In the battle between big tech and big government, few institutions are more respected than the European Union (EU). While many politicians talk the talk on cracking down on technology companies’ sinister overreach into our lives, few actually follow up with hard action.
The UK, for instance, has talked for years about an Online Safety Bill to rein in the power of big tech, but hasn’t yet managed to enact it. The US often grapples with internal political squabbles more than it does tackling the issues big tech cause. One body that spends more time taking action than talking is the EU, which has passed a digital services and digital markets act in the time other countries spent debating it.
The EU has been widely respected for its evidence-based approach to bringing big tech to heel, and feared by the companies it moves against. But its decision this week to ban TikTok from official phones used by European Commission staff members has some puzzled, and raises questions about whether it is now deviating from that approach.
“It is interesting that we see the EU Commission and Council both instituting this ban on TikTok on staff devices without much explanation,” says Jessica Shurson, a lecturer in law at the University of Sussex.
The European Commission stonewalled questions about what, if anything, had changed about their perception of TikTok when quizzed by reporters on Thursday, saying they declined to talk about cybersecurity matters. When asked by the i if ordinary Europeans should be worried about having the app on their phones, a spokesperson said: “We have no further comments on this matter.”
Asked a similar question in the press conference, and whether the Commission’s decision suggested TikTok is not safe, spokesperson Eric Mamer said: “We’re not saying anything at all about it.”
It all adds up to a confusing picture. TikTok is the first app to be banned from EU staff devices, the Commission confirmed – yet it’s not clear how the decision was arrived at.
TikTok itself is equally confused. A spokesperson told the i it believes “this suspension is misguided and based on fundamental misconceptions”. The company was not made aware it was being banned from staff devices until it read about it in media reports.
The spokesperson added: “We are surprised that the Commission did not contact us directly nor offer any explanation – we have requested a meeting to set the record straight on how we protect the data of the 125 million people across the EU who come to TikTok every month.”
Europe’s decision comes on the heels of increasing anti-TikTok sentiment across the world. Similar bans have been enacted on the app in the United States, as part of a growing unease about the global rise of the first ubiquitous app to be based outside of the country, at both a state and federal level.
The lag behind those first US bans, which continue today but began in August 2020, suggest to Ms Shurson that the EU is not necessarily acting in haste. “This announcement from the EU is at least 18 months after some of the action taken in the US,” she says. “At least to me, that could indicate this has been carefully considered.”
The stakes involved in making such decisions are enormous. More than a billion people worldwide use TikTok, which was first developed in China, and whose parent company, ByteDance, prefers to say it is based in the known tax haven of the Cayman Islands than admit to a link to China.
Those links to China have worried hawkish politicians, including in the UK the likes of Iain Duncan Smith, who today urged ministers to shun the app for safety reasons.
The Prime Minister’s official spokesman said: “It’s a matter for individual departments and ministers to decide what platforms to use.”
However, there remains no evidence that TikTok has supplied secrets to the Chinese state – and app representatives deny they would give user data to the Chinese government, even if asked. According to Al-Jazeera, the FBI was unable to provide any evidence to support banning TikTok from government devices when asked by cybersecurity officials in the state of Connecticut. Connecticut ended up not enacting a ban of the app because of the absence of evidence the app posed a risk to users.
However, TikTok is not entirely without concerns. In December, Forbes reported that the app had tracked a number of journalists as part of a covert surveillance campaign. And the app has previously been caught routing job applicants’ data to China.
“When it comes to geopolitical concerns, we cannot ignore that nation states around the world have increasingly turned to the cyber realm to garner intelligence, wield influence and disrupt their adversaries,” says Toby Lewis, global head of threat analysis at Darktrace.
Still, he isn’t sure that the EU’s action is commensurate to the risk. “In banning TikTok entirely, the European Commission is arguably ignoring the fact that pretty much any app developer and the government in which its servers are based could gain access to the data collected via the app.”