[Congressional Bills 118th Congress]
[From the U.S. Government Publishing Office]
[H.R. 4927 Introduced in House (IH)]
<DOC>
118th CONGRESS
1st Session
H. R. 4927
To require ByteDance to divest itself of certain assets, and to require
the Committee on Foreign Investment in the United States to review
certain business relationships between ByteDance and United States
businesses, and for other purposes.
_______________________________________________________________________
IN THE HOUSE OF REPRESENTATIVES
July 26, 2023
Mrs. McClain (for herself, Mr. Babin, Mr. Bergman, Mr. Higgins of
Louisiana, Mr. Baird, Mr. Fallon, Mrs. Miller of Illinois, and Mr.
Norman) introduced the following bill; which was referred to the
Committee on Financial Services, and in addition to the Committees on
Foreign Affairs, and Energy and Commerce, for a period to be
subsequently determined by the Speaker, in each case for consideration
of such provisions as fall within the jurisdiction of the committee
concerned
_______________________________________________________________________
A BILL
To require ByteDance to divest itself of certain assets, and to require
the Committee on Foreign Investment in the United States to review
certain business relationships between ByteDance and United States
businesses, and for other purposes.
Be it enacted by the Senate and House of Representatives of the
United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Anti-CCP Espionage via Social Media
Act of 2023'' or the ``ACES Act of 2023''.
SEC. 2. FINDINGS.
Congress makes the following findings:
(1) TikTok engages in political censorship, including
related to awareness of Uighur Muslim internment camps in
China.
(2) The U.S. government fined TikTok $5.7 million for
illegally collecting children's data.
(3) TikTok's Chinese parent company ByteDance has agreed to
pay $92 million in a settlement to U.S. users who are part of a
class-action lawsuit alleging that the video-sharing app failed
to get their consent to collect data in violation of a strict
Illinois biometric privacy law.
(4) Chinese companies, such as TikTok, have no meaningful
ability to tell the Chinese Communist Party ``no'' if officials
request user data.
(5) The presence of Chinese surveillance in applications
such as TikTok raises U.S. national security concerns.
SEC. 3. STATEMENT OF POLICY.
It is the policy of the United States to secure the information and
communications technology and services supply chain and to counter the
threat posed by mobile applications and software services developed and
owned by foreign adversaries, specifically the People's Republic of
China and the Chinese Communist Party, which continue to threaten the
national security, foreign policy, and economy of the United States.
SEC. 4. CODIFICATION OF THE EXECUTIVE ORDER ADDRESSING THE THREAT POSED
BY TIKTOK.
(a) Executive Order 13942 of August 6, 2020 as in effect as of
January 19, 2021, shall remain in effect and continue to apply.
(b) Notwithstanding section 203(b) of the International Emergency
Economic Powers Act, the President shall have the authority to
implement Executive Order 13942.
SEC. 5. DIVESTMENT OF ASSETS BY BYTEDANCE.
(a) In General.--ByteDance shall divest itself of--
(1) any tangible or intangible assets or property, wherever
located, used to enable or support ByteDance's operation of the
TikTok application in the United States, as determined by
CFIUS; and
(2) any data obtained or derived from TikTok application or
Musical.ly application users in the United States.
(b) Deadline.--
(1) In general.--Subject to paragraph (2), ByteDance shall
complete the divestment of assets required under subsection (a)
before the end of the 90-day period beginning on the date of
enactment of this Act.
(2) Extensions.--CFIUS may provide one or more 30-day
extensions with respect to the deadline described under
paragraph (1), but under no circumstances may such extensions
extend the deadline beyond the end of the 12-month period
beginning on the date of enactment of this Act.
(3) Progress report.--Not later than the end of the 45-day
period beginning on the date of enactment of this Act,
ByteDance shall provide evidence to the President that
ByteDance is in the process of divesting itself of all assets
described under subsection (a).
