Should MPs Be Worried About Using TikTok?

TikTok is under increasing scrutiny for its links to China (Alamy)

Zoe Crowther

@zoenora6

But the app is coming under intense scrutiny from those who believe its links to China threaten the security of the UK and its citizens. The European Commission and Council of the EU has recently banned their staff from using TikTok on work phones. This followed the same decision by the US federal government in December, which cited concerns about the possibility of the Chinese government using TikTok to access US user data and undermine US interests.

But while a UK Parliament TikTok account launched last year was swiftly shut down after MPs including leading China “hawk” Iain Duncan Smith, Tom Tugendhat, and Nus Ghani raised their concerns about potential security risks and a belief that data could be passed to the Chinese government, there are no plans to prohibit individual MPs from using it. 

Tory MP Luke Evans, who has more than 41,000 TikTok followers, recently used the app to give a guided tour on his way into Downing Street, describing going through “airport-style security”.

Following the European Commission ruling, technology secretary Michelle Donelan told Politico that “as a Conservative” she believes it should be a “personal choice” whether to use TikTok.

But those like Duncan Smith remain concerned about TikTok’s usage in Westminster, and are undeterred in their calls for the government to implement an outright ban of TikTok on government devices. 

Conservative backbench MP Ben Bradley, who has 15,000 followers and frequently uses TikTok to post videos of himself explaining his work, is relaxed about the matter, arguing that he doesn’t have “anything top secret” on his device.

“Certainly as a backbencher I don't feel like I have access to a great deal of information that will be of interest to the Chinese government,” he told PoliticsHome. “It's not something that worries me.”

Bradley said he had not received any significant guidance on how to safely use social media apps, either from government or from parliament. “We get lots of guidance on best practice and how to use it well, but not from a security point of view,” he said. 

The National Cyber Security Centre has published advice for members of parliament and their staff which notes that as "high-profile individuals" MPs and their staff are at risk of cyber attack. It guides MPs to review the security settings on social media apps and "make sure you are happy with them".

Shapps told The Telegraph that he’s able to find a happy balance of “taking pragmatic precautions to protect devices” with using TikTok as an “immensely valuable” tool to communicate with the public. 

“If politicians think they can ignore the places their own constituents spend time online, then they are missing a trick,” he said, insisting he won’t be “chased off” the platform by its critics. 

TikTok is owned by parent company Bytedance, which is headquartered in China. At the heart of the unease surrounding data security is a law in China which compels companies registered or with operations in China to give information to Chinese intelligence agencies if asked to.

TikTok itself is registered in the Cayman Islands, so there are questions over whether TikTok would technically be under the jurisdiction of this law. TikTok categorically denies that it has ever – or would ever – hand over data to the Chinese government.

“Our data is held in the US and Singapore, we are opening and expanding new data centres in Europe this year and we comply with robust data laws in these jurisdictions, such as GDPR,” a TikTok spokesperson said. 

But Luke de Pulford, a human rights campaigner who coordinates the Inter-Parliamentary Alliance on China, said he feels it is “fair” to describe TikTok as a Chinese-owned app. “To pretend that it operates independently is disingenuous,” he told PoliticsHome. 

He argues that Bytedance would have to comply with the Chinese national security law – and lie about it if asked. He believes that TikTok is therefore unable to guarantee data cannot be accessed by the Chinese state. 

According to an investigation by BuzzFeed News, leaked audio from internal company meetings has shown China-based ByteDance employees have repeatedly accessed the data of US users.

An internal investigation at TikTok parent company ByteDance in December found that several employees accessed the TikTok data of at least two US journalists.

TikTok’s CEO Shou Zi Chew will testify before a House committee in March about the app’s security and privacy practices and its ties to China through ByteDance.

Critics of TikTok argue that high-profile individuals are likely to be particular targets for Chinese intelligence services who want to gather information on the work of foreign governments. Last month the US military shot down a suspected Chinese spy balloon off the coast of South Carolina and a Chinese tracking device was discovered inside a UK government car in January.

Duncan Smith believes China is a “systemic threat” to the UK and has accused the UK government of being “asleep at the wheel” on its relations with the country. 

Before speaking to PoliticsHome for this story, Duncan Smith threw his mobile phone in the cupboard of his office and shut the door, joking: “It’s the only way to make sure China isn't listening”.

He thinks that MPs using the app “don’t have a clue” how it works, and strongly believes the UK should follow the example of the US and EU and ban TikTok on government devices, and for a shift in tone from the UK government towards identifying China – and companies associated with it – as hostile.

“Get off it,” he urged his TikTok-enthusiast colleagues. “You have no idea what [China] are doing using your telephone, they are data harvesting,” he continued.

“All the people that you connect with on TikTok, TikTok will data harvest them as well."

While Duncan Smith acknowledged many government-issued devices don’t necessarily have TikTok installed, there is no outright ban on this being the case and the government has not issued any advice on the potential risks associated with MPs using TikTok on government or personal phones.

