U.S. Senators Mark R. Warner (D-VA) and John Thune (R-SD), lead sponsors of the RESTRICT Act, legislation that would address the ongoing threat posed by technology from foreign adversaries, released a statement in response to TikTok CEO Shou Zi Chew’s March 23 testimony before the House Energy and Commerce Committee:
“Under PRC law, all Chinese companies, including TikTok, whose parent company is based in Beijing, are ultimately required to do the bidding of Chinese intelligence services, should they be called upon to do so. Nothing we heard from Mr. Chew today assuaged those concerns. It is vital for Congress to establish a process to review and mitigate the harms posed by foreign technology products that come from places like China and Russia. We are encouraged by the quick momentum and strong bipartisan support for our legislation and expect that it will only grow following today’s testimony.”
Sen. Warner, Chairman of the Senate Select Committee on Intelligence, and Sen. Thune, ranking member of the Commerce Committee’s Subcommittee on Communications, Media and Broadband, recently introduced the RESTRICT Act along with a bipartisan coalition of co-sponsors. The Act would establish a risk-based process, tailored to the rapidly changing technology and threat environment, by directing the Department of Commerce to identify and mitigate foreign threats to information and communications technology products and services.
Specifically, the RESTRICT Act would:
- Require the Secretary of Commerce to establish procedures to identify, deter, disrupt, prevent, prohibit, and mitigate transactions involving information and communications technology products in which any foreign adversary has any interest and poses undue or unacceptable risk to national security;
- Prioritize evaluation of information communications and technology products used in critical infrastructure, integral to telecommunications products, or pertaining to a range of defined emerging, foundational, and disruptive technologies with serious national security implications;
- Ensure comprehensive actions to address risks of untrusted foreign information communications and technology products by requiring the Secretary to take up consideration of concerning activity identified by other government entities;
- Educate the public and business community about the threat by requiring the Secretary of Commerce to coordinate with the Director of National Intelligence to provide declassified information on how transactions denied or otherwise mitigated posed undue or unacceptable risk.
TikTok was banned from all U.S. House of Representatives-managed devices in January and on February 27, the White House said that government agencies had 30 days to delete TikTok from federal devices and systems.
Canada followed soon after, stating that government-issued devices must not use TikTok, due to “unacceptable” risks to privacy and security.
On February 24, the European Commission’s Corporate Management Board decided to suspend the use of the TikTok application on its corporate devices and on personal devices enrolled in the Commission mobile device service, citing cybersecurity concerns. And on March 16, the U.K. government announced that it will ban TikTok following a security review.
TikTok requires users to give permission for the app to access data stored on the device, which is then collected and stored by the company. Allowing such permissions gives the company access to a range of data on the device, including contacts, user content, and geolocation data.