Social media has become an indispensable part of people’s work and life, and the interactive space it creates brings much convenience to people’s life and work. However, the network also brings a series of problems. Among them, the security issues caused by social media privacy leakage that users worry about are still full of challenges in the governance process. This article will analyse the definition of transformation of privacy in the digital context and the government measures and challenges adopted by enterprises and governments to maintain user security. It also discusses why the Australian government prohibits using TikTok on government equipment from a privacy and security perspective.
What is privacy?
Privacy generally refers that others should not observe or disturb an individual. Control is an important term in defining privacy, whereby individuals can control who has access to and collects their information (Trepte, 2021). Privacy is about the choice and freedom of individuals to manage their data, and the relationship between individuals and privacy will also change due to the social effects of their life trajectories (Marwick et al., 2018). For example, a person’s identity changes from childhood to adulthood and will be continuously updated in his personal information. Of course, it is difficult to define what aspects of a person’s privacy include. More than 160 countries have shown the definition of privacy in their constitutions. However, because each country’s cultural background differs, privacy’s purpose is also other (Masse, 2018).
Social media & privacy
In the era of social media, users’ personal information is recorded, used, and processed in large quantities, which risks users’ privacy. The relationship between a user’s digital identity and privacy is ambiguous. It is beneficial to the Internet platform’s management of users and improving platform security. However, improper data management will damage the interests of users (Strauß, 2019, p.15-27). The possibility of a privacy data leakage caused by social media has been one of the most significant concerns, and privacy issues have arisen on almost all platforms (Flew, 2021, p. 72-75). Some studies have even shown that users’ low willingness to disclose privacy will reduce the content output of social media and the commercial value of the platform (Zhu et al., 2022). Therefore, it is urgent to strengthen Internet users’ privacy and data protection.
The governance of the Internet is a complex task. People’s discussion of privacy is often related to digital technology. However, privacy relates to many aspects, such as social environment, status background, and national policy (Solum, 2009, p.87; Marwick et al., 2018). Almost every platform has its terms for managing privacy, and they also set unique regulatory models in different regions. Many countries also have privacy laws to protect users’ rights. For example, Australia’s Privacy Act clearly states that privacy is a fundamental human right. The Privacy Act also requires how organizations and institutions should handle user information. All countries are accelerating the improvement of network attack and defence capabilities from the policy and technology perspective. The defence system is becoming increasingly mature.
Although enterprises and governments are making progress in taking corresponding measures to address security issues caused by privacy leaks, privacy security governance still faces challenges. Firstly, governments and businesses need more accountability and transparency in data management (Productivity Commission, 2017). Both businesses and governments depend on the will of the users. However, most media users do not understand how their data is mined and analysed (Mahmoodi et al., 2018). The government needs to strengthen the accountability system to promote the responsibility of data protection to build a better network environment. In addition, the processing and protection of personal data by the government and enterprises require the cooperation and support of users (Productivity Commission, 2017). However, because everyone attaches different importance to privacy, it brings specific difficulties to the governance of countries and enterprises. Those who feel they have little privacy neglect to protect their privacy (Acquisti et al., 2013, p.252). Some users even disclose their personal information in exchange for online services and products (Mahmoodi et al., 2018). The uncontrollable behaviour of users brings challenges to governance.
Besides, managing cybersecurity has been a challenge in international negotiations. Internet space is a public domain without borders, generally open to all. In addition to the need for companies and countries to pay attention to privacy protection, private data also requires the cooperation and management of various countries. The international community has reached a consensus on privacy regulation in cyberspace. It shows that although the Internet exists as virtual data, information security is related to national security and civil rights (Li & Yang, 2021). Internet governance requires a set of policies suitable for global network management (Weber, 2009). This set of guidelines needs to be ideal for the use of data in different countries while protecting the rights of each country. However, international negotiations have become complicated due to the differences in each country’s economic and national conditions.
On April 4, 2023, Australia announced a ban on using TikTok on government devices due to security concerns (Shoebridge, 2023). Before this news, the other four countries of the Five Eyes, including the United States, Canada, the United Kingdom, and New Zealand, also banned TikTok on government equipment. France, Belgium, and the European Commission have also taken similar action. These countries are concerned that the Chinese government could use TikTok’s parent company, Byte Dance, to harvest user data to advance a political agenda at the expense of other countries’ security interests. Because Byte Dance is in Beijing and managed by the Chinese government. Although there is no evidence that TikTok will hand over user data to the Chinese government, TikTok also firmly opposes the company posing any risk to national security. However, the Australian government still insists on taking this action. In addition to the political issues between countries, this case concerns network security issues and the challenges governments currently face in network security management. This section will analyse why Australia prohibits using TikTok on government devices from a privacy and security perspective. It will also discuss the disadvantages of this policy.
