Shou Chew, C.E.O. of the social media app TikTok, testified before the U.S. House Committee on Energy and Commerce "about China’s ties to TikTok, data privacy and the app’s effects on children."
Ignoring significant actual damage caused by US-based social media companies, the hearing and the questioning had the same quality as discussions about dropping the bomb on Hiroshima: you can justify the action, but you can also question the choice of target.
Recall that "personal data belonging to millions of Facebook users was collected without their consent by British consulting firm Cambridge Analytica, predominantly to be used for political advertising. Facebook apologized for their role in the data harvesting, their CEO Mark Zuckerberg testified in front of Congress, and, in July 2019, the firm was fined $5 billion by the Federal Trade Commission due to its privacy violations."
The problems are recurring and wide spread: "NSA documents from June 2013 included Google on the list of companies that cooperate with the NSA's PRISM surveillance program, which authorizes the government to secretly access data of non-US citizens hosted by American companies without a warrant."
Further, we know that "the Russian government interfered in the 2016 U.S. presidential election with the goals of harming the campaign of Hillary Clinton, boosting the candidacy of Donald Trump, and increasing political and social discord in the United States." (Looks like they succeeded.)
The problem is internet technology itself.
TCP/IP, Transmission Control Protocol/Internet Protocol, is the set of communication protocols used to connect devices on the internet. It was never meant to be private. In simplistic terms, to communicate across an internet-based network specific software must be downloaded and run on each computer or device. Most security features and privacy checks take place after this software has run.
By then, it's too late to insure 100% security or privacy.
According to one source, "TikTok has proposed putting all U.S. user data into domestic servers owned and operated by Oracle, the American software giant." The problem here is with a demonstrable lack of ethics, scruples and principles (see the Google example above). If someone offers enough money, these corporations will figure out a way to sell the data, without hesitation, to anyone, including the Chinese Government.
A better approach might be to have a trusted non-partisan and non-profit entity be responsible for both US user data and for evaluating TikTok algorithms evaluation.
The only entity qualified to do so is ICANN, the Internet Corporation for Assigned Names and Numbers, "an American multistakeholder group and nonprofit organization responsible for coordinating the maintenance and procedures of several databases related to the namespaces and numerical spaces of the Internet, ensuring the network's stable and secure operation."
Even this proposed solution is a second-best approach.