The UK government has followed the lead of the United States and European Union by banning the popular video-sharing app TikTok from its central government devices over fears the Chinese-owned platform may constitute a security risk. However, critics say the government’s response to the potential problem caused by TikTok has been too slow.
In a statement to the House of Commons, Oliver Dowden, Chancellor of the Duchy of Lancaster, said that Cabinet Office ministers ordered a security review by the National Cyber Security Centre on social media apps. It found that there was a “potential vulnerability” of government data from social media apps on devices as well as risks around how sensitive information could be accessed and used by some platforms.
Chinese law states that companies are mandated to help the government in Beijing as requested, leading to fears data collected by TikTok could be shared with government officials. TikTok’s parent company, ByteDance, denies it has ever shared any information with the Chinese government.
The ban is described as “precautionary” and good “cybersecurity hygiene” by the UK government, due to the sensitive nature of the information that is stored on government devices. The Cabinet Office also says that government policy on the management of third-party applications will be strengthened.
Dowden said: “The security of sensitive government information must come first, so today we are banning [TikTok] on government devices. The use of other data-extracting apps will be kept under review.”
However, deputy leader of the Labour Party, Angela Rayner, described the move as a “sticking plaster solution” and that the government didn’t have a coherent position on TikTok based on comments made by Michelle Donelan, the UK’s Secretary of State for Science, Innovation and Technology.
“[Donelan] said the app was a matter of personal choice,” Rayner said. “She said we have no evidence and a ban would be very forthright. Two weeks. Two ministers. Two completely different policies later.”
TikTok ban is ‘reasonable’ says IT trade body
The Cabinet Office has said that the need and use of TikTok across government is limited and that the UK government is concerned about how data collected by the app is used. This data includes contacts, user content and geolocation data.
Controversy around Parliament’s TikTok use sprung up last summer when an official parliamentary account was launched, then swiftly deleted after an outcry from MPs.
In an official press announcement, the government said that any exceptions to the ban would only be granted by security teams on a case-by-case basis, such as to individuals working in relevant enforcement roles or purposes of work on online harms. Ministerial clearance might also be sought where appropriate.
The Chartered Institute for IT, BCS, said that the national security concerns around TikTok for politicians and UK government employees are “significant” and says the ban is a sensible step.
Rashik Parmar, chief executive of BCS, told Tech Monitor: “It is reasonable to expect that social media linked to a non-allied state should not be on the devices of government officials.
“Building public trust in technology is vital at this time when the apps we use every day are so closely linked to geopolitics.”
UK government behind the curve of US and EU on TikTok ban
During the business statement agenda item in the House of Commons, Rayner said the government was behind the curve when it comes to taking action on use of the platform.
“Once again, this government is late to the game – in August last year, Parliament closed its TikTok account and in December, the US banned TikTok from official devices,” she told the House.
She also referenced the ban by the European Union on its employees using TikTok on corporate devices in February 2023.
“We need a strong and clear-eyed consistent approach,” Rayner continued. “One that ensures that we can protect our national security and puts us into a strong position to engage with states, such as China, where it’s in our interest to do so.”
The ban comes days after the UK government published its Integrated Review Refresh 2023, which covered its policy position on China. As described by Dowden as taking a “three-pronged approach” the UK government looks to “protect, align and engage” but does say that it would “strengthen national security protections.”
TikTok is not unique in collecting data
While TikTok is the main app named in the statement by the Cabinet Office, one privacy expert points out that it’s far from unique in collecting personal data.
Nigel Jones, co-founder of Privacy Compliance Hub, told Tech Monitor that many other apps collect significant amounts of personal data: “What makes TikTok different in the eyes of those countries which have banned its use on government devices, is the fact it is Chinese. The fear here is twofold: will the Chinese government gain access to the data TikTok stores on us; and will it employ TikTok as a source of disinformation?”
Jones goes on to say that it would be “useful” for the UK to see the reasons behind the ban so users can decide for themselves whether they should use the app.
A spokesperson for TikTok said: “We are disappointed with this decision. We believe these bans have been based on fundamental misconceptions and driven by wider geopolitics, in which TikTok, and our millions of users in the UK, play no part.
“We remain committed to working with the government to address any concerns but should be judged on facts and treated equally to our competitors. We have begun implementing a comprehensive plan to further protect our European user data, which includes storing UK user data in our European data centres and tightening data access controls, including third-party independent oversight of our approach.”