[someperson]

I think the reasoning of the US government is that every private company in China is an arm of the state since everybody in China is required by law to help China's intelligence service via article 7 of China's National Intelligence Law (and any company with more than 50 people including Douyin/TikTok is required to have a Chinese Community Party secretary so even more state influence)

And because the government of China's long track record of data theft for commercial gain the Trump administration sees it best to use CIFIUS to ban all companies from China that collect any sensitive information (whether personal or corporate), even if they haven't found a smoking gun that the government of China has misused the data yet.

I don't believe the Trump administration is going for complete economic decoupling with China at this stage (though I personally wish they were), but they certainly are going for banning applications with any access to sensitive information at all. Through this reasoning I am fully expecting applications such as AirDroid (made by Beijing-based Sand Studio) to be banned sooner rather than later.

[mike00632]

1. If the reasoning is that a hostile foreign government could use sensitive data against the US and thus shouldn't be allowed to collect such data then such policy is being arbitrarily enforced. There are other companies (FaceApp comes to mind) that collect data on Americans that don't have such scrutiny from the executive branch. Furthermore, American companies that collect sensitive data regularly give access to foreign entities (e.g. Cambridge Analytica, which abused Facebook's sharing agreement with academic institutions but there nonetheless exists such sharing agreements). If the use of CIFIUS is a part of a broader strategy against China then such a strategy should be outlined somewhere, announced and debated in Congress. This is a special decision taken unilaterally against TikTok.

2. I don't think the executive branch's reasoning is limited to the potential of abuse. Representatives of the Trump administration have stated that they are concerned with data that TikTok currently collects, which they say merits a national security concern. It seems like they are making these claims to get the public on board with the measures, but claims like this require specifics and evidence. Even if I agree with TikTok being banned from the US over security concerns, I don't want to feel propagandized by the US government.

3. What sensitive data are we talking about!? This is the elephant in the room. It seems like the big concern is over email address + geographical location + TikTok viewing history + images of faces. TikTok still lives on platforms that are heavily sandboxed and secured by very interested teams at Google and Apple. Nobody has made a credible accusation that TikTok is exploiting some zero day to gain access to users' sensitive data.

4. This isn't a part of a broader talk about the dangers of tech companies collecting too much data. There doesn't seem to be any plans to restrict data collection nation-wide. Maybe the executive branch is taking this on a case-by-case basis but a more reasonable explanation seems to be that Trump simply doesn't like TikTok or is using his power to muscle out foreign businesses as a bargaining chip in a larger China dispute.

[someperson]

I agree with you that the use of CIFIUS as a broader strategy should be debated by Congress rather than just using executive action.

The sandboxing by Google and Apple is not relevant given users are willingly giving TikTok access to the camera, GPS etc. The sensitive information includes the ability to build detailed user profiles (including psych evaluations) of every TikTok user in the world. At least that's my impression from my research into this so far.

[bromuro]

Well the US companies that control our smartphones could force the app to not access most of these data, eg like blocking the GPS.