Cybersecurity & Tech

Banning TikTok and WeChat: Another Primer

Robert Chesney
Friday, August 7, 2020, 2:35 PM

Because now you really need to explain things to your teenager.

Tencent Headquarters in Shenzhen, China. (Source: Sam Michel, Chinawag,; CC BY-NC-SA 2.0,

Published by The Lawfare Institute
in Cooperation With

On the evening of August 6, President Trump issued a pair of executive orders involving Chinese companies operating in the United States, one targeting TikTok and another targeting WeChat. As any teenager can tell you, some form of action against TikTok has been anticipated for a while. Indeed, I wrote a primer on the potentially-relevant legal frameworks for Lawfare on Sunday, August 2. Consider this a sequel, picking up the story where the primer left off.

1. Previously on Lawfare

Of course, like any good sequel, we should begin with a look-back sequence. In my previous piece, I described two legal frameworks that might be the basis for some form of executive branch action against TikTok.

One of these involved the Committee on Foreign Investment in the United States (CFIUS). CFIUS for months has been conducting a retrospective review of the propriety of the transaction in which the Chinese company ByteDance bought the Chinese company—which it later rebranded as TikTok—a few years before. The committee has statutory authority to block (or impose conditions on) corporate transactions involving the foreign acquisition of “U.S. entities” where the committee determines there is sufficient threat to U.S. national security interests—and the phrase “U.S. entities,” it turns out, is defined so broadly in the statute that it reaches a foreign-owned company with a substantial U.S. business presence. CFIUS, in short, might one day have determined that ByteDance must divest itself of TikTok’s U.S. operations.

Then again, maybe it wouldn’t have reached that conclusion. And even if it had, well, it’s interesting to observe that this would have been a CFIUS determination rather than an action more readily described as the personal intervention of the president. If you are the president, and you want both certainty as to the outcome and full credit for reaching it, the International Emergency Economic Powers Act (IEEPA) framework has more appeal.

IEEPA is an immensely-important statute whereby Congress long ago delegated to the president an extraordinary and sweeping authority: discretion to impose an array of sanctions on foreign entities, such as freezing assets and banning any transactions with (or provision of services to) sanctioned organizations or individuals. All the statute requires is that the president first declare a relevant “national emergency,” and the option of IEEPA sanctions comes online. Sometimes the executive branch acts immediately in such cases, sanctioning specific entities at the same time that it turns IEEPA on via the emergency declaration. Other times, the executive branch activates the prospect of IEEPA sanctions by declaring an emergency, but does not actually sanction anyone at that moment.

The one existing national emergency declaration that seemed potentially on-point for the TikTok scenario, I noted on Sunday, was Executive Order (E.O) 13873. That order emphasized the threat associated with foreign-owned communication and information technology companies and services operating in the United States, in circumstances where the foreign company is subject to the authority of a “foreign adversary.” But I also observed that the operative part of the order—the part specifying a sanction—is curiously narrow. It does not prohibit such companies from operating in the United States, full stop. Rather, it focuses on “transactions” involving such companies. In particular, it requires a CFIUS-like (and thus perhaps duplicative) security review by the secretary of commerce. And it applies this rule only for future transactions—rather than past ones, such as the ByteDance acquisition of

In short, I wrote, E.O. 13873 does provide the requisite national emergency declaration for situations such as TikTok, but the president would need a fresh directive under IEEPA in order to craft a sanction that would address this distinct situation. And indeed, that’s what happened last night.

2. What exactly does the executive order targeting TikTok do?

As expected, the TikTok executive order begins by relying on the existing national emergency declaration from E.O. 13873. It then briefly makes the case that TikTok warrants attention under that framework, because the data the TikTok app collects on U.S. users would be useful to the Chinese Communist Party (CCP) for various intelligence purposes; the CCP censors information on TikTok in problematic ways; and the CCP can exploit TikTok to push disinformation. And then the order turns to the question of what sort of fresh IEEPA sanction should be imposed in light of those concerns.

The answer is pretty harsh, and has two dimensions.

First, the order bans “any transaction” with ByteDance and its subsidiaries. At first blush, the nature of the core sanction here is perfectly clear. Starting in 45 days, no one subject to U.S. jurisdiction may engage in “any transaction” with TikTok’s parent company (ByteDance) or any of ByteDance’s subsidiaries (including but not limited to TikTok), unless one obtains a license to do so.

