On Monday, the head of the US National Security Agency’s (NSA) cybersecurity unit accused the Chinese social media app TikTok of gathering information on Americans, as he referred to it as China’s “Trojan horse.”
Speaking at a conference in California, Rob Joyce urged officials in the US government to more closely monitor TikTok parent company ByteDance, in an effort to contain the intelligence threat the application presents.
Joyce asked at one point, “Why would you bring the Trojan horse inside the fortress? Why would you bring that capability into the US when the Chinese could manipulate the data we see to either include the things they want to present to our population – divisive material – or remove the things that paint them in a bad light, which they would not like to be exposed to the American people?”
During a US House committee hearing last week, TikTok CEO Shou Chew clashed with US lawmakers, as calls grow to ban the social media app. For months, both lawmakers and cybersecurity experts have pointed out the risks of ByteDance’s access to the personal information of TikTok’s 150 million monthly users in the US.
FBI Director Christopher Wray warned in November that the app posed an espionage risk, allowing China to effortlessly collect data on US citizens, as well as even take control of their mobile devices. In the wake of his statements, the US government, as well as 25 state governments, banned TikTok on devices associated with their government work.
For its part, TikTok has denied all allegations of spying on Americans, and assured lawmakers it has safeguards in place to protect user’s data. At the hearing, Chew claimed TikTok posed no bigger threat than any other social media platform, such as YouTube, or Instagram. He stressed that TikTok was actually securing US user’s data more securely than other social media platforms, because it was confronting such a lack of trust from US authorities.
After the hearing, Chinese Foreign Ministry spokesperson Mao Ning stated that China “takes data privacy and security very seriously” and “has never asked and will never ask any company or individual to collect or provide data, information or intelligence located abroad against local laws.”