Connect with us

Published

on

TikTok Chief Executive Shou Zi Chew is pictured on the day he will testify before a House Energy and Commerce Committee hearing entitled “TikTok: How Congress can Safeguard American Data Privacy and Protect Children from Online Harms,” as lawmakers scrutinize the Chinese-owned video-sharing app, on Capitol Hill in Washington, U.S., March 23, 2023. 

Evelyn Hockstein | Reuters

For several years now, ByteDance’s TikTok has been the focus of lawmakers and intelligence officials who fear it could be used to spy on Americans. Those concerns took center stage during a five-hour grilling of TikTok’s CEO back in March.

But while TikTok has been the one in the spotlight, other Chinese apps that present similar issues are also experiencing massive popularity in the U.S.

Concerns about ByteDance stem in large part from a national security law that gives the Chinese government power to access broad swaths of business information if it claims to be for a national security purpose. U.S. intelligence officials and lawmakers fear that the Chinese government could effectively access any information that China-based app companies have collected from American users, from email addresses to user interests to driver’s licenses.

But that doesn’t seem to have swayed many consumers, as several China-based apps are still booming in the U.S.

For example, the shopping app Temu, owned by China-based PDD Holdings, has the number two spot on the Apple App Store among free apps as of late May. It also held the number 12 spot among digital retailers in the 2022 holiday season for unique visitors to its site, topping stores like Kohl’s, Wayfair and Nordstrom, according to Insider Intelligence, which also credits visibility on TikTok for its rise.

Meanwhile, ByteDance-owned apps CapCut and TikTok hold the fourth and fifth spots on the App Store rankings. Chinese fast fashion brand Shein holds fourteenth.

And between late March and early April, after the TikTok CEO hearing before Congress, ByteDance’s Lemon8, saw nearly 1 million downloads in the U.S., Insider Intelligence reported based on data from Apptopia. It’s an app with similarities to Pinterest and Meta’s Instagram.

These apps share some of the features that have worried the U.S. government about TikTok, including about whether some of these firms adequately protect U.S. user data when operating out of China (TikTok has stressed that U.S. user information is only stored on servers outside of China). Like TikTok, these apps collect user information, can analyze trends in their interests and use algorithms to target consumers with products or information that is likely to keep them engaged with the service.

But experts on China and social media say there are important differences between these apps and TikTok which might explain the relative lack of attention on them. Among the most important of those features is the scale of their presence in the U.S.

TikTok vs. other Chinese apps

In just 17 days after launch, Temu surpassed Instagram, WhatsApp, Snapchat and Shein on the Apple App Store in the U.S., according to Apptopia data shared with CNBC.

Stefani Reynolds | Afp | Getty Images

Even as they grow, the U.S. userbase of many popular Chinese apps is still dwarfed by TikTok’s massive U.S. audience of 150 million monthly active users.

TikTok sister app Lemon8, for instance, has an estimated 1.8 million monthly active users in the U.S., according to Apptopia.

While TikTok has had 415 million downloads in the U.S. since its launch here, CapCut has had 99 million, Temu 67 million and Lemon8 1.2 million, according to Apptopia.

Only Shein surpasses TikTok in downloads among this group of apps, though it launched far earlier in the U.S. in 2014. Shein’s app has 855 million downloads in the U.S. since its debut, though Apptopia estimates it has about 22 million monthly active users.

“An app with a thousand, or even a million users in the U.S. does not present the same widespread cybersecurity threat that an app with 100 million users has,” said Lindsay Gorman, senior fellow for emerging technologies at the German Marshall Fund’s Alliance for Securing Democracy.

Gorman said as the U.S. considers the threat posed by TikTok, it will also need to develop a framework for how to evaluate the relative risk of Chinese apps. The scale should be one factor, she said, and the type of app, including its ability to spread propaganda, should be another.

“The ability for a Chinese technology platform to represent critical information infrastructure in a democracy has to be part of that calculus when assessing risk,” Gorman said. “That’s where I think the analogies with power grids or energy infrastructure are applicable. We we would not allow the authoritarian regime to build significant components of our energy infrastructure and rely on an authoritarian regime for that.”

