The FCC accused TikTok of having "sheep's clothing," accusing the Chinese-owned firm of harvesting troves of sensitive user data.
A top official at the US communications regulator is urging Apple and Google to kick TikTok out of their app stores over data security concerns related to the Chinese-owned company.
Brendan Carr, a Republican member of the Federal Communications Commission (FCC), has written a letter to the chief executives of both companies saying that the wildly popular video-sharing app has collected vast troves of sensitive data about US users that could be accessed by staff at ByteDance, TikTok's Chinese parent.
Carr tweeted details of the letter, dated June 24 and sent on FCC letterhead.
"TikTok is not just another video app. That's the sheep's clothing," Carr said on Twitter. "It harvests swaths of sensitive data that new reports show are being accessed in Beijing".
Carr said this made TikTok non-compliant with Apple's and Google's app store policies, and he asked the companies to either remove it from their app stores by July 8 or explain to him why they did not plan to do so.
A TikTok spokeswoman said the company's engineers in locations outside of the United States, including China, can be granted access to US user data "on an as-needed basis" and under "strict controls."
Google declined to comment on Carr's letter, while Apple did not immediately respond to a request for comment.
TikTok has in recent years been under regulatory scrutiny over its collection of US personal data.
The Committee on Foreign Investment in the United States (CFIUS), which reviews deals by foreign acquirers for potential national security risks, ordered ByteDance in 2020 to divest TikTok because of fears that US user data could be passed on to China's communist government.
Former US president Donald Trump repeatedly lashed out at the company and even tried to ban TikTok via executive order, but the move faced a series of legal challenges and was ultimately revoked by his successor Joe Biden.
Carr’s letter cited a recent BuzzFeed News report, according to which recordings of TikTok employee statements showed engineers in mainland China had repeatedly accessed non-public data on US users.
"It is clear that TikTok poses an unacceptable national security risk due to its extensive data harvesting being combined with Beijing's apparently unchecked access to that sensitive data," Carr's letter read.
TikTok announced earlier this month that it plans "to delete US users' private data from our own data centres and fully pivot to Oracle cloud servers located in the US".
"What we're seeing here from Commissioner Carr is a suggestion that at least some parts of the US government don't think that this is enough," Richard Sofield, a national security partner at law firm Vinson & Elkins LLP, said of TikTok's partnership with Oracle.
Carr's request is unusual given that the FCC does not have clear jurisdiction over the content of app stores.
The FCC usually regulates the national security space through its authority to grant certain communications licenses to companies.