Lotus Ruan, who has conducted technical analyses of Chinese apps like WeChat and is currently a senior research fellow at the Toronto-based research group Citizen Lab, echoes this view: “With the rise of TikTok and the Chinese apps going global, [people] are looking at the Chinese apps with a magnifying glass.” As a result, the risks are often exaggerated.
The actual differences between these apps and American apps are pretty small, Ruan says. In 2021, a technical review of TikTok, conducted by a colleague of Ruan’s, reported that it “did not observe [TikTok or its Chinese version Douyin] collecting contact lists, recording and sending photos, audio, videos or geolocation coordinates without user permission.” (WeChat, on the other hand, was found to surveil chats even in accounts not registered in China.)
“We have a tendency to securitize everything now,” Ruan says, “It’s important, but we have to be very careful when we apply a national security framework to data.” Concerns about what these apps could have been doing should be built on actual technical research instead of speculation and insinuation, she says.
Even so, journalists and those in policy circles should closely watch how these apps process their data, with particular attention to whether any user data is being transferred back to China.
As Xu tells me, there’s a legitimate national security concern about what happens to US user data once it is inside China’s borders. China has been developing a legal framework for protecting personal data, but it is focused on holding private companies accountable, not restricting what kind of data the government gets from companies or what it does with that data.
There are things companies like ByteDance, which owns TikTok, can do to address the concerns. For years, ByteDance has vowed to store and process US data only in the US, but there are still reports that company engineers in China are inappropriately accessing US user data….
Read the full article here