That means that an app like ByteDance’s CapCut may present a lower risk, both because of its smaller user base and because it’s meant to edit videos, rather than distribute them.

“We’re really at the beginning stages of even recognizing that a broader characterization and categorization is actually needed,” Gorman said, adding that rather than playing whack-a-mole with Chinese technology that poses a threat to U.S. national security, the country should develop a more systematic framework.

But in the meantime, U.S. consumers continue to turn to Chinese apps.

“Among the most downloaded apps consistently are Chinese-based ones like Temu and CapCut,” said Jasmine Enberg, principal analyst covering social media at Insider Intelligence. “And then of course, there’s the early growth of Lemon8, which suggests that the appetite for Chinese apps in the U.S. is still growing.”

For e-commerce apps, the risk of spreading harmful misinformation may not be as high as on a social media service. An e-commerce platform like Temu or Shein is likely a less viable platform to spread propaganda than a video app like TikTok.

“People just aren’t really spending the same amount of time on commerce apps and they’re not exposed necessarily to the same kind of content that could potentially have a negative impact on young people,” Enberg said. “I also don’t necessarily think that the connection to China for some of these apps is as clear to the average consumer and I also don’t think that consumers are really going around thinking about where the apps that they’re using originate from.”

Still, the U.S. could find a reason for concern. A recent CNN report that found Temu sister company Pinduoduo, a shopping app popular in China, contained malware. The parent company of both apps, PDD Holdings, did not respond to a request for comment. Research staff at the U.S.-China Economic and Security Review Commission pointed to that report in assessing Temu’s data risks, though an analyst recently told CNBC that Temu has not been as “aggressive” in requesting access to consumers’ data as Pinduoduo.

At least one group has viewed the pressure on TikTok as an optimal time to raise concerns with another Chinese company popular in the U.S.: Shein. The group Shut Down Shein, which is a “coalition of individuals, American brands and human rights organizations,” according to executive director Chapin Fay, launched the day that TikTok’s CEO was hauled before Congress.

Customers hold shopping bags outside the Shein Tokyo showroom in Tokyo on Nov. 13, 2022. Reuters reports the fast fashion retailer is targeting a U.S. IPO in the second half of 2023.

Noriko Hayashi | Bloomberg | Getty Images

“We were sort of agnostic on the timing, but we wanted to make sure that while people are talking about TikTok, there’s this other nefarious actor, Shein, who’s also collecting data and doing it all under the radar and also doing these other even worse things like slave labor,” said Fay, managing director of Actum consulting firm.

The group specifically takes issue with Shein’s alleged use of forced labor, as Bloomberg reported last year that tests revealed that cotton in clothes shipped to the U.S. were linked to a region in China where the U.S. government has said forced labor is deployed. China has denied the use of forced labor.

Shut Down Shein also rails against the company’s alleged use of an import loophole to avoid tariffs. Through the de minimis trade tax exemption, the group says, individual customers become the importer of their fast fashion goods, a practice that came up at a recent hearing by the House Select Committee on Strategic Competition between the United States and the Chinese Communist Party.

A Shein spokesperson said in a statement that it “complies with the domestic tax legislations of the countries in which it operates.” The spokesperson also said that Shein has “zero tolerance for forced labor,” takes seriously visibility across its supply chain and requires suppliers to follow a “strict code of conduct.”

Fay said it’s important to recognize that the way Shein has been able to grow its brand and gain new customers, in large part via so-called influencer hauls, is through TikTok.

Fear of a ‘slippery slope’ ban

Faced with national security worries over TikTok, lawmakers have considered several proposals that could lead to a ban. But critics fear some proposed solutions could create a slippery slope of unintended consequences. And some say the most effective long-term solution for curbing the use of Chinese apps may be fostering an environment for robust alternatives to grow.

Perhaps the most prominent of the bills that could lead to TikTok’s ban in the U.S., the RESTRICT Act, would give the Commerce Secretary the power to recommend barring technology that comes from a select group of foreign adversary countries if they determine the risks cannot be sufficiently mitigated otherwise.

