Washington, D.C. – On January 17, 2025, the U.S. Supreme Court issued a decision upholding the Protecting Americans from Foreign Adversary Controlled Applications Act. The law requires that Chinese company ByteDance—which owns TikTok—cease operations in the U.S. unless it sells the platform to a new owner before the law’s short deadline.
While Congress passed the law based on perceived threats to national security based on TikTok’s Chinese ownership, the Supreme Court focused its concern on TikTok’s data practices and its potential utility to the Chinese government as a surveillance apparatus. In a rare moment of insight on today’s mass data-fueled technologies, the Court highlighted the “vast swaths of sensitive data” TikTok collects on U.S. users to justify upholding the Act, while sidestepping the thorny First Amendment issues posed by the law. In a concurring opinion, Justice Gorsuch noted how TikTok mines the data of TikTok users and “millions of others who do not consent to share their information” by accessing “any data” stored in users’ contact lists.
But TikTok’s data mining practices are not unique. They reflect a commonplace, industry-wide approach to ingesting consumer data at scale, harming millions of individuals whose data is swept up in corporate tech products without an opportunity to meaningfully consent to or challenge this business choice. While one could count on one hand how many Supreme Court decisions recognize widespread, exploitative data practices, both by tech companies and government actors, this recent decision joins that very short list.
Tech Justice Law Project lauds the Supreme Court’s focus on TikTok’s harmful data practices and encourages the uniform application of data privacy concerns to the tech companies as a whole—whether foreign or domestic. TJLP has followed this case closely and continues to work on similar issues at the intersection of data privacy, the First Amendment, and tech company accountability.
Read the Court’s decision in TikTok Inc. v. Garland here.