(c) Certifications and Audits.--
(1) Weekly certification.--Until ByteDance provides the
certification under paragraph (2)(A), ByteDance and TikTok
shall certify to CFIUS on a weekly basis that they are in
compliance with this Act and ByteDance shall include a
description of efforts to make divestment required under this
section and a timeline for projected completion of remaining
actions necessary to complete such divestment.
(2) Data destruction certification and audit.--After the
deadline described under subsection (b)(1)--
(A) ByteDance shall certify in writing to CFIUS
that ByteDance has destroyed all data that ByteDance is
required to divest pursuant to this section, including
all copies of such data wherever located; and
(B) CFIUS may audit ByteDance, on such terms as
CFIUS determines appropriate, in order to ensure that
such destruction of data is complete.
(d) Limitation on Divestments.--
(1) In general.--In carrying out a divestment required
under this section, ByteDance may not complete a sale or
transfer to any third party--
(A) until ByteDance notifies CFIUS in writing of
the intended recipient or buyer; and
(B) unless 10 business days have passed from such
notification and CFIUS has not issued an objection to
ByteDance.
(2) CFIUS considerations.--Among the factors CFIUS may
consider in reviewing a proposed sale or transfer described
under paragraph (1) are--
(A) whether the buyer or transferee--
(i) is a U.S. citizen or is owned by U.S.
citizens;
(ii) has or has had a direct or indirect
contractual, financial, familial, employment,
or other close and continuous relationship with
ByteDance, or its officers, employees, or
shareholders; and
(iii) can demonstrate a willingness and
ability to support compliance with this Act;
and
(B) whether the proposed sale or transfer would
threaten to impair the national security of the United
States or undermine the purpose of this Act, and
whether the sale effectuates, to CFIUS's satisfaction
and in CFIUS's discretion, a complete divestment of all
tangible or intangible assets or property, wherever
located, used to enable or support the operation of the
TikTok application in the United States.
(e) CFIUS Verification Measures.--
(1) In general.--Without limitation on the exercise of
authority by any agency under other provisions of law, and
until such time as the divestment required under this section
is completed and verified to the satisfaction of CFIUS, CFIUS
is authorized to implement measures CFIUS determines necessary
and appropriate to verify compliance with this section and to
ensure that the operations of the TikTok application are
carried out in such a manner as to ensure protection of the
national security interests of the United States. Such measures
may include, on reasonable notice to ByteDance and TikTok Inc.,
employees of the United States Government, as designated by
CFIUS, shall be permitted access, for purposes of verifying
compliance with this section, to all premises and facilities of
ByteDance and TikTok Inc., and any of their respective
subsidiaries, operated in furtherance of the TikTok application
located in the United States--
(A) to inspect and copy any books, ledgers,
accounts, correspondence, memoranda, and other records
and documents in the possession or under the control of
ByteDance or TikTok Inc., or any of their respective
subsidiaries, that concern any matter relating to this
section;
(B) to inspect or audit any information systems,
networks, hardware, software, data, communications, or
property in the possession or under the control of
ByteDance or TikTok Inc., or any of their respective
subsidiaries; and
(C) to interview officers, employees, or agents of
ByteDance or TikTok Inc., or any of their respective
subsidiaries, concerning any matter relating to this
section.
(2) Deadline for verification.--CFIUS shall conclude all
verification procedures described under this subsection within
90 days after the certification of divestment is provided to
CFIUS pursuant to subsection (c)(1).
SEC. 6. PROHIBITED TRANSACTIONS.
(a) In General.--A transaction is prohibited if the transaction is
by any person, or with respect to any property, subject to the
jurisdiction of the United States, with ByteDance Ltd. (a.k.a. Z(`jie'
Tia`odo`ng), Beijing, China, or its subsidiaries, including TikTok
Inc., in which any such company has any interest, involving the
following:
(1) Any provision of services, occurring after the end of
the 45-day period beginning on the date of enactment of this
Act, to distribute or maintain the TikTok mobile application,
constituent code, or application updates through an online
mobile application store, or any online marketplace where
mobile users within the land or maritime borders of the United
States and its territories may download or update applications
for use on their mobile devices.