“The government can't seem to make a point of giving any guidance at all,” Duncan Smith complained. 

He described the Foreign Office as “hopeless” on national security and wants the government to involve the Government Communications Headquarters (GCHQ) in delivering workshops and writing advice to parliamentarians to encourage them off the app. 

Alicia Kearns, Conservative MP and chair of the foreign affairs select committee and fellow China “hawk” would also like to see TikTok banned from government devices.

She believes that “TikTok staff can hunt down anyone who uses TikTok to get the data they want on them,” describing it as “the dream app for any hostile state”.

Kearns wants a “national conversation” about the perceived risks of TikTok. “We need to recognise the fact that while democratisation of information is a really good thing, there are also vulnerabilities that come with technologies as well,” she said. 

According to TikTok, it has been in regular conversations with the UK government to keep them briefed on the company’s plans in Europe.

A TikTok source told PoliticsHome that they had tried to directly engage with Duncan Smith and Kearns directly about their concerns on multiple occasions, but that the MPs had not responded to their requests. 

In support of her argument, Kearns cites a report by joint US and Australia cyber security organisation Internet 2.0 that accused the app of having twice as many trackers, which can help understand the user better, as the average social media platform in the industry in its source code, and collecting data in a way that is “overly intrusive and not necessary for the application to function”.

Co-CEO of Internet 2.0 Robert Potter said the organisation wants to ensure TikTik users “have all the facts” about the platform, but stopped short of committing to a position on who should and shouldn’t use the app. 

“The gap between what TikTok says and what it does is something we have focused on exploring with research,” he said. “The fact that the gap still exists means I think there is a strong case for more government oversight into the platform.”

A 2022 study by the University of Toronto’s Citizen Lab, however, found that TikTok did not exhibit “overtly malicious behaviour” with its data collection and the report found that its user activity tracking software was “not exceptional when compared to industry norms”.

TikTok claims that independent security experts have consistently found they do not collect any more data than other common apps, such as Facebook or Instagram. 

The National Cyber Security Centre (NCSC), part of GCHQ, which is responsible for issuing cybersecurity advice to parliamentarians, guidance includes a list of the privacy advice from different social media platforms – which notably does not include TikTok.

The advice was last updated in December 2019, before TikTok had reached its current level of popularity. 

A Cabinet Office spokesperson said government has “robust processes in place to ensure government IT devices are secure” but would not comment on specific cybersecurity policies. 

Describing China as posing a “systemic challenge” to the values and interests of the UK, a Foreign Office spokesperson told PoliticsHome that the department has introduced some of the “strongest data protection laws in the world to ensure personal data is handled responsibly and securely”.

According to the Foreign Office, TikTok must comply with these laws and face enforcement action if they fail to do so.

The department insisted it “would not hesitate” to take further action if needed and that it has brought in new powers to block any Chinese investment that risks national security, while also updating the Integrated Review to reconsider the evolving challenges posed by China.

Chris Stokel-Walker, a freelance journalist and author of a book charting the rise of TikTok, believed that government security guidance should constantly evolve to reflect new apps, but felt more clarity was needed on why specific platforms should be banned. 

“It's important to use hard evidence-based approaches to make decisions around banning apps,” he told PoliticsHome.  

Stokel-Walker recognised that opposition to TikTik by MPs who are also critical of China more broadly was inevitably politically charged, whereas he felt the relationship between TikTok and China is nuanced. 

“TikTok itself has westernised, and is making great strides to try and distance itself from its birthplace because it knows that link hampers its perception, and it wants to disprove people's worst fears about it,” he said. 

In years of investigating TikTok, he said he has not found “any reputable evidence” of security issues with TikTok. “But that doesn't mean it doesn't exist,” he admitted. 

Professor Anupam Chander, expert on the global regulation of new technologies at Georgetown University Law Center in the US, felt the US’s ban of TikTok on government devices was “largely a political decision. He warned that other Western nations should be wary of being too heavy handed in their approach to TikTok specifically, and that devices with access to sensitive information should be treated with caution in general. 

He noted that US President Joe Biden’s administration had welcomed TikTok influencers into the White House to promote its agenda and that the app was useful for politicians to reach citizens.

“There are security concerns with any app, or as recent spyware scandals show, with any smartphone,” he told PoliticsHome. 

“If I communicated or held national security secrets on my phone, I would be careful about all of the apps I used.

“The ban [in the US] was largely a political decision, based on a desire of some politicians to appear tough on China, and others not to appear weak.

“There's no reason our national parks, for example, should not use TikTok to promote themselves to the public. We should be careful about adopting the Chinese approach to the internet, which seeks to ban many foreign information services.”

Related

Lords Set To Strengthen UK's "Not Fit For Purpose" International Data Protections

By Zoe Crowther

15 Apr

PoliticsHome Newsletters

PoliticsHome provides the most comprehensive coverage of UK politics anywhere on the web, offering high quality original reporting and analysis: Subscribe