Though the proposal quickly garnered serious attention for its heavy-hitting group of sponsors, including Senate Intelligence Committee Chair Mark Warner, D-Va., and Commerce subcommittee on communications ranking member John Thune, R-S.D., it’s since appeared to lose the early momentum. That’s due in part to concerns raised by the tech industry and others that the bill could give the executive branch broad power to seek a ban on certain technology.

Sen. Mark Warner (D-VA)

Drew Angerer | Getty Images

“While I understand that Americans enjoy the convenience of Chinese e-commerce and the creative tools of many Chinese communications apps, we have to reckon with the fact that these companies ultimately are beholden to the demands of the Chinese government,” Warner said in a statement. “We’ve had an important and overdue conversation about the predatory and invasive practices of U.S. tech firms in recent years; those same concerns are valid with the growing sway of these foreign apps – and then exacerbated by the manner in which these PRC-based companies serve as instruments of PRC power.”

One of those critics of the bill’s current scope is Andy Yen, CEO of Proton, which makes an encrypted email service and VPN. While Yen believes that TikTok should be banned in the U.S., he fears the RESTRICT Act is currently too broad to effectively do so without additional consequences.

In a recent blog post, Yen argued that the bill would give the Commerce Secretary overly-broad power to designate additional governments as foreign adversaries and feared that ambiguous language in the bill could be used to penalize individuals who use VPNs to access apps that are banned in the U.S.

In the post, Yen suggested these issues could be resolved with changes to the bill’s language to make it more targeted and limited in scope.

Speaking on the “Pivot” podcast recently, Warner stressed the need for a rules-based approach that could be legally upheld to deal with tech from foreign adversaries. He said he believes criticism of the bill, including that it would target individual VPN users or that U.S. companies that do business in China could be swept up in enforcement action, is not valid, though he said he is open to amending the bill to make that more clear.

“There is a very legitimate national security concern here,” Yen said. “So I think it is something that regulators do need to tackle and this is why Congress is trying do something. But I think we need to do it in a way that doesn’t undermine the values of freedom and democracy that make America different from China.”

Still, a TikTok ban would have other effects in the U.S., like yielding more market share to existing tech giants in the U.S. like Meta’s Facebook and Instagram. Proton has been an active proponent of antitrust reform to create what some companies see as a more level playing field for tech developers in the U.S.

Yen said the solution to creating more competitive digital markets in the U.S. is not to allow risky Chinese companies to run rampant, but rather “to have a level playing field that can allow other American companies or European companies to compete in the U.S. fairly.”

That’s a goal shared by Jonathan Ward, an expert on China who founded the Atlas Organization consulting firm.

“The best way that we can do this is to create alternatives,” Ward said. “Because even if these companies don’t take root in our own market, even if we’re able to successfully deny them access here, as we did with Huawei, they can flourish in other parts of the world,” he added, referring to the Chinese telecom company that’s been placed on a U.S. entity list over national security concerns.

“We’re also going to have to stand up American and free world alternatives to these companies because you can’t let them take over industries that matter or create apps that become integral to the fabric of our societies,” Ward said. “And that’s going to require an effort that goes beyond the Congress and into the sort of entire system of democracies worldwide.”

Subscribe to CNBC on YouTube.

WATCH: Montana’s TikTok ban is a ‘clear violation’ of the First Amendment, says NetChoice VP Carl Szabo

Montana's TikTok ban is a 'clear violation' of the First Amendment, says NetChoice VP Carl Szabo

Continue Reading

Technology

How Elon Musk’s plan to slash government agencies and regulation may benefit his empire

Published

on

By

How Elon Musk’s plan to slash government agencies and regulation may benefit his empire

Elon Musk’s business empire is sprawling. It includes electric vehicle maker Tesla, social media company X, artificial intelligence startup xAI, computer interface company Neuralink, tunneling venture Boring Company and aerospace firm SpaceX. 

