Three Lessons From the Supreme Court’s TikTok Decision

The Supreme Court just unanimously upheld the constitutionality of the TikTok ban. All three branches of the American government have now put their seal on the idea that TikTok poses a national security threat. Here are three immediate lessons.

Lesson one: The U.S. has given up on internet freedom

For twenty years, the American model of internet governance has been built around the idea of “internet freedom.” As Jack Goldsmith put it, this amorphous idea boils down to two specific commitments: one to commercial non-regulation and another not to censor the internet. Both of these ideas have been under attack in recent years, especially around the world, but the American shuttering of TikTok feels like their death throes.

Many countries have come to reject the ideas of the basic internet freedom agenda, seeing it for what it was: a handout to the American tech industry and intelligence agencies. But now the U.S. government is also endorsing the idea that the internet needs to be tightly regulated and that borders matter. One of the basic planks of former Secretary of State Hillary Clinton’s internet freedom agenda was the idea that “repressive regimes” like China will use the specter of national security threats as “pretext to censor speech.” As the legal scholar Rogier Creemers documents, the Chinese government saw the open internet as a direct threat to the communist regime and so it developed its own conception of cyber sovereignty that “prioritized the role of national governments in securing information flows.”

The banning of TikTok, right or wrong, suggests that every branch of the U.S. government is closer to adopting the Chinese view than vice-versa.

Lesson two: For the rest of the world, Meta, Google, and X are American TikToks

The Court emphasized that the TikTok ban was appropriate not because of anything that TikTok did—in fact, the court did not distinguish TikTok’s behavior from any other social media platform—but rather because of Chinese law. The Court noted: “TikTok Ltd. is subject to Chinese laws that require it to ‘assist or cooperate’ with the Chinese Government's ‘intelligence work’ and to ensure that the Chinese Government has ‘the power to access and control private data’ the company holds.”

The Court could have written a nearly identical sentence about Meta or Google, vis-à-vis American law, like this: “Meta is subject to American law that requires it to assist or cooperate with the American government’s intelligence work and to ensure that the American government has the power to access and control private data the company holds.” 

American firms are subject to American laws—like the Stored Communications Act, especially as modified by the CLOUD Act, and intelligence laws like the Foreign Intelligence Surveillance Act—that give the U.S. government legal means to access customer data, especially foreign customer data, for national security and intelligence purposes.

There is a serious, and still open question about two important aspects of this comparison. How much data does the Chinese government get about foreigners from TikTok as compared to how much data the U.S. government gets about foreigners from American apps through things like the FISA 702 program? And relatedly, how does Chinese law compare to American law when it comes to restrictions in place to protect foreign users? The Court did not address either question.

Foreign countries reading this decision might be inclined to take this precedent to justify their own bans on American technology firms. If TikTok is a danger to the U.S. because it is subject to Chinese law, aren’t American firms a danger to other countries because they are subject to U.S. law? The difference of course comes down to the threat posed by the laws of those countries, and their rule-of-law systems, rather than the difference in the firms. 

Domestically, this raises the question of what is actually a foreign technology firm. Congress, and now the Supreme Court, have repeatedly emphasized that the problem with TikTok is not the data practices, but rather ties to—and ultimately its control by—an adversary nation. But what does that really mean? When Elon Musk bought Twitter, now called X, Saudi Prince Alwaleed bin Talal put up $2 billion of the purchase price; the Qatar Investment Authority put up $375 million. Apple, the biggest company in the world by market capitalization, earns nearly 20 percent of its revenue from “Greater China” (which includes Hong Kong and Taiwan).  Tesla’s revenue from China was nearly a quarter of its overall revenue. This would seem to suggest that Apple, Tesla, and X are extremely susceptible to foreign pressure and control. Should they be banned in the U.S.?

Lesson three: Privacy cases are speech cases, and now… speech cases are privacy cases?

The First Amendment today plays a deregulatory, Lochner-esque role in today’s law and technology debates. I co-authored a law review article that further elaborates on this point. Ever since its very first case involving the internet, Reno v. ACLU, the Court has erected the First Amendment as a massive barrier to internet regulation. The TikTok case opens up a new possibility: that in speech cases, the Court might be willing to sidestep the confounding speech issues by focusing instead on data protection. If the First Amendment is anti-regulatory, then maybe in speech cases data regulation is pro-regulatory. That would indeed be a plot twist.

When the Supreme Court decided Sorrell v. IMS Health, it ruled that a Vermont bill aimed at restricting the disclosure of prescription practices of doctors—a kind of privacy law—violated the First Amendment. It is odd that the TikTok Court did not cite or discuss Sorrell. The TikTok case could easily be framed the other way around: as a speech case, that the Court is viewing through the lens of privacy.

Rep. Mike Gallagher (R-Wisc.), a co-sponsor of the TikTok ban in the House, told the New York Times that the bill was really about the threat of foreign speech. While Gallagher acknowledged the surveillance threat that TikTok posed, he said, “I actually think the greater concern is the propaganda threat.”

Interesting, then, that the Court almost entirely sidestepped that issue by focusing instead on the surveillance threat. The Court said the ban was justified by a “content-neutral justification: preventing China from collecting vast amounts of sensitive data from 170 million U. S. TikTok users.” This was of course one justification, but it was not the only or even the primary justification for the bill. (The Court later asserts that “Congress would have passed the challenged provisions based on the data collection justification alone,” but how the Court is able to run this counterfactual simulation is unclear.)

Justifying a speech ruling on privacy grounds opens up new terrain for constitutional contestation. Just last term, in NetChoice v. Moody, the Court sketched the free speech problems posed by Texas and Florida’s laws aimed at regulating platform content regulation practices. Lawyers for Texas and Florida might read the TikTok case and instead revise their laws with privacy protections in mind. 

* * *

It will take time to digest the TikTok decision. (For immediate next steps, see here.) But at the dawn of a new administration, the case paints a picture of a very new kind of American technology policy. One that cares an awful lot about borders. One where “foreignness” is a legitimate justification for greater scrutiny. And one where government concerns about privacy justify speech restrictions—after decades of speech concerns imperiled nearly every effort at regulating the internet.