TikTok or Tik-Not? Privacy is the Question


There is no denying that the digital revolution has changed our lives. From staying connected with loved ones around the world to accessing the latest news, from watching funny memes to making a living on the internet, the online world offers an unprecedented wealth of opportunities. However, this convenience often comes with a hidden cost: our privacy.

From location tracking to browsing habits, from contact lists to camera and microphone permissions, this private data can paint a complex picture of our lives, while also raising concerns about potential abuse, targeted advertising, information leakage, and even national security risks. Yet despite these anxieties, many of us continue to readily share personal information and engage with these platforms. 

Do we truly value our online privacy, or do we prioritize convenience at its expense? This seemingly contradictory behavior is aptly captured by the concept of the privacy paradox.

This blog post explores the privacy paradox in the conflict between negative and positive rights for digital users surrounding the potential ban of TikTok in the United States. Further, we examine the limitations of current digital regulation and advocate for the development of comprehensive frameworks.

llustration by Nick Barclay on The Verge

The TikTok Controversy

Picture yourself as an everyday American TikTok user. On March 6, 2024, like any other day, you were relaxing on your couch, scrolling through TikTok on your phone for entertainment. Suddenly, an in-app pop-up message appeared on your screen. The push notification warned that Congress was “planning a total ban of TikTok,” arguing that this action “strips 170 million Americans of their Constitutional right to free expression.” Simultaneously, approximately 170 million American TikTok users, including yourself, received the same notification. The alert even included instructions for users to locate their representatives and call their offices.

llustration by Nick Barclay on The Verge

Following this, various offices of the House of Representatives were inundated with hundreds of calls from TikTok users. At times, they were receiving over 20 calls per minute, leading some offices to temporarily close their lines (Lima-Strong & Harwell, 2024).

Critics of the bill, including TikTok itself, see the situation as an overreach of government power and an excessive exercise of authority that infringes on free speech. They believe the bill will prevent millions of Americans from using the digital platform for creative expression, entertainment and community building.

Nonetheless, advocates for the ban point to serious national security risks. They are concerned that TikTok’s parent company, ByteDance, potentially influenced by the Chinese government, could access and exploit sensitive user data. Although TikTok has strongly denied the accusations, claiming that international investors hold a majority stake in ByteDance and the Chinese government has no influence over its operations.

The resistance from TikTok users, despite ongoing privacy and security concerns, vividly illustrates the privacy paradox in action. Users themselves end up becoming their own privacy data leakers, prioritizing other benefits provided by the platform and potentially overlooking the long-term risks associated with widespread data collection practices.

The Battle of Digital Rights: Negative vs. Positive

The concept of privacy as a fundamental human right is widely acknowledged, although its practical application is often influenced by conflicting rights, obligations, and societal norms (Flew, 2021, p. 101).  One approach to understanding the digital rights debate is through the differentiation between negative rights and positive rights. Negative rights protect individuals from unjustified interference, while positive rights require governments to provide basic necessities.  This distinction offers insight into the foundational principles driving discussions surrounding digital rights (Tumber & Waisbord, 2017, p. 97). In the case of TikTok, the privacy paradox is laid bare in the conflict between users’ negative and positive rights. 

On the one hand, the U.S. Congress claims that its proposed regulation, which either requires TikTok to completely separate its operations from its parent company ByteDance or faces a full ban in the United States, is aimed at safeguarding U.S. national data security and protecting the personal privacy of American citizens. By seeking to prevent potential interference from a foreign-owned company and limiting extensive data collection, the government aims to uphold negative rights: individual freedoms from undue surveillance or misuse of personal information.

On the other hand, opponents of this bill view it as an infringement on their positive rights.  Users who passionately call Congress members argue that banning the app would deny them a platform for freedom of expression, artistic creativity, and entertainment. As Tumber and Waisbord (2017, p. 99) point out, “In terms of freedom of expression, the positive rights approach thus emphasizes the structural preconditions for citizens’ equal and effective use of public speech.” In their view, the government’s actions threaten their right to access information, engage in self-expression, and build online communities, which are essential aspects of participation in the digital world. 

“Although people say they care very much about privacy, they behave as if they did not.”

(Francis and Francis, 2017, p. 46)

This clash highlights the core of the privacy paradox: individuals, even when aware of the potential risks to their privacy, prioritize other gratification and benefits derived from the platform. Concerns about data collection and potential misuse, while acknowledged, fade in comparison to the powerful draw of connection, entertainment, and creative expression TikTok offers.  The TikTok case shows that balancing privacy security and convenience is an important issue and challenge in protecting digital rights.

By the way, it’s also worth noting that the line between negative and positive rights can sometimes blur. For example, the widespread collection of data, regardless of whether it’s directly exploited by foreign governments, poses a threat to individual privacy, thereby undermining the spirit of negative rights. Conversely, restricting platforms such as TikTok could be seen as limiting opportunities for individual expression and participation, impeding positive rights.