Some of his ventures already benefit tremendously from federal contracts. SpaceX has received more than $19 billion from contracts with the federal government, according to research from FedScout. Under a second Trump presidency, more lucrative contracts could come its way. SpaceX is on track to take in billions of dollars annually from prime contracts with the federal government for years to come, according to FedScout CEO Geoff Orazem.

Musk, who has frequently blamed the government for stifling innovation, could also push for less regulation of his businesses. Earlier this month, Musk and former Republican presidential candidate Vivek Ramaswamy were tapped by Trump to lead a government efficiency group called the Department of Government Efficiency, or DOGE.

In a recent commentary piece in the Wall Street Journal, Musk and Ramaswamy wrote that DOGE will “pursue three major kinds of reform: regulatory rescissions, administrative reductions and cost savings.” They went on to say that many existing federal regulations were never passed by Congress and should therefore be nullified, which President-elect Trump could accomplish through executive action. Musk and Ramaswamy also championed the large-scale auditing of agencies, calling out the Pentagon for failing its seventh consecutive audit. 

“The number one way Elon Musk and his companies would benefit from a Trump administration is through deregulation and defanging, you know, giving fewer resources to federal agencies tasked with oversight of him and his businesses,” says CNBC technology reporter Lora Kolodny.

To learn how else Elon Musk and his companies may benefit from having the ear of the president-elect watch the video.

Continue Reading

Technology

Why X’s new terms of service are driving some users to leave Elon Musk’s platform

Published

on

By

Why X's new terms of service are driving some users to leave Elon Musk's platform

Elon Musk attends the America First Policy Institute gala at Mar-A-Lago in Palm Beach, Florida, Nov. 14, 2024.

Carlos Barria | Reuters

X’s new terms of service, which took effect Nov. 15, are driving some users off Elon Musk’s microblogging platform. 

The new terms include expansive permissions requiring users to allow the company to use their data to train X’s artificial intelligence models while also making users liable for as much as $15,000 in damages if they use the platform too much. 

The terms are prompting some longtime users of the service, both celebrities and everyday people, to post that they are taking their content to other platforms. 

“With the recent and upcoming changes to the terms of service — and the return of volatile figures — I find myself at a crossroads, facing a direction I can no longer fully support,” actress Gabrielle Union posted on X the same day the new terms took effect, while announcing she would be leaving the platform.

“I’m going to start winding down my Twitter account,” a user with the handle @mplsFietser said in a post. “The changes to the terms of service are the final nail in the coffin for me.”

It’s unclear just how many users have left X due specifically to the company’s new terms of service, but since the start of November, many social media users have flocked to Bluesky, a microblogging startup whose origins stem from Twitter, the former name for X. Some users with new Bluesky accounts have posted that they moved to the service due to Musk and his support for President-elect Donald Trump.

Bluesky’s U.S. mobile app downloads have skyrocketed 651% since the start of November, according to estimates from Sensor Tower. In the same period, X and Meta’s Threads are up 20% and 42%, respectively. 

X and Threads have much larger monthly user bases. Although Musk said in May that X has 600 million monthly users, market intelligence firm Sensor Tower estimates X had 318 million monthly users as of October. That same month, Meta said Threads had nearly 275 million monthly users. Bluesky told CNBC on Thursday it had reached 21 million total users this week.

Here are some of the noteworthy changes in X’s new service terms and how they compare with those of rivals Bluesky and Threads.

Artificial intelligence training

X has come under heightened scrutiny because of its new terms, which say that any content on the service can be used royalty-free to train the company’s artificial intelligence large language models, including its Grok chatbot.

“You agree that this license includes the right for us to (i) provide, promote, and improve the Services, including, for example, for use with and training of our machine learning and artificial intelligence models, whether generative or another type,” X’s terms say.

Additionally, any “user interactions, inputs and results” shared with Grok can be used for what it calls “training and fine-tuning purposes,” according to the Grok section of the X app and website. This specific function, though, can be turned off manually. 

X’s terms do not specify whether users’ private messages can be used to train its AI models, and the company did not respond to a request for comment.

