TikTok CEO’s congressional hearing will have big implications on Chinese firms trying to expand abroad

There’s a lot riding on TikTok CEO Shou Zi Chew’s appearance before Congress next month. Not just for the wildly popular social media app, but for the fortunes of China’s flagging tech sector, and the U.S. debate over data privacy rules.

On March 23, the 40-year-old Singaporean executive will testify in defense of his app’s data security in front of the House Energy and Commerce Committee, which is demanding answers about TikTok’s relationship to the Chinese Communist Party. Chew will be hoping to turn the tide in what’s been an “incredible uphill battle” against U.S. regulators over the last year and a half. 

“Tiktok has essentially tried to prove that its data is walled off, so that its U.S. data stays in the U.S. and its China data stays in China,” says Kendra Schaefer, the head of tech policy research at the Beijing-based consultancy Trivium China. “But it’s been hard to assuage U.S. policymakers.”

Chew will arrive on the Hill as the U.S. backlash against his app grows. While the Trump administration’s attempt to ban TikTok in 2020 fell short, in the past two months, a number of state legislatures have banned the app from government phones, and Congress’s latest bipartisan spending bill prohibits the app from federal devices. In addition, a growing number of public universities have banned the app on campus. And Republican Sen. Josh Hawley and Rep. Ken Buck unveiled legislation that would outright ban the app across the country. 

TikTok has hit back, responding that the bans would “do nothing to advance cybersecurity” and “are based on unfounded falsehoods about TikTok.” It touts “Project Texas,” its initiative to wall off its U.S. user data from the rest of the company by placing it under the control of a new U.S. corporate entity it created last year, in partnership with Oracle, which will host and monitor the data. The entity will be governed by an independent board of directors, which in turn will report to the Committee of Foreign Investment in the United States (CFIUS) rather than TikTok Global or ByteDance. 

But it’s unclear whether that will convince members of Congress, who are expected to press the TikTok chief for detailed answers after a number of worrying reports about the app.” Last year, Buzzfeed reported that TikTok’s Chinese employees could access nonpublic data about U.S. TikTok users, and Forbes reported that TikTok’s parent company sought to use the app to “monitor the personal location of some specific American citizens,” something TikTok denied. But ByteDance admitted last month that some of its employees had inappropriately obtained personal data of U.S. TikTok users, including two journalists. The behavior was “unacceptable” and the employees had been fired, the company said. 

Whatever happens to the app will have big implications “for the market potential of any other Chinese companies that are trying to expand abroad,” says Schaefer, and that’s an important question in China as its largest tech firms hit domestic user onboarding ceilings and their growth wanes. “So as the U.S. blocks these apps, it starts closing the door on China’s ability to expand. And the knock-on effects could be catastrophic. If the U.K. were to follow suit, that would pose a very serious problem.”

Schaefer worries that the debate over TikTok could mark a shift in the conversation around data privacy toward one that’s overly fixated on geopolitical threats. In recent years, some U.S. politicians have embraced a model proposed by Japan’s late former prime minister Shinzo Abe called “Data Free Flow with Trust,” that would permit unrestricted data flows between Western-allied countries, while sharply curbing data flows to and from blacklisted adversary states. One of Congress’s biggest TikTok critics, Rep. Mike Gallagher (R-WI), praised Abe’s model in an interview on Wednesday. “It’s not just enough to ban Tiktok or force a sale,” he argued. “You also need to have a bigger, proactive strategy for how we share data across borders with free world countries that we actually trust.” 

But Schaefer calls the idea “a huge mistake, because that assumes there’s no malign influence in allied countries, and that’s simply not the case. There are plenty of companies in Europe, or South Korea, that will misuse your user data, given the opportunity to do so.” Rather, she suggests a federal data privacy law that would apply consistent regulations to anyone operating in the U.S.—regardless of where they’re from. Having such a law would make it easier for the U.S. to regulate companies like TikTok, she says, “because there’s a rule to point at. What’s difficult in this situation is we don’t have those rules.”