Named the “Adversarial Platform Prevention Act of 2020 (APP Act), the bill would define “high-risk foreign software” as those owned by entities that operate or headquartered in China, Cuba, Russia, Venezuela, or other countries designated by the Secretary of State as sponsors of terrorism. Any software that stores U.S. consumer data in these countries would also be deemed high-risk.
If enacted, the bill would have several protection mechanisms in place to protect U.S. consumers.
The apps defined as “high-risk foreign software” would come with a warning label alerting users about data and security risks, such as the software’s ownership and country of origin. To make the warning label more obvious to users, it would be separate from other disclosures and terms of services. Moreover, the warning would also give users the option to cancel the download.
The companies that own the high-risk software would be required to submit certain corporate information, such as what user data are being accessed and internal content moderation policies, to both the Federal Trade Commission (FTC) and Department of Justice (DOJ).
Additionally, software companies must report to both FTC and DOJ within 14 days if they receive requests to provide user data or censor user content from foreign government entities, such as law enforcement and intelligence agencies.
If the companies comply with such requests, the bill proposes prohibiting them from making their software available in the United States.
The bill also mandates that user data must be stored in the United States.
Companies providing high-risk software would also be stripped of its protection under Section 230 of the Communications Act of 1934. Section 230 allows websites to host or moderate content without being held liable for it.
“It is clear that we must establish a framework of standards that must be met before a high-risk, foreign-based app is allowed to operate on American telecommunications networks and devices,” stated Rubio in an Oct. 29 press release from his office.
TikTok and WeChat have recently been targeted by the U.S. administration, with the Commerce Department announcing on Sept. 18 a ban prohibiting U.S. app stores from carrying TikTok and WeChat, and U.S. transactions on WeChat to process payments or transfer funds. The announcement was made in response to President Donald Trump’s executive order signed on Aug. 6.
The two Chinese apps collect “vast swaths of data from users, including network activity, location data, and browsing and search histories” and are “subject to mandatory cooperation with the intelligence services of the CCP [Chinese Communist Party],” according to the Commerce Department.
The TikTok ban has been temporarily blocked after a federal judge issued a preliminary injunction on Sept. 27. A new hearing is currently scheduled for Nov. 4.
Similarly, the mandate to remove WeChat from U.S. app stores has been halted after a Sept. 19 preliminary injunction. On Oct. 26, a U.S. appeals court rejected overturning the halt.
In August, Trump had also ordered ByteDance, TikTok’s parent company based in China, to divest from the app within 90 days. On Sept. 20, Trump approved a partnership deal in principle—TikTok would be allowed to continue to operate in the United States and Bytedance would create a new company called TikTok Global with U.S. companies Oracle and Walmart having stakes in the company.
Currently, the partnership has not been formalized.
Reuters contributed to this report.