On closer inspection, though, there’s an interesting wrinkle. After stating the ban in terms of “any transaction,” the order goes on to state that the secretary of commerce at the 45-day mark shall “identify the transactions subject” to the ban. Some might wonder if this is meant to signify that the ban in the end will turn out to be limited to a specific subset of transaction categories, rather than covering “all transactions” as suggested in the language of the ban itself. But I don’t think that’s the right reading. It seems to me that the secretary’s task is to spend time over the next 45 days wrestling with the complex array of arrangements that TikTok has inside the United States—everything from commercial leases and employee contracts to the terms-of-use agreements for the millions of Americans who have downloaded the app and the contracts with app stores offering the app to American audiences—in order to provide clarity regarding what is in-scope for this ban and what is not. This is particularly important given the concerns of millions of American teenagers who still will have this app on their phone in 45 days, and may be wondering if it will then be a crime to use the product at all.

Second, the order also bans efforts to circumvent the primary ban through clever work-arounds. With 45 days before the primary ban takes effect, someone might be tempted to use this time to set up a clever contractual arrangement to circumvent it. That would be pretty risky, though, because the order imposes a separate ban—one that takes effect immediately—on transactions that “evade or avoid” the core ban.

3. What about the WeChat order?

As it became clear over the past week that a sanction against TikTok was coming, many observers pointed out that the massively popular WeChat platform might also be of concern to the U.S. government. The app, which plays a central role in online life for millions of Chinese-language speakers and provides messaging, social media and digital payment functions, is owned by the Chinese firm TenCent—and, some noted, the app probably has access to much more information about its users, not to mention a clearer track record than TikTok of CCP exploitation of that information. To sanction TikTok but not WeChat, from this point of view, would be odd.

Well, so much for that concern. At the same time that the president expanded E.O. 13873 to impose a new type of sanction targeting TikTok, he did the exact same thing to WeChat. The order is nearly identical, so I won’t repeat the particulars. I will single out a critical point, however, and expand on it a bit: whereas the ByteDance order really only matters in the United States with respect to TikTok, the WeChat order has vastly broader implications because the ban applies more generally to the parent company, TenCent, and TenCent has widespread U.S. investments apart from its WeChat operation.

This Reuters article lays things out pretty clearly. Highlights include a five percent stake in Tesla, full ownership of Riot Games (maker of the popular game League of Legends), a minority stake in Activision Blizzard (maker of the game Call of Duty), 12 percent of Snap (the developer of Snapchat), part of Reddit, part of Spotify, some of Universal Music Group and more.

Must TenCent divest? Well, as noted above, the structure of these orders includes an option for the Secretary of Commerce to specify transactions that are not going to be covered after all. Perhaps the Secretary will exempt TenCent across the board as to these other relationships. Or, perhaps not.

4. The WeChat story is much more important than the TikTok story.

Those who have been following the TikTok saga know that it seems likely to resolve, before the 45-day deadline expires, with the sale of TikTok from ByteDance to Microsoft. No one is suggesting, however, that anything of that kind will occur with WeChat.

This is no surprise. TikTok does not operate in China itself (while ByteDance has other operations there, TikTok is, in effect, its external subsidiary for this purpose). And ByteDance is not otherwise significantly connected to the United States. Once Microsoft takes on TikTok, in short, the TikTok executive order will cease to matter much.

WeChat and TenCent are in the reverse situation. TenCent, as noted above, has tremendous investments in the United States, unrelated to WeChat. Suddenly, all of these holdings are at exceedingly-serious risk, no matter what happens with WeChat. In any event, though, there’s no obvious offramp for WeChat the way there is with TikTok. TenCent is not going to sell off WeChat, obviously, but it probably can’t even spin off a U.S.-specific version of WeChat. Even if TenCent were open to this possibility, it’s not obvious there would be much value in a truncated U.S.-specific WeChat such that a U.S. suitor would emerge to buy it.

Robert (Bobby) Chesney is the Dean of the University of Texas School of Law, where he also holds the James A. Baker III Chair in the Rule of Law and World Affairs at UT. He is known internationally for his scholarship relating both to cybersecurity and national security. He is a co-founder of Lawfare, the nation’s leading online source for analysis of national security legal issues, and he co-hosts the popular show The National Security Law Podcast.

Subscribe to Lawfare