Domino effect as more EU institutions move to ban TikTok on work devices

The European Commission’s surprising decision to ban TikTok on work-related devices has triggered a domino effect across Brussels and beyond as more EU institutions move to emulate the prohibition, turning the popular video-sharing app into ostracised software for corporate environments.

TikTok is owned by the Beijing-based company ByteDance, a connection that has raised serious concerns about privacy breaches, espionage and data transfers to the Chinese Communist Party.

The ban, first announced on 23 February, is now in place in the EU’s executive arm – the European Commission –, the two co-legislators – the EU Council and the European Parliament –, the diplomatic service – the European External Action Service (EEAS) –, and the Luxembourg-based budgetary watchdog – the European Court of Auditors (ECA).

The measure applies to corporate devices but also personal devices that might be connected to the official mobile network provided by the institutions within their premises.

“This is necessary because of information security and data protection concerns related to the app,” a spokesperson from the European Court of Auditors told Euronews, confirming the ban had been introduced “effective immediately” as of 1 March.

“The decision will protect the ECA against data collection by third parties, which constitutes a potential cybersecurity threat. Security developments related to social media platforms will be kept under constant review. Similar decisions on other platforms may follow in time.”

The bloc’s two main advisory bodies – the European Committee of the Regions (CoR) and the European Economic and Social Committee (EESC) – have equally followed suit in recent days, officials told Euronews.

“The TikTok application must also be uninstalled from the devices provided by the Committee as soon as possible and, in any case, no later than 15 March 2023,” said an EESC spokesperson.

“The EESC does not promote its activities via TikTok but on other social media platforms.”

The European Ombudsman, currently led by Emily O’Reilly, has also outlawed TikTok from corporate devices as its cybersecurity is managed by the European Parliament and is therefore required to follow the guidelines issued by the hemicycle.

Meanwhile, a spokesperson from the EU’s Court of Justice (CJEU) said the Luxembourg-based institution has not felt the need to introduce such a ban because apps on its work-related devices “have always been limited to what is strictly necessary.”

“It has therefore never been possible to install TikTok on work-related devices and consequently there is no such issue at the Court,” a spokesperson said in a written statement.

The European Central Bank (ECB), which is headquartered in Frankfurt, declined to comment on “specific IT security issues.”

Long-standing suspicions

Notably, none of the European institutions have explicitly mentioned the Chinese Communist Party or the central government in Beijing as a factor in their decision-making, although the implicit link has floated heavily over each announcement.

It is believed to be the first time EU bodies have taken such radical action against one concrete app.

Suspicions over TikTok, however, are far from new and have gained prominence in recent years as the platform turned into a global phenomenon, luring millions of teenagers to its algorithm-driven feed, while relations between the West and China went markedly sour.

Fears of foreign interference came to the very forefront in early November when TikTok published a privacy update in which the company openly admitted that personal data from European users could be accessed by some of its China-based employees.

A 2017 law compels all Chinese citizens and organisations to “support, assist and cooperate” with the country’s national intelligence service. The law can also force Chinese companies, including their subsidies abroad, to hand over data to the central government, if asked to do so.

The Irish Data Protection Commission (DPC) has been investigating TikTok’s data transfers to China and its compliance with the EU’s privacy laws since September 2021. 

TikTok has repeatedly defended its independence from the Chinese government and said the prohibitions were “misguided and based on fundamental misconceptions.”

The company insisted it is committed to protecting “the data of the 125 million people across the EU who come to TikTok every month.”

With bans emerging in a nearly synchronised manner, the Chinese Ambassador to the European Union, Fu Cong, took to Twitter to condemn the prohibitions. 

“Very disappointed that EU institutions impose restrictions on the use of TikTok on staff devices,” Fu Cong said.

“As its economy is struggling to recover, it is in the EU’s interest to act on its words, respecting the principles of market economy & fair competition, so as to strengthen global confidence in the EU business environment, rather than the opposite.”

Dozens of Western apps and websites, including Twitter, where Fu Cong wrote his message, have long been blocked in mainland China under the country’s stringent policy of Internet censorship.