“You should only provide Content that you are comfortable sharing with others,” read a portion of X’s terms of service agreement.

Though X’s new terms may be expansive, Meta’s policies aren’t that different. 

The maker of Threads uses “information shared on Meta’s Products and services” to get its training data, according to the company’s Privacy Center. This includes “posts or photos and their captions.” There is also no direct way for users outside of the European Union to opt out of Meta’s AI training. Meta keeps training data “for as long as we need it on a case-by-case basis to ensure an AI model is operating appropriately, safely and efficiently,” according to its Privacy Center. 

Under Meta’s policy, private messages with friends or family aren’t used to train AI unless one of the users in a chat chooses to share it with the models, which can include Meta AI and AI Studio.

Bluesky, which has seen a user growth surge since Election Day, doesn’t do any generative AI training. 

“We do not use any of your content to train generative AI, and have no intention of doing so,” Bluesky said in a post on its platform Friday, confirming the same to CNBC as well.

Liquidated damages

Bluesky CEO: Our platform is 'radically different' from anything else in social media

Continue Reading

Technology

The Pentagon’s battle inside the U.S. for control of a new Cyber Force

Published

on

By

The Pentagon's battle inside the U.S. for control of a new Cyber Force

A recent Chinese cyber-espionage attack inside the nation’s major telecom networks that may have reached as high as the communications of President-elect Donald Trump and Vice President-elect J.D. Vance was designated this week by one U.S. senator as “far and away the most serious telecom hack in our history.”

The U.S. has yet to figure out the full scope of what China accomplished, and whether or not its spies are still inside U.S. communication networks.

“The barn door is still wide open, or mostly open,” Senator Mark Warner of Virginia and chairman of the Senate Intelligence Committee told the New York Times on Thursday.

The revelations highlight the rising cyberthreats tied to geopolitics and nation-state actor rivals of the U.S., but inside the federal government, there’s disagreement on how to fight back, with some advocates calling for the creation of an independent federal U.S. Cyber Force. In September, the Department of Defense formally appealed to Congress, urging lawmakers to reject that approach.

Among one of the most prominent voices advocating for the new branch is the Foundation for Defense of Democracies, a national security think tank, but the issue extends far beyond any single group. In June, defense committees in both the House and Senate approved measures calling for independent evaluations of the feasibility to create a separate cyber branch, as part of the annual defense policy deliberations.

Drawing on insights from more than 75 active-duty and retired military officers experienced in cyber operations, the FDD’s 40-page report highlights what it says are chronic structural issues within the U.S. Cyber Command (CYBERCOM), including fragmented recruitment and training practices across the Army, Navy, Air Force, and Marines.

“America’s cyber force generation system is clearly broken,” the FDD wrote, citing comments made in 2023 by then-leader of U.S. Cyber Command, Army General Paul Nakasone, who took over the role in 2018 and described current U.S. military cyber organization as unsustainable: “All options are on the table, except the status quo,” Nakasone had said.

Concern with Congress and a changing White House

The FDD analysis points to “deep concerns” that have existed within Congress for a decade — among members of both parties — about the military being able to staff up to successfully defend cyberspace. Talent shortages, inconsistent training, and misaligned missions, are undermining CYBERCOM’s capacity to respond effectively to complex cyber threats, it says. Creating a dedicated branch, proponents argue, would better position the U.S. in cyberspace. The Pentagon, however, warns that such a move could disrupt coordination, increase fragmentation, and ultimately weaken U.S. cyber readiness.

As the Pentagon doubles down on its resistance to establishment of a separate U.S. Cyber Force, the incoming Trump administration could play a significant role in shaping whether America leans toward a centralized cyber strategy or reinforces the current integrated framework that emphasizes cross-branch coordination.

