Why is the topic relevant? The head of the National Office for Cyber and Information Security (NUCS), Lukáš Kintr, and the director of the Security Information Service, Michal Koudelka, have long warned against the use of the TikTok app. This Chinese social network is a potential cyber threat. In February, the European Commission as a whole banned its employees from using TikTok on all company devices. This comes at a time when similar measures have been taken in the past, for example in the US.
Why is this situation a risk for the Czech Republic? TikTok is owned and operated by ByteDance, a Chinese company that has faced long-standing suspicions of espionage activities, particularly in North America.
Information about the cyber risks after installing this app is already well known. It is mainly about the excessive collection of data, some of which has nothing to do with the primary functioning of the application. During its investigation, the Australian security analytics company Internet 2.0 pointed to specific examples of TikTok collecting data illegally. The research discovered that by using the app, people give TikTok access not only to the videos they upload, but also to their other data. This allows TikTok to download data from mobile phones, such as users’ movements, the contents of their calendar or their contact list.
TikTok’s parent company says it will not provide the data it has obtained to the Chinese authoritarian state. But the fundamental problem is that current Chinese law does not allow companies to refuse such a possible request from the communist authorities. In the Czech Republic, TikTok is one of the largest social networks and over two million people use it on their mobile devices. For this reason, it is clear that many people working in the government or security sector have also installed it on their devices.
How should the government proceed? The Czech government should take a clear position and, following the example of other Western countries, completely ban the use of TikTok on the official phones of all employees in the public administration as soon as possible. At a time when we have detailed knowledge of the risks of this app, allowing its continued use is not only highly irresponsible but directly opens the door to Chinese cyber and espionage operations.