China Hawks Revive Trump’s Tiktok Gambit

FCC Commissioner Brendan Carr is trying very hard to revive former President Donald Trump’s TikTok ban. Even as the House January 6 Committee explores the details of a real threat to national security created by the very man who appointed Carr to the FCC to do his bidding on Section 230, Carr frets that a short video app dominated by teens and twenty-somethings contains a treasure trove of data that, if exposed to the Chinese Communist Party (CCP), could bring down the U.S. government. We’d just like to point out what a bad job TikTok is doing supporting the CCP agenda, letting videos like this and this circulate on its app. We also wish someone in the “ban TikTok” camp would provide a plausible scenario by which the country’s security is imperiled by access to TikTok user data. This is not about security, it’s about the Republican right’s foreign policy and trade agenda for China. Trump’s 2020 ban was thrown out by two judges. Let’s hope the Biden administration doesn’t cater to this nonsense.

China’s Data Localization and Privacy Laws Really Worked!

And now for a real data security threat. Breach Forums, a marketplace that hackers use to buy and sell stolen data, published an advertisement for a database with 23 terabytes of personal data and police case files on 1 billion Chinese citizens. Some random checking confirmed that at least some of the data was real. The data came from the Shanghai police department, which is supervised by the nationwide Ministry of Public Security (MPS), one of the agencies responsible for regulating cybersecurity in China. MPS collects large amounts of surveillance data and maintains extensive files on individual Chinese citizens.

The huge breach of sensitive personal data comes after China passed no less than 3 major data localization, cybersecurity and privacy laws and additional implementing regulations from 2016 to 2021, and forced its private sector platform companies to undergo lengthy “cybersecurity reviews.” The incident is a good reminder that passing laws with “cybersecurity” and “privacy” in the title is not the same as actually protecting cybersecurity and privacy. It also demonstrates forcefully that data localization, which the Chinese state in particular has repeatedly claimed is justified by “national security,” does little to improve data security in a globally connected world. Further, as our earlier analysis of China’s data protection laws pointed out, the PRC’s regulations on private sector actors served as a politically useful diversion of attention from the more significant privacy and security threat posed by China’s authoritarian government.

Europe Passes DSA and DMA

Europe has thrown off the yoke of American digital giants! Or at least, it has put a yoke on them. The Digital Services Act (DSA) and the Digital Markets Act (DMA) were adopted in the EU on July 5th, 2022 with an absolute majority. The DSA focuses on content: it backs away from the intermediary immunities that gave rise to the platform economy and imposes more responsibility on them to identify and “prevent” the dissemination of harmful content. Large platforms will have to provide users with the ability to opt out of algorithmic recommendations, and must facilitate access to their data and algorithms to authorities and vetted researchers.

The DMA purports to pave the way for disruptive innovation in the platform economy by forcing the larger platforms to share data and provide access to their users via interoperability mandates. The actual effect of these regulations will be to channel competition inside existing dominant platforms rather than competing for the market. The interoperability mandates will prove to be the trickiest part of the law, as they could undermine security, create complex standardization problems, and penalize a platform’s success at attracting users by making them all available to any competitor.

It will be interesting to see the long term effects of these laws.

The Real Competition in the Global Platform Economy

The focus on the “threat” of TikTok noted above seems hopelessly out of touch with what is actually happening in the global platform economy. The economic fallout from platforms’ moves to improve user privacy and/or gain competitive advantage continues to develop, with some regulators now reviewing the competition implications of Apple’s application tracking transparency (ATT) initiative and monitoring the development of a growing number of first-party tracking solutions. Overall, many Chinese platforms (including Bytedance) are currently experiencing diminishing market share in digital advertising revenue, while Apple’s quickly emerging advertising revenues enabled by its ATT are ascending (and essentially unaccounted for given it isn’t differentiated in reporting). Other large American platforms like Facebook continue to adjust in an attempt to stem the bleeding, while Microsoft is moving quickly to consolidate share as it competes with Comcast and behemoth Google.