Known for his assertive national security measures, Trump’s 2018 National Cyber Strategy emphasized embedding cyber capabilities across all elements of national power and focusing on cross-departmental coordination and public-private partnerships rather than creating a standalone cyber entity. At that time, the Trump’s administration emphasized centralizing civilian cybersecurity efforts under the Department of Homeland Security while tasking the Department of Defense with addressing more complex, defense-specific cyber threats. Trump’s pick for Secretary of Homeland Security, South Dakota Governor Kristi Noem, has talked up her, and her state’s, focus on cybersecurity.

Former Trump officials believe that a second Trump administration will take an aggressive stance on national security, fill gaps at the Energy Department, and reduce regulatory burdens on the private sector. They anticipate a stronger focus on offensive cyber operations, tailored threat vulnerability protection, and greater coordination between state and local governments. Changes will be coming at the top of the Cybersecurity and Infrastructure Security Agency, which was created during Trump’s first term and where current director Jen Easterly has announced she will leave once Trump is inaugurated.

Cyber Command 2.0 and the U.S. military

John Cohen, executive director of the Program for Countering Hybrid Threats at the Center for Internet Security, is among those who share the Pentagon’s concerns. “We can no longer afford to operate in stovepipes,” Cohen said, warning that a separate cyber branch could worsen existing silos and further isolate cyber operations from other critical military efforts.

Cohen emphasized that adversaries like China and Russia employ cyber tactics as part of broader, integrated strategies that include economic, physical, and psychological components. To counter such threats, he argued, the U.S. needs a cohesive approach across its military branches. “Confronting that requires our military to adapt to the changing battlespace in a consistent way,” he said.

In 2018, CYBERCOM certified its Cyber Mission Force teams as fully staffed, but concerns have been expressed by the FDD and others that personnel were shifted between teams to meet staffing goals — a move they say masked deeper structural problems. Nakasone has called for a CYBERCOM 2.0, saying in comments early this year “How do we think about training differently? How do we think about personnel differently?” and adding that a major issue has been the approach to military staffing within the command.

Austin Berglas, a former head of the FBI’s cyber program in New York who worked on consolidation efforts inside the Bureau, believes a separate cyber force could enhance U.S. capabilities by centralizing resources and priorities. “When I first took over the [FBI] cyber program … the assets were scattered,” said Berglas, who is now the global head of professional services at supply chain cyber defense company BlueVoyant. Centralization brought focus and efficiency to the FBI’s cyber efforts, he said, and it’s a model he believes would benefit the military’s cyber efforts as well. “Cyber is a different beast,” Berglas said, emphasizing the need for specialized training, advancement, and resource allocation that isn’t diluted by competing military priorities.

Berglas also pointed to the ongoing “cyber arms race” with adversaries like China, Russia, Iran, and North Korea. He warned that without a dedicated force, the U.S. risks falling behind as these nations expand their offensive cyber capabilities and exploit vulnerabilities across critical infrastructure.

Nakasone said in his comments earlier this year that a lot has changed since 2013 when U.S. Cyber Command began building out its Cyber Mission Force to combat issues like counterterrorism and financial cybercrime coming from Iran. “Completely different world in which we live in today,” he said, citing the threats from China and Russia.

Brandon Wales, a former executive director of the CISA, said there is the need to bolster U.S. cyber capabilities, but he cautions against major structural changes during a period of heightened global threats.

“A reorganization of this scale is obviously going to be disruptive and will take time,” said Wales, who is now vice president of cybersecurity strategy at SentinelOne.

He cited China’s preparations for a potential conflict over Taiwan as a reason the U.S. military needs to maintain readiness. Rather than creating a new branch, Wales supports initiatives like Cyber Command 2.0 and its aim to enhance coordination and capabilities within the existing structure. “Large reorganizations should always be the last resort because of how disruptive they are,” he said.

Wales says it’s important to ensure any structural changes do not undermine integration across military branches and recognize that coordination across existing branches is critical to addressing the complex, multidomain threats posed by U.S. adversaries. “You should not always assume that centralization solves all of your problems,” he said. “We need to enhance our capabilities, both defensively and offensively. This isn’t about one solution; it’s about ensuring we can quickly see, stop, disrupt, and prevent threats from hitting our critical infrastructure and systems,” he added.

Continue Reading

Trending