TikTok US ban row: TikTok logo

TikTok ban ‘more about geopolitics than cyber security’ – ex-GCHQ cyber chief

There’s been lots said in the threat of a TikTok ban in by politicians in the US, but I found the expert thoughts of Ciaran Martin, the former GCHQ cyber chief and ex-head of the National Cyber Security Centre, fascinating and really insightful.

He told the BBC’s Media Show that:

“This is mostly an issue both about geopolitics, and influence and control over the Internet, than strictly speaking a cybersecurity issue”

Here’s part of Ciaran’s points he made to Katie Razzall – it’s worth checking out the full discussion on BBC Sounds

What are the cyber security concerns driving calls for a TikTok ban?

Ciaran Martin says there are two “classic cyber security issues” behind calls for a ban on TikTok: the compelled handing over of data under Chinese law and the download of potential Chinese state malware through apps.

But he points out that “the data economy is so out of control that the idea that you can ban your way to data security on a country of origin basis is essentially nonsense”, pointing out cyber issues with Russian criminals in the US healthcare system.

He adds that to stop the Chinese government getting your personal data requires more than just banning TikTok.
Ciaran does raise the points about China banning Facebook, and concerns over whether the algorithm could be manipulated to seed misinformation and disinformation about Western countries – but given how particular TikTok’s For You page is to each user, I’m not sure how possible this is in reality. I didn’t agree with Ciaran’s dismissal of the app as merely “a service to frivolous videos”, as it is having a far greater impact on culture, news and entertainment.

So these concerns, coupled with how Chinese tech companies have become closer to Beijing authorities, make sense why Western governments treat TikTok as a ‘risk’ to national security.

As for banning TikTok on government phones, I agree with Ciaran about not having any social media apps on them, given the amount of data they gather (more on that in a minute.)

Should I, my children, or my organisation be on TikTok?

The answers depend on who you are.

18 months ago, the director of GCHQ, Jeremy Fleming, said if personal data is used proportionally and “we’re happy with the way that data is safeguarded”, then it should present no problem for any user.

He said, “Make the most of it, make those videos, use TikTok, but just think before you do.” He reminded us that “there is no free good here” with any apps, especially social media, as they store personal data.

Asked if he would stop his child using TikTok, he said, “No I wouldn’t,” but he would “speak to my child about the way in which they think about their personal data on their device.”

Both the British and Irish regulators have fined Bytedance for how it didn’t stop under-13s being on the platform, didn’t set under-16s’ accounts to private when created and other data protection issues.

On their website, TikTok says Americans’ personal data is stored on US cloud servers run by software firm Oracle, while European data will soon be held in Dublin. It adds that user data “is protected by strong physical and logical security controls, including gated entry points, firewalls, and intrusion detection technologies.”

Ofcom: time spent per day on social media platforms, by age

For organisations, there are increasingly compelling reasons to be on there. If you’re targeting young adults, 18-24 year olds use it for an average of 55 minutes a day, according to Ofcom figures from last year, while the demographic of users is getting increasingly older. And another Ofcom study suggests as many as 1 in 10 of us use TikTok as a news source – more so than BBC Radio 1 and Channel 5.

And despite concerns about government departments having accounts, they have been happy to work with TikTok influencers to help reach target audiences in campaigns.

Will TikTok be banned?

We don’t know if a ban on TikTok will happen yet – there’s a long way to go. Even if the US President approves the decision, Bytedance has six months to sell its American arm. And the UK will likely follow what Washington does, rather than do their own thing.

Like using any social platform, you should be prepared that trends come and go, and any organisation’s social media or digital communications strategy shouldn’t be totally reliant on a social channel or service that you don’t own yourself.

The concerns over data gathered by Facebook and other Meta apps

Headline of Meta Facebook data story from the Times: Every scary thing Meta knows about me — and you Matilda Davies was given access to all of the data the social media behemoth has been collecting on her since she was 11. This is what she uncovered, and what we can all do to claw back some privacy

Ciaran seemed more concerned by the investigation by Times reporter Matilda Davies into the “horrifying level of detail” that Facebook have on her, including  20,000 interactions over two years with websites and apps that were not connected to her Meta-owned accounts:

In fact, between December 2021 and December 2023, Meta — the company that owns Facebook, Instagram and WhatsApp — tracked me an average of 33 times a day from websites and apps that aren’t connected to my social media accounts. Even when I wasn’t looking at them, they were looking at me.

Like TikTok, Meta says it processes the data safely, but Matilda says they are “very opaque” on how it uses it.

Ciaran said it was “a really concerning story” and how we “need a really, really serious conversation about the data economy more generally, and one that’s more better informed than just saying ‘it’s all based on the country of origin of a particular service provider’.”

 

I really recommend listening to the BBC Media Show discussion on TikTok, Meta and Twitter – and following Ciaran Martin on Twitter/X 

If you want a chat about how your company could use TikTok, or issues raised in this article, get in touch.

2 replies

Trackbacks & Pingbacks

  1. […] Ciaran Martin, the former GCHQ cyber chief and ex-head of the National Cyber Security Centre, recent… that: […]

  2. […] Read why GHCQ’s former cyber chief believes TikTok ban is “more about geopolitics than c… […]

Comments are closed.