This complex interplay highlights the need for comprehensive and nuanced digital regulation and governance. These policies must not only address privacy and security concerns, but also actively promote an environment in which users can exercise digital freedoms and have a critical awareness of the trade-offs involved.

The Privacy Gap: Where Current Digital Policies Fall Short

The TikTok controversy exposed a limitation of current digital policies, which focus mainly on ensuring that platforms comply with regulations and international agreements, while ignoring users’ digital rights in international data transfers. While regulations like the EU’s General Data Protection Regulation (GDPR) set high standards for data privacy, their main focus remains on ensuring that third countries provide an “adequate” level of protection. While this compliance-focused approach is necessary, users have insufficient understanding of how their data is transferred across national borders and are unable to effectively control this process, limiting their rights and autonomy.

Illustration by Mira Norian on Investopedia

GDPR’s Recital 102 acknowledges the role of international agreements in regulating data transfers, ensuring these agreements must uphold the EU’s commitment to an “appropriate level of protection”(GDPR, 2018) of individuals’ fundamental rights. However, for the average user, these agreements operate at a high level, translating into vague terms and conditions that do little to illuminate where their data may be stored, processed, or potentially accessed by foreign entities. The TikTok case underscores this tension, raising concerns about the accessibility of data to the Chinese government through its parent company, even if existing data transfer agreements are technically in place. This highlights a disconnect between the legal mechanisms designed to protect user data and the realities of modern platforms that collect and transfer vast quantities of information globally. 

Even within the GDPR framework, the emphasis on compliance by platforms can overshadow true user empowerment. While regulations create a set of rules, users often struggle to understand these complex legal frameworks. Additionally, platforms can utilize their resources to navigate these regulations, potentially finding ways to minimize risk without always prioritizing user transparency. This creates an imbalance where individuals are left to trust the platform’s good intentions without the ability to fully track where their information goes. As Marwick & Boyd (2018) astutely observe,

“We live in a data-by-circumstance world, and so we simply hold our breath, hoping that the companies we trust with our data will not undermine us.”

 (Marwick & Boyd, 2018)

Bridging the Gap: Towards Effective Digital Regulation

Although the TikTok controversy, alongside countless other examples, exposes the limitations of current digital policies in effectively addressing privacy concerns and the immense power wielded by large technology platforms, Flew (2018) recognizes a turning point: “the days of unregulated or self-regulated digital platforms appear to be coming to an end, at least for the largest platforms.” Increasing scrutiny, fueled by a crisis of trust, underscores the urgent need for a more adaptive policy approach than the reactive pattern that often prevails.

Illustration by Dan Nelson on Unsplash

Flew (2018) advocates for a “form of co-regulatory arrangement, bound up with soft law approaches to enactment and enforcement,” which can provide necessary clarity and protection. Platforms cannot continue to operate as “black boxes” where users lack understanding and control over their data. Co-regulation helps establish standardized privacy settings so users can clearly understand and make informed decisions about the collection and flow of their data. 

Even under co-regulation, digital platforms and their user communities may still be skeptical of government regulation of online content, which is why “independent third-party oversight is critical (Flew, 2018).”  These institutions must have credibility and teeth to enforce rules and ensure platforms uphold their responsibilities. Co-regulation, alongside independent oversight, could balance platform accountability with protecting free expression. Beyond that, they can be catalysts for promoting a culture of ethical practices and responsible innovation within the tech industry. 

Additionally, the debate about digital governance should not focus solely on platforms. User empowerment is also an important aspect to consider for effective policy in addition to regulating platforms. Initiatives to improve the digital literacy of internet users, as well as clear communication about how platforms operate and utilize user data, are as necessary as legal reforms.


Taken together, the TikTok controversy is a microcosm of the broader digital rights debate, illustrating the intricate balance between individual freedoms, privacy concerns and multifaceted regulation in the digital age. As we navigate this landscape, we need to recognize the privacy paradox of the stark discrepancy between users’ expressed concerns about privacy and their actual behavior online. The conflict between negative and positive rights highlights the complexity of regulating the collection and use of user privacy data by online platforms while protecting user autonomy and rights of expression. These existing issues illustrate the need for comprehensive digital policies that not only protect privacy and security, but also empower users with transparency, control, and digital literacy.

When it comes to effective digital governance, a multi-pronged approach is needed. Co-regulation and independent oversight can establish standards for privacy protection, fair competition and accountability in the digital ecosystem. At the same time, it needs to be accompanied by improved digital literacy, enhanced user understanding and other initiatives. As Flew (2018) mentioned, “the risks associated with misuse of platforms are potentially highly significant given their pervasiveness.” There is a long road ahead to a future that can cope with the complexities of the digital world and ensure that the digital rights of all people are upheld and respected.


    Be the first to comment

    Leave a Reply