Can TikTok be trusted with users' data?
RACHEL MARTIN, HOST:
Millions of Americans watch videos on TikTok. But some federal officials and security experts have been worried for years about how the app's Chinese parent company, ByteDance, handles personal data. Now TikTok is facing new scrutiny from the senior Republican on the Federal Communications Commission. FCC Commissioner Brendan Carr is urging Google and Apple to remove TikTok from their digital stores. Commissioner Carr joins us now. Thank you so much for being on the show.
BRENDAN CARR: Great to be with you. Thank you.
MARTIN: You say it's time for Americans to delete TikTok. This has something to do with privacy. Explain why you think that this particular app is so dangerous.
CARR: Yeah. A lot of people look at it. And they say, well, it's just an app for sharing funny videos or memes. And the reality is, that's just the sheep's clothing. If you look in terms of the actual data that this app is pulling, it's really sweeping. It's looking at everything from search and browsing history, your keystroke patterns, biometric data, including face print and voice print - the face print stuff being things that could be used in facial recognition down the road - draft messages. And while we were told by TikTok that all this data is stored in the U.S., there are some new reports just the last few weeks that showed that a tremendous amount of this data is being accessed by engineers in Beijing who work for a company, ByteDance, that is beholden to the CCP. And so I think that's really disturbing. It's a national security threat, in my view. But short of that, it looks to me that it's a violation of the app store policies of Google and Apple. And that's why I wrote them saying they should enforce their policies and boot the app from the app store on that basis.
MARTIN: OK. So let's back up a second. You referenced this revelation that TikTok employees in China were accessing American users' personal information. TikTok then said that it moved Americans' data to servers based, through Oracle, in the U.S. Why do you think that's still insufficient? What's your evidence that that's not working?
CARR: Yes, that's a good question. Two things - one, up to now, they've been maintaining basically the same thing. They say all of the data is stored in the U.S. To your point, they're saying they're now moving it to an Oracle base infrastructure in the U.S. But they've been representing for a long time that it's stored in the U.S. The question is, where is it accessed? And even though they're switching to Oracle, U.S.-based, cloud-based services, it's still going to be accessed in Beijing. In fact, they came out and said that, well, of course, some of the data is accessed there. But it's only on an as-needed basis. And the definition of as needed when it comes to entities beholden to the CCP is very, very different than, I think, what you or I would conceive of in terms of as needed. So that's the concern there. Also, again, with the representation that it's stored here - these leaked audios from internal TikTok meetings show people saying, quote, "everything is seen in China," end quote.
MARTIN: And this was a BuzzFeed report from earlier this month, we should say. So you know, we need to point out, you're the sole FCC commissioner who signed this letter calling on Google and Apple to take TikTok from their app stores. Where are your fellow commissioners on this?
CARR: You know, I've just started talking to one or two of them. And so we'll see where they come down. This isn't the type of thing that is in our core, you know, direct regulatory jurisdiction. So for instance, we've taken action on Huawei and ZTE. We've taken action on China Mobile and China Telecom, looking at their licenses. Those are entities that are directly licensed by the FCC or get funding from the FCC. So our core regulatory authority there is very clear.
For me, this is more taking a look at our expertise that we're developing - or I'm developing with respect to influence from entities beholden to the CCP in our communication system generally. And so that's why my letter to them is not about an FCC rule or license. It's about their app store policies because if you look, they've enforced those policies before on companies that have surreptitiously taken data and moved it to China. They've done it against companies that are engaging in unauthorized uses and practices of data. So my question is, basically, put the national security stuff to the side, which I think we should be looking at. But just apply your app store policies on its terms. And it looks to me that that's enough to move them out of the app store.
MARTIN: Although, is that within your writ? I mean, the FCC doesn't regulate app stores.
CARR: Yeah. It's not necessarily in terms of a license that we would revoke or a regulation in that sense. It is in the sense that it has to do with our expertise that we've developed with influence campaigns from entities that are beholden to CCP. But at the end of the day, you know, I'm just one shoe to drop of others. The Biden administration itself is taking a look at this app, along with other apps, as part of a broader review of foreign influence that's taking place in Commerce Department. In Congress, there's bipartisan interest. Senator Schumer and Senator Cotton joined a letter looking at this. Adam Schiff, Ted Cruz, Marsha Blackburn, so...
MARTIN: Lots of interest, clearly. I just want to ask very quickly, have you heard from Google and Apple?
CARR: I've not heard back yet. I've asked them to respond by July 8 and tell me either, A, yeah, we agree. We're going to remove it from the app store. Or, two, we're not going to. And we don't think it's a violation of our policies, and here's why we don't. And I look forward to hearing from them on that.
MARTIN: Brendan Carr is a commissioner with the Federal Communications Commission. Thanks for your time.
CARR: Appreciate it. Thank you. Transcript provided by NPR, Copyright NPR.