese espionage, which are certainly legitimate, should never be enough to justify complete bans on specific companies or applications. A longer-term, thorough and public review by independent auditors would help to establish a baseline of evidence that could more effectively justify measures against companies posing demonstrated security risks, up to and including a ban from operation in the U.S.
However the court cases ultimately turn out, they have provided the U.S. with some breathing room to try a more thoughtful and comprehensive approach, including the less draconian measures of transparency and accountability.
It seems odd to think of a short video service like TikTok as more than an amusing curiosity. But social media services, and especially super-apps like WeChat, are the central information utilities of our time just as broadcasting and cable were in the twentieth century. Before U.S. policymakers rush into a policy of banning or censoring these services, they should try a little sunshine, throw a transparency and accountability net over their operations, gather vastly more information than is currently available and then see what needs to be done next.