Testimony on Apple & TikTok used in background for new National Security and Personal Data Protection Act
Yesterday U.S. Senator Josh Hawley (R-Mo.) introduced the National Security and Personal Data Protection Act to combat the flow of Americans’ sensitive personal data to China and countries that similarly threaten America’s national security.
.@tiktok_us is a China-backed company required by Chinese law to share Americans’ data w/ Chinese Communist Party. I’m introducing legislation today to stop that and keep Americans’ personal info safe https://t.co/Uk1y1R4kgy— Josh Hawley (@HawleyMO) November 18, 2019
The following information is from an article posted on Senator Hawley's website yesterday titled "Senator Hawley Introduces Bill to Address National Security Concerns Raised by Big Tech’s Partnerships with Beijing."
"The introduction of this legislation follows a Senate Judiciary Subcommittee on Crime and Terrorism hearing chaired by Senator Hawley that explored the tech industry’s ties to China.
During the hearing, experts testified that Apple’s decision to store iCloud encryption keys in China and TikTok’s ties to the Chinese government pose a threat to America’s national security.
Senator Hawley said, "Current law makes it far too easy for hostile foreign governments like China to access Americans' sensitive data. Chinese companies with vast amounts of personal data on Americans are required by Chinese law to provide that data to Chinese intelligence services. If your child uses TikTok, there's a chance the Chinese Communist Party knows where they are, what they look like, what their voices sound like, and what they’re watching. That's a feature TikTok doesn't advertise.
And it’s not just Chinese companies that create this risk. Chinese law allows the Communist Party to seize data from American companies operating in China whenever it wants, for whatever reason it wants. This legislation takes crucial steps to stop Americans’ sensitive data from falling into the hands of hostile foreign governments."
China and countries that similarly threaten America’s national security are taking steps to vacuum up our sensitive data:
Today, countries like China can acquire and use personal data in ways that pose a grave threat to America’s national security. As revealed last week, China could use "images of our servicemen and women" obtained from sites like TikTok to train its autonomous weapons. U.S. officials currently are assessing TikTok for national security reasons. China also could build or steal massive profiles on Americans. And China could use aggregate location data from phones to identify bridges or roads to target for sabotage.
Senator Hawley’s bill cuts off the flow of sensitive data to China and countries that similarly threaten America’s national security:
Some American companies agree to give sensitive data to China in exchange for entering the Chinese market. As FBI Director Christopher Wray testified, Chinese law "compels U.S. companies that are operating in China . . . to provide whatever information the government wants whenever it wants." This law means that when American companies store encryption keys in China, China can read the messages those keys protect.
Senator Hawley’s bill prohibits American companies from transferring user data or encryption keys to China and other countries that similarly threaten America’s national security.
Senator Hawley’s bill prohibits American companies from storing data in China and other countries that similarly threaten America’s national security.
China can obtain data by inserting its own companies into the United States where those companies then collect data on unsuspecting Americans.
For Chinese companies, and companies from other countries that similarly threaten America’s national security, Senator Hawley’s bill:
Prohibits transferring user data or encryption keys to those countries or storing that data in those countries.
Prohibits collecting more data than necessary to provide a service here
Prohibits using collected data for secondary purposes
China and other countries that similarly threaten America’s national security, can purchase American companies that already have collected information on Americans.
Senator Hawley’s bill changes the default rule for mergers of certain companies to block those mergers unless companies obtain pre-approval from CFIUS."
While Apple has stated in the past that it maintains sole control over Chinese iCloud encryption keys and claims the solution contains no government backdoors, the FBI's Director Christopher Wray testified that companies can be forced to turn over data on demand which contradicts Tim Cook's statements on the matter.
Whether Apple intends to respond to the proposed legislation is unknown at this time. Yet let it be known that Senator Hawley invited Apple's CEO to attend a congressional hearing on China and Tim Cook refused to attend. That certainly didn't help matters.