I think there could be some reasonable guardrails. For one, its servers could be fully hosted in the US (if it's not already the case today), and it could be subjugated to US laws and regulations that require user information be protected. Its data infrastructure and code could be audited and if found breaching such laws it could be punished accordingly.
On a side note, neither Google or Facebook could comply with the Chinese law that require their servers to be hosted inside China. But I'm not saying that justifies TikTok's business in the US either.
> and it could be subjugated to US laws and regulations that require user information be protected
Do laws exist that prevent US companies from providing data to foreign law enforcement in the other countries where they operate? Because from my limited experience with Chinese passport holders, if the Ministry of State Security asks you to do something, you do it. Unless they're planning to remove admin access from every TikTok employee with a Chinese passport it doesn't really matter where the data is hosted.
This is a good question. I assume that any company with operations in a foreign country is going to cooperate with local laws. I suppose you could limit data requests to domestic users only, but I have no idea if that would fly.
Isn't that the onus of the US government and congress? Regardless, since TikTok is considered a potential national security risk, I'm sure plenty of existing laws would cover it if not others already.
On a side note, neither Google or Facebook could comply with the Chinese law that require their servers to be hosted inside China. But I'm not saying that justifies TikTok's business in the US either.