Following the UK government and parliamentary bans enacted on video-sharing social media platform TikTok – citing data privacy concerns given TikTok’s Chinese origins – the French government has also moved to impose restrictions.
However, the French ban differs from that enacted in the UK in one crucial aspect – the ban additionally applies to any apps defined by Paris as “recreational”, meaning it also applies to the likes of Facebook, Instagram or Twitter.
“Recreational applications do not have sufficient levels of cyber security and data protection to be deployed on government equipment,” the French government said in a statement.
“These applications can therefore constitute a risk to the protection of the data of these administrations and their public officials. This prohibition applies immediately and uniformly. Exemptions may be granted on an exceptional basis for professional needs such as the institutional communication of an administration.”
The French government’s Interministerial Digital Department (DINUM) will oversee the implementation of the ban, working alongside France’s National Agency for Information Systems Security (ANSSI), the equivalent body to the UK’s National Cyber Security Centre (NCSC).
“It is very likely that we will start to see organisations and government departments limit TikTok and other social media use on devices,” said Jake Moore, global cyber security advisor at ESET. “Data privacy has always remained a sensitive issue but now more people are starting to become aware of the intrusive nature of these apps.
“Devices owned by organisations should ideally have a mobile device management policy to limit the amount of apps downloaded on them to limit the risk of any data being taken. Most apps, and especially free ones, suck up huge amounts of data to analyse the use of the app. However, if there is any risk that this data is being shared with a third party, the app should not be downloaded to the device or used on organisational networks.”
US grilling
Meanwhile, at a hearing in Washington DC last week, TikTok CEO Shou Chew was grilled by US lawmakers over whether or not the Chinese government can access TikTok user data.
Such concerns sit at the heart of the wave of bans currently being imposed by Western countries, and they were also highlighted during previous attempts to crack down on TikTok under the Trump administration.
Chew highlighted an ongoing effort within TikTok to safeguard US user data through a partnership with Oracle that was first tabled in late 2020, but the politicians present were not convinced, and it is likely that Washington will now introduce legislation to either ban TikTok outright, or force its parent, ByteDance, to sell up.
Ross Brewer, chief revenue officer at SimSpace, a cyber range platform operator, said TikTok’s fate now hung in the balance
“The move by numerous governments around the world to ban Tiktok on government devices is an acknowledgment of the high volume of intelligence currently being accessed by foreign agents and criminal gangs. Allowing access to … data down to biometrics such as facial recognition will inevitably pose dangerous risks, not only to the individual but more worryingly to national security,” he said.
Brewer added that even without the threat of Chinese espionage, people need to better understand how their use of technology can put their own security, and the security of their family, friends and employes, at risk.
“If you are using an app for free, this generally means the app provider is using you. You need to ask yourself ‘why?’ [And] with cyber crime becoming the number one issue for enterprises, boards, executives and regulators paying more attention to these issues and investing accordingly should be at the top of their agenda.”