Federal employees have been banned from using the Chinese-based TikTok video app on Canadian government-issued computing devices.
“Effective Feburary 28, the TikTok application will be removed from government-issued mobile devices,” Treasury Board president Mona Fortier said in a statement today. “Users of these devices will also be blocked from downloading the application in the future.
“Following a review of TikTok, the Chief Information Officer of Canada determined that it presents an unacceptable level of risk to privacy and security.”
The decision to remove and block TikTok from government mobile devices is being taken as a precaution, the statement says, particularly given concerns about the legal regime that governs the information collected from mobile devices, and is in line with the approach of our international partners. On a mobile device, TikTok’s data collection methods provide considerable access to the contents of the phone.
“While the risks of using this application are clear, we have no evidence at this point that government information has been compromised.
“For the broader public, the decision to use a social media application or platform is a personal choice. However, the Communications Security Establishment’s Canadian Centre for Cyber Security (Cyber Centre) guidance strongly recommends that Canadians understand the risks and make an informed choice on their own before deciding what tools to use.”
Treasury Board is responsible for advising the government on digital standards for federal employees.
The announcement comes after Canada’s federal privacy commissioner, along with three provincial privacy commissioners, last week started an investigation into TikTok, examining how the video-streaming platform collects the personal data of Canadian users.
The investigation is beginning now because class action lawsuits in the United States and Canada have been settled, the commissioners said in a statement.
It also comes after Washington issued a ban in December on U.S. government employees using TikTok on federal devices. In February the European Commission suspended the use of the TikTok application on its corporate devices and on personal devices enrolled in the commission’s mobile device service. Employees have until March 15th to remove it from their devices.
TikTok is owned by ByteDance of Bejing. According to Newsweek, ByteDance is not actually registered in China, but is incorporated in the Cayman Islands.
There are allegations the company is close to the Chinese government. While the company insists its Singapore-based CEO, Shou Zi Chew, is independent, last month the New York Times said 12 former TikTok and ByteDance employees and executives believe his decision-making power is limited.
“Decisions about the service — including moves to emphasize livestreaming and shopping on TikTok — are made by Zhang Yiming, ByteDance’s founder, as well as by a top ByteDance strategy executive and the head of TikTok’s research and development team, said the people, who declined to be identified for fear of reprisals,” the article says in part.
Shou Zi Chew is scheduled to testify before the U.S. Congress on March 23rd, according to CNN. This follows the company’s COO’s testimony before Congress last September.
There are also fears that TikTok could gather the private data of subscribers.
Last June, Buzzfeed reported on leaked audio from more than 80 internal TikTok meetings showing China-based employees of ByteDance have repeatedly accessed nonpublic data about U.S. TikTok users.
In December, Forbes reported that an internal investigation by ByteDance found that employees tracked multiple journalists covering the company, improperly gaining access to their IP addresses and user data in an attempt to identify whether they had been in the same locales as ByteDance employees.
In August, 2020, Public Safety Canada recognized growing international concern about TikTok and alleged privacy concerns in a research note quoting news media.
Being dropped by the general public in Western nations because of these allegations would be costly to TikTok and ByteDance because of the huge usage of the app around the world. In an attempt to diffuse criticism in the U.S., TikTok last year created a new division called U.S. Data Security (USDS) “to bring heightened focus and governance to our ongoing efforts to strengthen our data protection policies and protocols, further protect our users, and build confidence in our systems and controls in the United States,” the company said. The goal is to minimize TikTok employee access to U.S. user data and minimize data transfers across regions – including to China, it said.
“Tiktok has essentially tried to prove that its data is walled off, so that its U.S. data stays in the U.S. and its China data stays in China,” Kendra Schaefer, the head of tech policy research at the Beijing-based consultancy Trivium China, was quoted as saying in Fast Company. “But it’s been hard to assuage U.S. policymakers.”