ASK ANY teenager: President Donald Trump’s TikTok ban never actually got TikTok banned. The measure remains caught up in litigation. But President Biden’s revocation on Wednesday of the executive order barring the video-sharing service as well as others aimed at additional Chinese apps such as WeChat is still significant. The replacement order from the White House lays out a more rational, less arbitrary — but still insufficient — process that could end up determining the fate not only of high-schoolers’ dance videos but also of myriad other software.
There are real dangers in allowing programs crafted in authoritarian surveillance states to fill U.S. smartphones without oversight. Yet going after individual apps ad hoc, amid muddled messaging that leaves unclear precisely what threat the government is trying to counter, was never the way to safeguard the security of this nation or the rights of its citizens. The Trump administration’s lashing out against China risked setting a precedent in which essential communications tools and outlets for expression became geopolitical playing chips. A rigorous approach to evaluating imported products that collect U.S. civilians’ data was always in order. That’s just what Mr. Biden’s order promises.
The order builds on another, unrescinded Trump-era rule that granted the commerce secretary unprecedented power to intervene in the digital economy by classifying transactions as threats. This language made it all too easy for a U.S. administration to erect a Chinese-style Great Firewall between its Internet and the Internet of any country it deemed a foe. The goal of the Biden White House has been to refine that authority so that it can’t be abused.
Wednesday’s measure makes progress toward that goal by establishing explicit criteria for reviewing foreign software: All programs with the ability to collect and transmit information over the Internet are subject to the new strictures; they also apply when those programs are owned or otherwise subject to the control of any adversary abroad. This isn’t, in other words, only about TikTok or China. The order’s guidelines for threat evaluation also make sense — from the app’s nexus to a hostile government, to the scope and sensitivity of data collected, to the presence (or absence) of third-party auditing.
The only problem is what’s missing. The criteria included are still fairly open-ended — yet the more concrete the standards, the lower the chances the process can be exploited now or in the future to close off our markets to competitor countries and create a homegrown version of President Xi Jinping’s cybersovereignty. Further executive and legislative actions can help with this clarification. Ideally, a more nuanced jurisprudence should develop that distinguishes, say, between software that could enable espionage of high-level targets and software that could merely facilitate the mass collection of innocuous data. There should be a graduated menu of responses, with banning of apps only a last resort. Companies from states with a habit of censorship and surveillance should be allowed to do business here, but they shouldn’t be permitted to export their censorship or surveillance.
The United States must continue to fight for a free and connected Internet. But when other nations try to exploit that openness for nefarious ends, there is no choice but to shut some doors here, too. The key is to do so carefully and fairly, so that we may protect civil liberties rather than further endanger them.