I don’t imagine you’d give ByteDance a pass if their board was full of former government officials.
They have active government officials on their board, not former.
So your strategy for national security to to know the good guys and bad guys in advance?
That’s why they’re called ”adversaries”. Duh. You don’t trust adversaries. Do you realize just how silly that question of yours is? We know who the bad guys are. You don’t pass laws like this for friendly countries. Note the law doesn’t specifically target TikTok by name but rather specifies criteria for which a foreign adversary owns at least 20% of a company and has influence over the management team. The president has discretion for determining whether foreign company that meet those criteria are a security threat. The law passed by the House lists four adversary countries. The four adversaries listed are North Korea, Russia, Iran, and China. No other country would be affected by the law if passed and signed. Why wouldn’t you want a law on the books to protect against those particular countries? Have you actually read the law or seen the details about it to know the law specifies the countries that would be affected?
This doesn't do that-- that's my point. As long as there is trade in personal data, as long as data sits in undersecured databases, it's easy to get. I get a letter a month saying some company I wasn't even aware I was doing business with through a contract arrangement with another, has been breached. The penalty is generally the cost of that letter and watching my credit report of a year, if I give them more of my personal information so they can access my credit report.
Your proposal doesn’t make anything more secure. The law in question removes TikTok as a company that can even gather that information. If TikTok doesn’t have that data, China can’t get something that doesn’t exist. If they’re sold rather than banned, you can prevent them from just picking up a phone and telling the ByteDance CEO to send over the data. There’s nothing more secure than non-existent data the CCP can’t get their hands on. That’s what the legislation is designed to do. If it’s never collected, it can’t be shared.
If personal data is a matter of national security, treat it as such. Treat it like we would yellow cake or aluminum tubes. Ensure it's locked down and be ruthless in enforcing that. With a law like that, sharing your TikTok views would truly be espionage, and there's be cause to go after them.
Governments can secure their own data behind the toughest encryption possible and the most secure networks, but government doesn’t control what American companies do to secure their data. TikTok sure isn’t going to secure their network or databases against their CCP masters. But our government can recognize a big huge security hole with a foreign company where the CCP doesn’t even have to hack into ByteDance. They just have to ask for the data and they get it.
Every country has laws like that,
including the US.
Except under US law and for most friendly countries, the government can’t just take the information unless they get a court order or subpoena. Democratic countries have safeguards in place. Even the NSA, which records all communications within the United States, cannot access the data they record without a court order. There are also masking laws to protect the privacy of the innocent.
If someone takes information not allowed under our law, they are typically arrested. None of the adversarial countries have any such protections. Those dictatorships can just get what they want. You seem to put an awful lot of trust in adversarial countries, whereas I don’t trust those adversarial countries any further than I can throw a bus. Stop them from having an opportunity to get our data simply by not allowing them to even collect it, or alternatively if the company is sold, make it a whole lot harder for them to get it than just picking up a phone.