Oracle’s TikTok deal accomplishes nothing
Adding a ‘trusted tech partner’ only addresses a sliver of the national security concerns
by Russell BrandomOn Sunday night — just two days before the deadline set by Microsoft — the TikTok deal finally came through. Oracle will be taking over stewardship of TikTok’s US operations, after Chinese parent company ByteDance turned down a more ambitious bid from Microsoft. This morning, Treasury Secretary Steven Mnuchin confirmed the deal and said it would be presented to President Trump with a recommendation later this week. But barring a complete catastrophe, TikTok will keep operating in the US. However weird the details are, TikTok’s 1,400 US employees and tens of millions of US users are breathing a sigh of relief this morning.
But the last-minute sale is strange in a number of ways — for a start, it’s not a sale at all. After months of insistence that TikTok sever its US operations from Chinese ownership, we’re now settling for a vague partnership between Oracle and the US TikTok operation. It’s still unclear exactly what Oracle’s “trusted tech partner” status entails, but it’s definitively not a sale, and it’s unlikely Oracle is taking over any significant operations from the US TikTok offices. Microsoft’s version of the deal would have severed American TikTok from Europe and Asia entirely, but Oracle’s version of the deal leaves it mostly intact. US TikTok will stay the same as Korean TikTok and Nigerian TikTok; it’s just getting an extra babysitter. That makes it less of a sale and more of a glorified hosting deal. It lets Trump say he’s solved the problem but doesn’t do much else.
Microsoft underlined this point in its official statement announcing it had not been chosen. “We would have made significant changes to ensure the service met the highest standards for security, privacy, online safety, and combatting misinformation,” the company said in its statement. “We look forward to seeing how the service evolves in these important areas.”
The implicit message is clear: we wanted to change TikTok to actually make it safe, and ByteDance said no.
There’s no indication that Oracle’s partnership makes those changes, which makes the whole deal seem suspect. “A deal where Oracle takes over hosting without source code and significant operational changes would not address any of the legitimate concerns about TikTok,” former Facebook security chief Alex Stamos said on Twitter, “and the White House accepting such a deal would demonstrate that this exercise was pure grift.”
Having Oracle take over TikTok’s US hosting only addresses a sliver of the problem. It means China can’t directly siphon user data — but it probably couldn’t have before, given the app’s US headquarters. Oracle’s trusted partner status could include some code audits, but as long as the company isn’t writing the code, it will be hard to stop ByteDance from smuggling in some tracking malware if it wants to. Oracle won’t be rewriting the TikTok algorithm or handling moderation, so it will be just as easy for ByteDance to push Chinese propaganda or censor embarrassing messages. Oracle will be a contractor rather than a subsidiary, but it’s not clear that will make them any less vulnerable to pressure or subterfuge. If you were concerned about TikTok before, there’s no obvious reason you should be less concerned now.
The clear winner is Oracle, which will presumably get paid handsomely by TikTok for its trust-partnering services and for making this whole nightmare go away. An infrastructure and cloud software business, Oracle has usually been out-muscled by larger players like Microsoft and Amazon. At the same time, Oracle co-founder and chairman Larry Ellison has been an outspoken Trump supporter within Silicon Valley, hosting a fundraiser for the president at his Palm Springs compound in February, and telling Forbes in April, “I support him and I want him to do well.” Given the president’s track record, it will be hard to dismiss the concern that he’s steered a cushy contract to a political ally instead of taking the national security concerns seriously.
The initial prospect of a US-focused buyout had grown more difficult in the past week after China placed export controls on algorithms like the one that powers TikTok’s For You page. Recent reports suggested ByteDance simply wasn’t interested in a sale and would prefer to have the app shut down than have the US portions cleaved off and sold. It’s hard to know if that was a real position or just a negotiating tactic, but the result is the same: China was calling Trump’s bluff. A different leader might have pushed harder for a full sale or found some compromise that addressed more of the national security concerns — but finding that the drama had turned against him, it seems like Trump simply folded his hand and moved on.
It’s an anticlimactic end, but things could be worse. TikTok faced the real risk of being shut down in the US, which seems unlikely to happen now. The Treasury Department was prepared to block US transactions to ByteDance starting on September 20th (that is, next Sunday). And absent some kind of compromise, TikTok could have easily become collateral damage in Trump’s feud with China. That would have been a gross abuse of power, as I wrote last month, and it’s good we avoided it.
But every time someone calls your bluff and wins, it gets a little harder to play the game. We’re still in the early days of a long fight over Chinese technology — how much we can trust it and how much we can afford not to. That fight is bigger than TikTok or Trump. Because of the TikTok fiasco, it will be harder to take a future president seriously when they raise the alarm about a piece of network hardware or a tracking cookie leaking data back across the great firewall. In this game, America’s strength is its credibility and its ability to influence allies. Both of those have taken a clear hit from the Oracle deal. Trump himself stepped away with only a minor loss — but like so many of his deals, he was playing with someone else’s money.