- The Trump administration’s scrutiny of TikTok may be drawing an unusual amount of press attention, but it’s part of a larger trend.
- US officials have been paying increasing attention to who controls critical technologies and data on American citizens.
- The governmental group examining TikTok has already blocked other deals involving Chinese companies gaining control of US technology or data and is now mandated to scrutinize any such investments or acquisitions.
- But the US is just one among a growing number of countries starting to focus on control of data and technology, and ByteDance likely won’t be the last to be caught in the middle of conflicting demands, international trade experts said.
- Visit Business Insider’s homepage for more stories.
The Trump administration’s hardline stance against ByteDance and TikTok has turned into something of a public spectacle, which is unusual when it comes to government scrutiny of deals for national security concerns.
But ByteDance isn’t the first foreign — or, particularly, Chinese — company to come under scrutiny by US authorities for collecting data on Americans. Nor is it the first to be forced to essentially undo an acquisition or investment to address officials’ concerns.
And it almost certainly won’t be the last to either draw scrutiny or be forced to divest, international trade law experts told Business Insider.
More broadly, though, the ByteDance saga may be a sign of what’s to come, as governments around the world start to pay closer attention to who’s controlling the data and technology used by their citizens, they said.
“Everyone’s wrestling with the issue of how you control third-party apps and services,” said James Lewis, a researcher at the Center for Strategic and International Studies, a national security think tank.
There’s growing concern about control over data
In years and decades past, international trade, business, investments, and acquisitions have generally spurred national security concerns in the US only when they involved products with fairly obvious military applications or infrastructure such as ports that could be critical to the nation’s defense. But in recent years, there’s been a growing consensus that such deals and dealings should be scrutinized not just for military threats but also for the impact they could have on the American economy and whether they would give a foreign adversary the chance to surveil or manipulate individual US citizens.
That broader understanding of national security predates President Trump, but it’s come to new prominence in his administration, particularly with regard to the challenge it sees from China. The administration has famously cracked down on Huawei, for example, over concerns about the company’s technology infiltrating American networks and being used to spy for the Chinese government on US institutions and citizens. In response, federal officials have effectively banned it from using Google’s version of Android in its devices and blocking its access to US chip-making technology and designs, stymieing its ability to make its own smartphone chips.
The administration’s moves against ByteDance come out of similar motivations, at least as it’s presented them. In the ByteDance case, though, the Committee on Foreign Investment in the US, of CFIUS, has taken the lead. CFIUS is the interagency group in the federal government that reviews investments, acquisitions, and mergers for national security concerns. Unlike in the ByteDance situation, CFIUS usually acts quietly, behind the scenes, not in the public spotlight.
ByteDance came under the scrutiny of CFIUS because its 2017 acquisition of Musical.ly directly led to TikTok. Although a Chinese company, Musical.ly had enough of a presence and business in the US to fall under CFIUS’s jurisdiction.
ByteDance also has lots of data on US residents — tens of millions of them use TikTok. When it completed its acquisition of Musical.ly, that kind of control, particularly when held by a Chinese company, was increasingly drawing the attention of those focused on US national security.
CFIUS has a history of blocking Chinese deals involving data
In 2017, CFIUS forced mobile marketing firm AppLovin to abandon plans to sell a majority stake to Chinese-based Orient Hontai Capital. The following year, it blocked Chinese internet giant Ant Financial’s acquisition of money transfer company MoneyGram.
“Data has become a big national security concern,” said Allan Grauberd, a partner at law firm Moses & Singer.
That concern was codified in 2018 when Congress updated the laws that underlie CFIUS. The update explicitly mandated that the group review any deals that companies holding the data of millions of Americans as well as those involving “critical” technology.
With that in mind, CFIUS last year forced a Chinese company to unwind its acquisition of dating app provider Grindr and another to undo its taking of a majority stake in health-tech startup PatientsLikeMe.
In other words, while the amount of media attention the TikTok situation has gotten is unusual, the scrutiny from CFIUS isn’t. Instead, it’s part of a trend, said Caroline Brown, a partner at law firm Crowell & Moring.
Even before scrutinizing the TikTok situation, CFIUS has been been focusing “on the extent that information can be collected in vast quantities and the corresponding ability for foreign actors to manipulate that information,” Brown said.
CFIUS’s regulation has given something of a pass to deals that involve investments or acquisitions by UK, Australian, and Canadian companies, Grauberd said. In theory, that means deals involving companies from all other countries should be looked at with equally close scrutiny, he said. In reality, though, CFIUS is paying extra attention, and looking much less favorably on deals involving Chinese companies, he said.
“There’s definitely a harsher look at Chinese acquisitions, Chinese investments,” Grauberd said.
The scrutiny on data and technology is going global
And that scrutiny isn’t likely to go away, particularly now that data is officially a concern of CFIUS and China has become widely recognized as geopolitical rival and potential threat by policymakers across the aisle.
“The overall signal [is] that CFIUS is going to continue to heavily scrutinize Chinese ownership,” Brown said.
But the TikTok situation may be a sign of another trend. Last month, the Chinese government put in place its own restrictions on the transfer of technology out the country. The move was widely seen as its effort to disrupt the Trump administrations effort to force ByteDance to sell TikTok. As a result, ByteDance was kind of caught in the middle between conflicting demands between the Chinese and American governments.
It’s likely not going to be the last company in that position as countries around the world start to pay closer attention to who controls their citizens’ data, the trade experts said. Already, the UK is developing its own system to review foreign investments in and acquisitions of its companies for national security concerns, including when they involve the transfer of control of intellectual property.
The EU, meanwhile, has been wrestling with how to control Facebook and Google and the enormous amounts of data they collect on European citizens, Lewis said.
In 1996, Congress passed the Helms-Burton act, which attempted to block foreign companies from doing business with Cuba. In response, European and other countries put in place measures that forbade their corporations from obeying the US law. Many companies found themselves caught in between those dictates, said Amy Deen Westbrook, a professor of international and commercial law at Washburn University School of Law. To Westbrook, the TikTok situation is reminiscent of that period.
“I think we’re going to see that more and more now,” she said. “I think we’re going to see a lot of businesses caught either in the Atlantic or the Pacific or both, in the middle of the battle.”
Got a tip about tech? Contact Troy Wolverton via email at firstname.lastname@example.org, message him on Twitter @troywolv, or send him a secure message through Signal at 415.515.5594. You can also contact Business Insider securely via SecureDrop.