For quite some time now, TikTok has been a topic of hot debate. Congressional officials have become increasingly concerned about national security and the data privacy of United States citizens. Congress often frames a ban on TikTok as a critical solution to the threat to data privacy and the national security of its citizens. Despite this, data privacy issues also remain prevalent among companies founded in the United States. This prompted me to ask: Is TikTok a Real Threat to National Security and the Data Privacy of Its Citizens?  

In short, TikTok is undoubtedly a threat to national security and the data privacy of U.S. citizens, but so are many other companies and corporations operated on home soil. For example, consider the allegations against Mark Zuckerberg and the former Chief Operating Officer, Sheryl Sandberg, who were accused of “running the company as an illegal data harvesting operation, and the board's complete disregard for its duty to oversee the company.” Additionally, defendant Jeffrey Zients served as Meta's director for two years, starting in May 2018, and was also the former President Joe Biden's White House chief of staff. Meta was not the only company involved; other defendants included venture capitalist and current board member Marc Andreessen, former board members Peter Thiel, co-founder of Palantir Technologies, and Reed Hastings, co-founder of Netflix. The vast variety of defendants from different United States corporations shows that the threat may not be much farther from home than one may think. 

The case was initiated after claims that user privacy, as outlined in the 2012 agreement with the Federal Trade Commission, was violated by allowing Cambridge Analytica, an inactive political consulting firm, to access user data. The 2012 agreement with the FTC “prohibited Facebook from making misrepresentations about the privacy or security of consumers’ personal information, and the extent to which it shares personal information, such as names and dates of birth, with third parties. It also required Facebook to maintain a reasonable privacy program that safeguards the privacy and confidentiality of user information.” Initially, Facebook had a privacy warning located within the privacy settings that clarified that information shared with one’s Facebook friends may also be shared with other apps on that friend’s phone. However, this warning was later removed despite the continued sharing of data. Later, Facebook attempted to initiate other privacy settings designed to guide users within their privacy settings, but did not inform users that the information would still be shared “—unless they also went to the “Apps Settings Page” and opted out of such sharing. Finally, deceptive practices were used regarding facial recognition services and phone number privacy. 

Additionally, the 2012 agreement required Facebook to implement a reasonable privacy program. This was reportedly violated in 2014, when Facebook stated that it would stop allowing third-party developers to collect data from the friends of Facebook users. However, Facebook told app developers they could still receive data until April 2015. The FTC alleged that Facebook did not stop sharing this information until June 2018.  The corporation, which was fed data from Facebook friends, was not adequately screened, and any measures taken were not effectively enforced. 

Ultimately, Facebook was fined $5 billion, the most significant penalty ever imposed for violating data security laws. Yes, that is correct, a United States corporation, namely Meta, holds the record for the highest penalty imposed for violating data security laws. Is this truly unique, and should it matter in comparison to the threats of losing citizen data to other countries? It is an exceptional circumstance that posed just as much of a threat, if not more, than is claimed of TikTok. 

Since Meta, a U.S.-based company, was fined $5 billion, it must demonstrate that the U.S. had a deeply rooted moral compass that superseded its own interests in the name of data privacy. Currently, Meta has nearly 75,945 employees, and institutional investors hold 79.7% of its shares. With a corporation of that size, such fines could lead to a decline in stock prices and a steep loss of employment. Despite this, one must see the real threat here: A blatant disregard for the 2012 agreement, and an internal threat to U.S. democracy raged on for years before being pursued. In fact, one of the corporations, Cambridge Analytica, was involved in President Trump's 2016 campaign.  

In 2023, China imposed the second-highest fine for violating data privacy laws, at $1.19 billion, against Didi Global. Global was accused of collecting illegal data from individual phones, including excessive collection of information from users, such as educational and travel plans, among other activities. Following Didi’s $4.4 billion Wall Street IPO, regulators in China banned the app and launched an investigation into privacy law violations. “Their actions were also widely perceived as a punishment for the company’s decision to go public overseas rather than in China.” 

After 2020, no country has surpassed the United States in data privacy fines, highlighting either the extreme nature or the hesitancy of other countries to impose penalties on their own companies. 

Comparing these two cases, it is clear that data privacy is a concern for both the United States and China. Although the fine was widely perceived as punishment for the company's overseas move, the same could be said for TikTok in the United States. The United States framed  TikTok as a danger to national security, but only when it is in the hands of China. Donald Trump pushed for the sale of TikTok to a U.S. parent company to avoid an overarching ban. Although this may resolve some national security concerns, it aligns with a method that China enforced in 2023. However, as previously discussed, data privacy faults can occur just as readily in the hands of Americans. In the end, TikTok very well may be a threat to the privacy of U.S. citizens, but that threat will continue to exist no matter whose hands it's in.