WeChat Executive Order is Not About National Security

August 10, 2020

On August 6th, 2020, Donald Trump signed an Executive Order prohibiting any transaction related to WeChat within the United States after September 15th, 2020. It was claimed to be in the name of “National Security”, however it feels more like a targetted attack to reduce day-to-day communication between the US and China.

This is a follow on from the Executive Order targeted at TikTok. There are similiarities here, but there are some key differences between the two. I will not be digging in to National Security concerns specific to TikTok, however they may be mentioned passively in comparison to WeChat.

This posed was updated to correct links to the Executive Orders after the Trump Administration Executive Orders were archived.

China bans US companies. Why can’t we ban Chinese companies?

Based on my understanding, China does not explicitly ban US companies from doing business in China. Just like the US, China has a set of rules that must be followed for any company to do business, and most US companies do not want to abide by those rules. Whether or not these rules are “fair” is out of the scope of this discussion, but these rules are applied to both foreign and domestic companies.

The US is instituting different rules explicitly for “Chinese” companies* and claiming “National Security”. This is a protectionist practice that the US has condemed against others in the past. By claiming “national security”, against a single group, it seems like this is trying to be side-stepped.

If large-scale data collection is an issue of “national security”, these rules should apply to any company, or at minimum, any company outside of the US. If the claim is that “a threat that has this much data about US citizens could manipulate elections and interfere in our country”, then this is also a threat for domestic companies. If we assume that data gathered by WeChat is a risk, then Facebook, Google, Twitter, and the like have the same ability. If this level of data collection is un-safe, it is un-safe for everyone.

But Chinese companies can’t be trusted because of the CCP

Okay, sure. Let us assume that the CCP, and any company with a relationship there, can not be trusted.

This Executive Order does not apply to companies that have a relationship with the CCP. It is applied to, literally, only a single “company”. At a domestic level, this is more akin to the US government saying that Facebook can collect your private information, but Google can’t.

Further, this order applies only to WeChat, and not the rest of Tencent. If Tencent is going to be a national security risk, it needs to be a national security risk entirely. That means that other Tencent holdings (incuding Reddit, Riot Games, Clash of Clans (Supercell), Fortnite (Epic Games), and others), should also be banned. Instead, the only Tencent application being banned for “National Security” is the one that is primarily used by Chinese-Americans. The only one that gives a signal of “Trump is fighting back against ‘China’”.

But Chinese Apps can track locations, and that is why other apps aren’t affected!

This is a follow-on of the main claim against TikTok. WeChat on the other hand is not installed on as many phones as TikTok is; it is primarily used by those of Chinese decent, those with family within China, and those doing business with China. It’s a messenger app, that lets people communicate into China. Banning WeChat (specifically) is more an assault on people communicating with friends/family, or doing business with China, rather than the “National Security”.

At least we’ll stop the Chinese from getting this data!

No. No you won’t. This is why, if the collection and aggregation of this level of personal information is a National Security risk, then it needs to addressed across the board. There is no shortage of open and exposed databases on the internet with personal information collected by incompetent American companies. If the argument is being made that the CCP has the resources to create a viral application explicitly to collect data about US citizens as a national security risk, they most definitely have the resources to collect and correlate already-existing data.