Firstly, with the rise of TikTok, many government workers may be loyal users of TikTok. However, they may expose private information in the process of using it. TikTok is a short video app that has been the most downloaded app from 2019 to 2022, and its revenue will also rank first in 2022. Global downloads reached 4 billion in the fourth quarter of 2022 (Curry, 2023). From these data, the short video interactive platform created by TikTok has become a new global cultural phenomenon (Abidin et al., 2023, p.3). Many applications, including TikTok, collect user information such as location, activities, and usage. Most users have acquiesced that their data can be collected (Zulkifli et al., 2022). Zulkifli et al. (2022) also show that TikTok recorded information about users through third-party trackers, which may be used to optimize advertisements. However, there is a risk of privacy leakage. Although TikTok didn’t have privacy leaks case in recent years, its opacity of data processing may be one of the reasons why the Australian government made this decision.
Moreover, users may unintentionally expose their privacy on TikTok. People’s interactions on social media may pose a risk of information leakage (Zhu et al., 2022). TikTok encourages people to share meaningful moments in their lives on the platform. Many users will share specific details of their lives on the media, including some private information such as salary and working environment (Trifiro, 2022, p.2- 4). Even people superficially concerned about their privacy may reveal it to strangers during network interaction (Acquisti et al., 2013, p.250-251). To be more active in the interactive space, users will still choose to disclose their personal information even if they know the risks of privacy (Zhu et al., 2022). When government workers use TikTok excessively to record their work and life, they may display work content intentionally or unintentionally. Furthermore, when someone deliberately collects such information, it may affect national security.
Thirdly, the cyberspace created by TikTok records all user information. The Australian government worries that this software will become a massive database in China. Cyberspace has become the fifth national territory. Other four territories include land, sea, sky, and space (Li & Yang, 2021). If a country obtains people’s personal information from other countries, it will destroy their data privacy. Therefore, before there is a policy that can uniformly manage global Internet information, each country carefully monitors the situation of its national data and formulates some policies to reduce risks. TikTok’s parent company, Byte Dance, is based in Beijing and is managed by the Chinese government. China has its own separate privacy law and corporate governance law. Although TikTok’s database is managed by its own company, the Australian government still not trust TikTok due to different national conditions and politics. The effect of prohibiting government equipment from using TikTok is to directly cut off the connection between government equipment and the TikTok database, which can effectively prevent information leakage.
Although Australia’s policy has reduced the risk of national privacy leakage to some extent, it has not fundamentally solved the problem. Whether this policy can achieve results depends on whether government staff takes this incident seriously. Whether or not the proposed plan can achieve results still relies on people’s importance to privacy (Acquisti et al., 2013, p.250-251). Australia has banned using TikTok on government devices, but public servants can still use the software in their private spaces. The application will still record personal information when they use this TikTok in an intimate space. Therefore, implementing this policy only partially reduces the risk of privacy leakage. In addition, the Australian government only banned TikTok cannot solve the data protection problem, and other applications are still recording similar data. Analysis of the privacy cases that have emerged in recent years cannot be proved that other applications can fully implement data protection. In addition to the data management loopholes in enterprises, data will still be leaked once network hackers attack other applications. Hacking has become a potential tool for terrorist organizations to collect data on purpose (Furnell et al., 1999). Suppose countries and enterprises want to reduce the risk of data leakage. In that case, they must also strengthen the network system to resist hacker attacks (Maochao et al., 2018).
This policy may be the best measure policymakers take now, and it also effectively reduces the risk of data leakage. However, suppose government wants to solve the problem. In that case, the best way is to unite all countries’ governments to develop a plan suitable for global Internet management.
In conclusion, network security governance is an integral part of the network development process, which needs to be completed jointly by enterprises and countries. This article summarizes some key concepts about privacy and security in the digital context as well as current policies and challenges of network governance. In addition, it analyses a typical recent case on cybersecurity issues: the Australian government bans government equipment from using TikTok. From this case, each country attaches great importance to its national database and is actively taking some measures to prevent irreversible losses caused by attacks. The data security and personal information protection system will continue to develop to safeguard the rights and interests of netizens better. The defence systems of Internet companies and governments will also become more and more mature. Of course, network security issues require multi-faceted cooperation. In addition to the policies and user rules described in the article, how to protect privacy while using the Internet is also an essential part of education. With the development of globalization and the characteristics of the Internet, the formulation of cross-border data rules will continue to be promoted. It is also the focus of attention of various countries. Because the national conditions of each country are different, it still takes some time to negotiate.
