Everyone is asking the wrong questions about TikTok
by on January 18, 2025
As we write this, everyone is wondering what will happen with TikTok in the next 48 hours. Social media as a phenomenon was designed to manufacture drama to sell advertising, and in this moment, the meta-drama is bigger than the in-App drama.
The danger of pervasive software is clear: powerful entities — be they governments or for-profit corporations — should not control the online narrative and remain unregulated in their use of personal data generated by these systems. However, the approach taken by Congress and upheld by SCOTUS remains fundamentally flawed. When there is power imbalance between a software systems' users and its owners, the answer is never “pick a different owner”.
Whoever owns ByteDance, the fundamental problem remains the same: users never really know what data is collected about them, and they don't know how the software manipulates that data when deciding what they are shown next. The problem can only be solved if users can learn, verify, and understand how that software works.
TikTok is a software system — implemented in two parts: somewhere, there is a server (or, likely, a group of servers), running the software that gathers and aggregates posts, and then there is the client software — the App — installed on users' devices. In both cases, ByteDance likely owns and controls both pieces of technology and is the only entity with access to the “source code” — the human readable software that can be studied and understood by human beings. When users download the TikTok App, they don't get that source code for the App, and certainly get no information about the software running on the servers.
If the USA operations of TikTok are sold to another entity, quite likely the software itself will remain in control of ByteDance. While the wording in the Act is expansive about the required divestment, it's likely the new USA owners wouldn't themselves receive the right to review or modify the source code — they could just receive a binary (non-source form) of that software. In that case, no one in the USA will have permission to review and verify that software behaves in a way that is in the interest of its USA users. The Act is vague on these details. Will complete, corresponding source code ultimately be considered part of “a qualified divestiture”? The Act simply leaves "an interagency process", with no guidance (to our knowledge) on the issue of server or App source code. (We have seen similar failures where government agencies with a duty to examine software found in medical devices do not actually even have access to the source code.)
The root problem is that the act doesn't require an action that would truly resolve the biggest threat to TikTok users in the USA. Users (and our government) should instead insist that, to operate in the USA, that ByteDance respect the software rights and freedoms of their users by releasing both the server and App components of the software under a “free and open source” (FOSS) license. FOSS respects the software rights of all by allowing everyone to review, modify, improve, and reinstall their own versions of the software. By technical necessity, this means that everyone could understand the communication protocol between the App and the servers. Users (or third-party App makers) could, for example, modify the App to no longer send users down the rabbit hole of toxic recommended posts, or refuse to transmit user usage data back to the servers in China. FOSS is the best method we have to democratize technology and its algorithms.
Industry will, of course, ask how could a new company, build around a purely FOSS platform, ever generate the revenue necessary to run the network of servers and implement needed improvements to the App? The answer to that is, in fact, part of the beauty to this solution. The primary reasons that sites like TikTok are so toxic is inherent in their business model: privacy-unfriendly data gathering to sell targeted advertising. Indeed, these issues are raised as serious concerns by individuals from all over the political spectrum and they are the primary reason the initial bill passed the House so easily. If we demanded a FOSS and transparent business model, TikTok would have little choice but to move to subscription-based revenue instead of advertising.
As we continue on the dystopian path where most of our technological solutions are funded primarily by advertising and massive, privacy-invading data collection, we must decide if the price that we pay for this technology is just too high. From our perspective, $14.99/month (plus full transparency and software rights) looks a lot better than $0 (plus no privacy and a daily dose of advertisements and occasional CCP propaganda). As the saying goes, if you don't pay for the product, you are the product.
Furthermore, a mandated FOSS release more directly exposes the true problem that the mandated sale tried to solve. We are not politically naïve; we know ByteDance would resist releasing TikTok (server and App) as FOSS just as much as they resisted the mandated sale. But the real problem we have is that we simply don't know if the Chinese government has undue influence over TikTok or not. We have that problem primarily because we cannot examine their opaque technology. Transparent technology leads the only way to the truth in our software-controlled world.
Please email any comments on this entry to info@sfconservancy.org.