(2) Any provision of internet hosting services, occurring
after the end of the 45-day period beginning on the date of
enactment of this Act, enabling the functioning or optimization
of the TikTok mobile application within the land and maritime
borders of the United States and its territories.
(3) Any provision of content delivery network services,
occurring after the end of the 45-day period beginning on the
date of enactment of this Act, enabling the functioning or
optimization of the TikTok mobile application within the land
and maritime borders of the United States and its territories.
(4) Any provision of directly contracted or arranged
internet transit or peering services, occurring after the end
of the 45-day period beginning on the date of enactment of this
Act, enabling the functioning or optimization of the TikTok
mobile application within the land and maritime borders of the
United States and its territories.
(5) Any utilization, occurring after the end of the 45-day
period beginning on the date of enactment of this Act, of the
TikTok mobile application's constituent code, functions, or
services in the functioning of software or services developed
or accessible within the land and maritime borders of the
United States and its territories.
(b) Exceptions.--The prohibition under subsection (a) shall not
apply to the following:
(1) Any transaction that is not a business-to-business
transaction.
(2) The payment of wages, salaries, and benefit packages to
employees or contractors.
(3) The exchange between or among TikTok mobile application
users of personal or business information using the TikTok
mobile application.
(4) Activities related to mobile applications intended for
distribution, installation or use outside of the United States
by any person, including to any person subject to U.S.
jurisdiction, and all ancillary activities, including
activities performed by any U.S. person, which are ordinarily
incident to, and necessary for, the distribution, installation,
and use of mobile applications outside of the United States.
(5) The storing of TikTok mobile application user data in
the United States.
(6) Any transactions necessary to effectuate the divestment
required by this section.
(c) Waiver.--A person may submit a request to CFIUS for a waiver of
the requirements under subsection (a).
SEC. 7. ENFORCEMENT.
(a) Prohibition on Evasion and Circumvention.--Any transaction or
other device entered into or employed for the purpose of, or with the
effect of, evading or circumventing this Act is prohibited.
(b) Injunction.--Whenever it appears to the Attorney General that
any person is engaged in, or is about to engage in, any act that
constitutes, or would constitute, a violation of this Act, the Attorney
General may initiate civil action in a district court of the United
States to enjoin such violation.
(c) Penalties.--
(1) Material misstatement or omission.--Any person who
submits a report with a material misstatement or omission or
makes a false certification under this Act may be liable to the
United States for a civil penalty not to exceed $250,000 per
violation. The amount of the penalty imposed for a violation
shall be based on the nature of the violation.
(2) Violations.--
(A) In general.--Any person who fails to comply
with the requirements of this Act may be liable to the
United States for a civil penalty not to exceed the
greater of $250,000 or the value of the transaction.
(B) Amount.--The amount of a penalty imposed for a
violation shall be based on the nature of the
violation.
(3) Determination and notice of penalty.--A determination
to impose penalties under paragraph (1) or (2) shall be made by
CFIUS. Notice of the penalty, including a written explanation
of the conduct to be penalized and the amount of the penalty,
shall be sent to the subject person electronically and by U.S.
mail or courier service. Notice shall be deemed to have been
effected by the earlier of the date of electronic transmission
and the date of receipt of U.S. mail or courier service.
(4) Petition for reconsideration.--Upon receiving notice of
a penalty to be imposed under paragraph (1) or (2), the subject
person may, within 15 business days of receipt of such notice,
submit a petition for reconsideration to the Staff Chairperson,
including a defense, justification, or explanation for the
conduct to be penalized. CFIUS shall review the petition and
issue any final penalty determination within 15 business days
of receipt of the petition. The Staff Chairperson and the
subject person may extend either such period through written
agreement. CFIUS and the subject person may reach an agreement
on an appropriate remedy at any time before CFIUS issues any
final penalty determination.
(5) Recovery of penalties.--The penalties authorized in
paragraphs (1) and (2) may be recovered in a civil action
brought by the United States in Federal district court.