Abidin, C., Lee, J., & Kaye, D. B. V. (2023). Introduction to the Media International Australia special issue on “TikTok cultures in the Asia Pacific.” Media International Australia Incorporating Culture & Policy, 186(1), 3–10. https://doi.org/10.1177/1329878X221130126
Acquisti, A., John, L. K., & Loewenstein, G. (2013). What Is Privacy Worth? The Journal of Legal Studies, 42(2), 249–274. https://doi.org/10.1086/671754
CURRY, D. (2023, February 21). TikTok App Report 2022. Business of Apps. https://www.businessofapps.com/data/tiktok-report/?utm_source=tiktok&utm_medium=click&utm_campaign=featured-data-ad
Flew, T. (2021). Regulating platforms. Polity Press.
Furnell, S. M., & Warren, M. J. (1999). Computer hacking and cyber terrorism: the real threats in the new millennium? Computers & Security, 18(1), 28–34. https://doi.org/10.1016/S0167-4048(99)80006-6
Li, H., & Yang, X. (2021). Sovereignty and Network Sovereignty. Co-Governed Sovereignty Network, 1–28. https://doi.org/10.1007/978-981-16-2670-8_1
Mahmoodi, J., Čurdová, J., Henking, C., Kunz, M., Matić, K., Mohr, P., & Vovko, M. (2018). Internet Users’ Valuation of Enhanced Data Protection on Social Media: Which Aspects of Privacy Are Worth the Most? Frontiers in Psychology, 9, 1516–1516. https://doi.org/10.3389/fpsyg.2018.01516
Mannheim, M., & Roberts, G. (2023, April 6). Can public servants still use TikTok on their own phones? ABC News. https://www.abc.net.au/news/2023-04-06/can-public-servants-use-tiktok-on-their-own-phones/102189702
Maochao, X,, Schweitzer, K. M., Bateman, R. M., & Shouhuai Xu. (2018). Modeling and Predicting Cyber Hacking Breaches. IEEE Transactions on Information Forensics and Security, 13(11), 2856–2871. https://doi.org/10.1109/TIFS.2018.2834227
Marwick, AE & Boyd, D. (2018). ‘Understanding Privacy at the Margins: Introduction’, International Journal of Communication (Online), p. 1157–.
Masse, E. (2018, November). Creating a data protection framework: A Do’s and Don’ts guide for lawmakers. Assessnow; Assessnow. https://www.accessnow.org/wp-content/uploads/2019/11/Data-Protection-Guide-for-Lawmakers-Access-Now.pdf
Massé, E. (2022, January 28). Data protection laws around the world: Adopt, protect, secure. Access Now. https://www.accessnow.org/data-protection-laws-in-2022/
Nissenbaum, H. (2018). Respecting Context to Protect Privacy: Why Meaning Matters. Science and Engineering Ethics, 24(3), 831–852. https://doi.org/10.1007/s11948-015-9674-9
Productivity Commission. (2017, May 8). Data Availability and Use: Final Report. Australia Government. https://www.pc.gov.au/inquiries/completed/data-access/report
Trepte, S. (2021). The Social Media Privacy Model: Privacy and Communication in the Light of Social Media Affordances. Communication Theory, 31(4), 549–570. https://doi.org/10.1093/ct/qtz035
Trifiro, B. M. (2022). Breaking Your Boundaries: How TikTok Use Impacts Privacy Concerns Among Influencers. Mass Communication & Society, ahead-of-print(ahead-of-print), 1–24. https://doi.org/10.1080/15205436.2022.2149414
Shoebridge, D. (2023, April 4). Australia has banned TikTok on government devices. ABC Radio National. https://www.abc.net.au/radionational/programs/drive/australia-has-banned-tiktok-on-government-devices-/102187012
Solum, L. (2009). Models of Internet governance. Internet Governance, 48–91. https://doi.org/10.1093/acprof:oso/9780199561131.003.0003
Strauß, S. (2019). A systemic perspective on privacy and identification. In Privacy and Identity in a Networked Society (1st ed., Vol. 1, pp. 15–29). Routledge. https://doi.org/10.4324/9780429451355-2
Weber, R. H. (2009). Introduction. Shaping Internet Governance: Regulatory Challenges, 1–23. https://doi.org/10.1007/978-3-642-04620-9_1
Zhu, X., Cao, Q., & Liu, C. (2022). Mechanism of Platform Interaction on Social Media Users’ Intention to Disclose Privacy: A Case Study of TikTok APP. Information (Basel), 13(10), 461–. https://doi.org/10.3390/info13100461
Zulkifli, A., Ahmad, N., & Chauhan, P. (2022). TikTok in 2022: Revisiting Data and Privacy. Computer (Long Beach, Calif.), 55(6), 77–80. https://doi.org/10.1109/MC.2022.3164226