North Carolina recently joined a growing list of states – more than 20 now — that have banned social media app TikTok from government-issued devices. Gov. Roy Cooper issued an executive order after two state legislators threatened to pass a law enacting such a ban.
Duke University professor Ken Rogerson, from the Sanford School of Public Policy, joined me recently to explain what’s going on. Here is a lightly edited version of our conversation, recorded for the Duke University Debugger podcast that I host..
Ken Rogerson: I think they’re taking a cue from the federal level proposals that are asking for the same thing. If you remember Bob, during the Trump administration, TikTok was banned entirely by an executive order for a little while.
Then it was rescinded by the Biden administration. And there’s another proposal even for that at the federal level to ban TikTok in the United States entirely. But there’s another proposal that I think maybe has a little bit of teeth — that’s to ban it at the federal level from any device that is federally distributed or given to an employee as part of their job.
And so I think they’re taking the cue from that federal-level proposal. But there are also some states that have already done this. Oklahoma, Nebraska, have already done this at the state level through either executive orders or through legislative action of banning TikTok at that level.
So they’re not the first to do that, but, but they are certainly quite adamant and intense about trying to do this at North in North Carolina as well.
Bob: There certainly is a lot of discussion about TikTok lately, but what is the actual concern for legislators at the federal and state level about TikTok and government devices?
Ken Rogerson: Well, Bob, I think the concern is twofold. The first is a broader concern about the level of our personal information privacy on our devices. And, and that’s something that I applaud. I think it’s really great to be asking these kinds of questions and be worrying about how well our personal information is protected.
And as a subset of that, we are so interconnected. I’m not sure that a work phone is only a work phone anymore. We often use our work devices for personal things and our personal devices for work things. And so there’s an overlap there. And so there is a concern about access to personal information and the protection of information.
But in this particular case, it also seems that there’s a concern about China itself now. W can go back to the Cold War and there was … I’m a political scientist and hold that very dear to my heart. And there was something called “enemy imaging.” And that we actually found some pride in our country of looking at enemies in the world. And then post-Cold War, we had to find new enemies. There’s terrorists and terrorist organizations that filled that role. But China seems to also be filling that role at a federal level. We have a number of conversations about China. It’s interesting to me to see this trickle down at the state level. The letter that these two state legislators sent to the governor mentioned China specifically as a threat to our security and because of the kind of government that they have and, and the relationship between ByteDance, which owns TikTok, and the Chinese government. It’s just interesting to see that state-level legislators are looking at that as a potential threat at the state level.
Bob: So would these kinds of inquiries, these kinds of letters and legislation be coming up. TikTok wasn’t owned by a Chinese company, do you think?
Ken Rogerson: Oh, that’s such a good question. I actually am not quite sure of the answer to that, but I don’t think so. I’m not a foreign policy specialist, but certainly you can’t not pay attention to it if you’re interested in technology policy. There is a connection between Chinese companies and the Chinese federal-level government. Um, there have been a number of indicators over the past few years through, through stated policies and through small programs … I remember even five or six years ago, there was a little small order from the Chinese government that all games on phones had to register with the government. And so if you downloaded a game – Angry Birds, for example – you had to register that use with the government. And so, so there is some fear that the connection between the federal-level Chinese government and the public-sector companies who create things for phones is a little tighter than it is in other places.
At the same time, we see some companies there pushing back a little bit and negotiating a little more freedom so that they can make money. I mean, it’s a profit-based industry for sure, and, and the Chinese government wants to encourage that kind of capitalistic enterprise in its own way.
Bob: So TikTok is ragingly popular, particularly with young people, and there’s been a lot of stated public concerns that the Chinese government could use ByteDance… the data that TikTok collects in order to build this massive surveillance database of US citizens. Whatever one might think of that fear would an executive order or legislation like this, do you think that would really stop it or help with that concern? Is it effective?
Ken Rogerson: Is it effective? Another great question, Bob. Probably not. I’m a little .. concern isn’t the right word … I’m watching with bated breath to see if this particular type of conversation about TikTok itself can push us into a wider conversation about some regulation and potentially consumer-empowering regulation that gives us more leverage to control our own data. We can do that in the United States, but if something happens to us, what we don’t have is resources to go protect ourselves against either governments or big companies who have much greater resources than individuals do. So, no, I’m not sure that banning TikTok from government-distributed devices really will change anything. Because as you said, young people will still use TikTok and will still access TikTok.
Now, for the most part, young people are also not going to have access to national security information, either directly or maybe through some vulnerability that will allow really good hackers to get where they need to go.
So there is a piece of that, that is probably good from a government — whether state or federal level standpoint — to say we want to protect ourselves because our devices could potentially lead to some kind of problematic intervention into our data. But, I don’t see it at all for youth using it to share, you know, quick, quick videos of food.
Bob: Now, on the other hand, when I, I read what you said to the local media in North Carolina, it made me think, well, this conversation is certainly welcome. It’s high time somebody drew a bright line around something when it comes to gathering data, right?
Ken Rogerson: Oh yeah, for sure. Again, I’m not sad about the conversation that this is encouraging among policymakers, especially. I think there are a lot of privacy advocates out there who are trying to make their voices heard, and there’s actually privacy legislation at the federal level … serious privacy legislation that some people looking at and saying, ‘Oh, maybe something can happen here.’ For some it doesn’t go far enough. For some people it goes farther than it’s gone in the past. And so, so this is great to contribute to the conversation, but I think your earlier point is very well taken, which is what will it really do for those who are arguing that TikTok is a national security risk?
Well, I think that it could help in a really minimal sense, a small percentage sense for a few devices and a few people, but I don’t think it helps for those reasons. But let’s con continue to have this conversation and widen it to other kinds of platforms, other kinds of information-sharing platforms as well.
Bob: If it’s good enough to ban TikTok, maybe it’s good enough to ban other kinds of technologies as well?
Ken Rogerson: or the opposite way, right? That seems a little draconian to me to say that this is only about banning platforms who aren’t doing a good job with their data. And we can look at it from another direction as well, that we can create policy that makes personal information privacy collection-sharing much more transparent and much more user-controlled or, have some kind of oversight mechanism for people to be able to bring difficult situations to a third party to say, ‘You used my data in incorrect way.’ There needs to be some kind of penalty or punishment here.