(6) Application of false statements accountability act of
1996.--Section 2 of the False Statements Accountability Act of
1996 (18 U.S.C. 1001) shall apply to all information provided
to CFIUS or the President under this Act.
(7) Effect on other penalties.--The penalties available
under this subsection are without prejudice to other penalties,
civil or criminal, available under law.
(8) Penalties as debt due to the u.s. government.--The
imposition of a civil monetary penalty under this subsection
creates a debt due to the U.S. Government. The Department of
the Treasury may take action to collect the penalty assessed if
not paid within the time prescribed by CFIUS and notified to
the applicable party or parties. In addition or instead, the
matter may be referred to the Department of Justice for
appropriate action to recover the penalty.
(9) Definitions.--In this subsection:
(A) Staff chairperson.--The term ``Staff
Chairperson'' means the Department of the Treasury
official so designated by the Secretary of the Treasury
or by the Secretary's designee.
(B) Subject person.--In this subsection, the term
``subject person'' means the person or persons who may
be liable to the United States for a civil penalty.
SEC. 8. NATIONAL SECURITY REVIEW OF BUSINESS RELATIONSHIPS WITH
BYTEDANCE.
(a) National Security Investigations.--
(1) In general.--CFIUS shall--
(A) review the relationship of each covered United
States business with ByteDance to determine the effects
of such relationship on the national security of the
United States; and
(B) issue a report to the President containing the
findings of such review.
(2) Presidential authority.--After reviewing a report
issued under paragraph (1) with respect to a relationship, the
President may take such action for such time as the President
considers appropriate to suspend or prohibit the relationship
if the relationship threatens to impair the national security
of the United States.
(3) Procedures.--To the extent practicable, CFIUS and the
President shall carry out a review of a relationship under this
subsection in the same manner as a covered transaction is
reviewed under section 721 of the Defense Production Act of
1950 (50 U.S.C. 4565).
SEC. 9. REPORT ON NATIONAL SECURITY THREAT OF MOBILE APPLICATIONS
UTILIZED BY THE PEOPLE'S REPUBLIC OF CHINA AND CHINESE
COMMUNIST PARTY.
(a) Reporting Requirement.--Not later than 180 days after the
enactment of this Act, and annually thereafter, the Secretary of State
and the Attorney General, in consultation with the Director of National
Intelligence, shall submit to the appropriate congressional committees
a report describing--
(1) the scope of efforts by the People's Republic of China
and Chinese Communist Party to utilize mobile applications to
perform espionage on U.S. citizens, and business and
organizations located in the United States;
(2) the means and objectives of the People's Republic of
China and Chinese Communist Party in utilizing mobile
applications to perform espionage and spread disinformation in
the United States; and
(3) a detailed strategy regarding how the Secretary of
State and the Attorney General intend to counter espionage and
disinformation efforts conducted by the People's Republic of
China and the Chinese Communist Party using mobile
applications.
(b) Form.--The report required by subsection (a) shall be submitted
in unclassified form, but may include a classified annex if necessary.
The unclassified portion of such report shall be made available on a
publicly available internet website of the Federal Government.
(c) Appropriate Congressional Committees Defined.--In this section,
the term ``appropriate congressional committees'' means--
(1) the Committee on Armed Services, the Committee on
Foreign Affairs, the Committee on Financial Services, and the
Committee on the Judiciary of the House of Representatives; and
(2) the Committee on Armed Services, the Committee on
Foreign Relations, the Committee on Banking, Housing, and Urban
Affairs, and the Committee on the Judiciary of the Senate.
SEC. 10. DEFINITIONS.
In this Act:
(1) CFIUS.--The term ``CFIUS'' means the Committee on
Foreign Investment in the United States.
(2) Covered united states business.--The term ``covered
United States business'' means a person (other than an
individual) engaged in interstate commerce in the United States
who--
(A) is partnering or contracting with ByteDance
with respect to technology platforms, applications, or
other ventures; or
(B) is a shareholder of ByteDance.
<all>