The House Chief Administration Officer has warned lawmakers against using TikTok, a popular video-sharing application owned by Chinese parent company ByteDance, citing security and privacy concerns.
The warning came as growing numbers of congressmen are using the app to reach out to the younger constituents that are its frequent users.
The cyber advisory issued on Aug. 9, said, “The ‘TikTok’ mobile application has been deemed by the CAO Office of CyberSecurity to be a high-risk to users due to its lack of transparency in how it protects customer data, its requirement of excessive permissions, and the potential security risks involved with its use.”
It warned that TikTok “may collect biometric identifiers and biometric information as defined under U.S. laws,” including “faceprints” and “voiceprints,” from videos uploaded to the user's platform.
The document pointed to the service's policy that features automatic user data collections including device phone number, Wi-Fi network names, SIM card serial numbers, GPS status information, and subscription information among others.
The office further listed several significant concerns about the platform identified by security researchers, including but not limited to checking device location every hour, continual requests to access the user's contacts and external storage.
The data can be “potentially mined for commercial and private purposes” and stored on servers located in China, the advisory noted.
Given the threats that the platform could impose on its users, the office is advising against downloading and using this application.
TikTok countered the advisory in an email to The Hill.
“The allegations in the House CAO’s advisory about TikTok range from misleading to wrong. We have requested a meeting to discuss the multiple inaccuracies in the advisory, and we look forward to working with them so they can advise Members and staff on concrete steps they can take to keep their data secure and private when using any social platform to connect with constituents.”
Growing ConcernsThe listed concerns echo those that have been addressed by several lawmakers and security officers.
A group of Republican lawmakers led by Sen. Marsha Blackburn (R-Tenn.) has requested TikTok appear before the Senate for a hearing over concerns that the China-based video-sharing app has access to U.S. data.
The appeal followed the June BuzzFeed report based on leaked audio recordings from 80 TikTok internal meetings.
According to the report, 14 statements made by 9 different TikTok employees indicated that “engineers in China had access to U.S. data between September 2021 and January 2022, at the very least.”
Meanwhile, Rep. Cathy McMorris Rodgers (R-Wash.), ranking member of the House Committee on Energy and Commerce, and Rep. James Comer (R-Ky.), are probing the Chinese app over the same issue.
Flocking to the Chinese AppDespite repeated warnings, more Democratic lawmakers are turning to the Chinese app to reach younger voters as the midterm elections are just a few months ahead, The Hill reported.
“I use it because we try to communicate with constituents through every medium available. We do town halls, mailers, surveys, tele-town halls, Twitter spaces, Instagram, Facebook, door knocking, TikTok. If I thought people were going to look at smoke signals and decipher that, we would have a smoke signal program,” Rep. Jake Auchincloss (D-Mass.) reportedly said.
Auchincloss has by now over 1,600 users on the platform. Some videos featuring him talking about legislation have over 20,000 views.
Rep. Bennie Thompson (D-Miss.), chairman of the House Homeland Security Committee, recently also urged his supporters to follow his TikTok account.
In March, Thompson supported a bill (H.R.6837) to ban TikTok on Department of Homeland Security (DHS) devices, which the House Homeland Security Committee approved. The legislation was introduced a month earlier by Rep. Michael Guest (R-Miss.) with the goal of stopping the Chinese Communist Party (CCP) from spying on Americans using TikTok.
Frank Fang contributed to this report.