link to page 6 
Legal Sidebari
Restricting TikTok (Part II): Legislative
Proposals and Considerations for Congress
Updated September 28, 2023
This Legal Sidebar is the second installment in a two-part series on U.S. efforts to regulate the video-
sharing application (app) TikTok. The first installment provided legal background on executive branch-
led efforts to restrict TikTok’s U.S. presence and operations. This Sidebar analyzes proposals to create
new authorities to restrict TikTok and examines constitutional and other legal issues for Congress to
consider.
Legislative Proposals
Against the backdrop of executive branch efforts discussed in Part I of this series, some Members of the
118th Congress have debated whether new legislation is needed to address TikTok’s alleged national
security risks. The 117th Congress took legislative action by passing the No TikTok on Government
Devices Act, which mandates the app’s removal from executive branch information technology systems.
The President signed this act on December 29, 2022. Several legislative proposals in the 118th Congress
would take more far-reaching actions by authorizing or requiring the executive branch to restrict
transactions involving TikTok in ways that could result in a nationwide ban of the app. Several
distinctions among bills are outlined in Table 1.
Trends in Bills That Would Authorize or Require TikTok Bans
While each bill has unique provisions, general trends across multiple bills include the following features.
Removing IEEPA Exceptions: One common element in many TikTok-related bills is to eliminate
exceptions to the President’s statutory powers under the International Emergency Economic Powers Act
(IEEPA). These proposed provisions seek to address the legal grounds discussed in Part I on which two
courts enjoined the Trump Administration’s August 2020 executive order (2020 Order) that would have
imposed a nationwide ban of TikTok. Examples of legislation in this category include the No TikTok on
United States Devices Act (H.R. 503/S. 85) and the Averting the National Threat of Internet Surveillance,
Oppressive Censorship and Influence, and the Algorithmic Learning by the Chinese Communist Party Act
(ANTI-SOCIAL CCP Act, H.R. 1081/S. 347).
Congressional Research Service
https://crsreports.congress.gov
LSB10942
CRS Legal Sidebar
Prepared for Members and
Committees of Congress
Congressional Research Service
2
Removing IEEPA Exceptions and Adding New Authorities: Some bills that would eliminate IEEPA
exceptions would also provide the executive branch new authorities and obligations beyond IEEPA. The
Protecting Personal Data from Foreign Adversaries Act (H.R. 57), for example, would authorize the
President to invoke IEEPA and impose visa restrictions in response to certain foreign entities’ misuse of
social media apps. The Stopping Attempts by Foreign Entities to Target Youths on Social Media Act of
2023 (SAFETY on Social Media Act of 2023, S. 872) would authorize IEEPA actions, mandate visa
restrictions on foreign persons employed by designated companies, and require U.S. nationals employed
by designated companies to register as foreign agents under the Foreign Agents Registration Act. The
Deterring America’s Technological Adversaries Act (DATA Act, H.R. 1153) would allow the President to
use IEEPA authorities while also giving the Secretary of the Treasury new powers to prohibit transactions
with parties that knowingly provide sensitive personal data of persons subject to U.S. jurisdiction to
companies subject to the PRC’s ownership, control, jurisdiction, or influence.
Non-IEEPA-Based Review Systems: Some legislation would create new systems, not linked to IEEPA,
to review transactions for national security risks. For example, the SAFETY on Social Media Act of 2023
would require the Federal Communications Commission (FCC) to issue rules that prohibit certain
platforms designated by the President from being carried in app stores and rules that require internet
service providers to block designated entities from receiving internet services. The Restricting the
Emergence of Security Threats that Risk Information and Communications Technology Act (RESTRICT
Act, S. 686) would authorize two new non-IEEPA-based national security review programs. The
RESTRICT Act invokes elements of two existing review systems discussed in Part I of this Sidebar: the
Information and Communications Technology and Services (ICTS) supply chain rule (Supply Chain
Rule) and the Committee on Foreign Investment in the United States (CFIUS). Unlike the Supply Chain
Rule, the bill’s proposed process to review ICTS transactions would not depend on IEEPA for its
underlying authority, and therefore would not be subject to IEEPA’s exceptions. The RESTRICT Act
would also create a new CFIUS-like process for the executive branch to review foreign adversaries’
holdings (i.e., investments) in ICTS companies. Biden Administration officials have expressed support for
the bill.
Data Privacy Frameworks and Related Legislation
While the bills discussed above would authorize actions that could result in a national ban of TikTok, not
every TikTok-related proposal contains authority to ban the app. During a hearing with TikTok’s CEO
before the House Energy and Commerce Committee on March 23, 2023, some Members of Congress
discussed limiting TikTok’s potential national security risks by expanding data privacy frameworks to
apply more stringent privacy protections to a broader set of entities. Some Members suggested the
American Data Privacy and Protection Act, which was introduced in the 117th Congress and is examined
in this Legal Sidebar, could be a legislative avenue to obligate TikTok to embrace greater data privacy.
Other legislative proposals in the 118th Congress would create new restrictions on cross-border transfer
of personal data by subjecting some categories of personal data to export controls. Another set of bills
would require companies to provide notices to U.S. users if the companies’ apps are banned from U.S.
government devices, have certain connections to the PRC or Chinese Communist Party (CCP), or allow
the PRC or CCP to access Americans’ user data. Some Members have proposed mandating algorithmic
transparency to address concerns over PRC and CCP influence on TikTok’s video-recommendation
methods. Still other legislative proposals would restrict TikTok in limited contexts, such as on college
campuses or when used by federal employees on accounts classified as belonging to government entities,
politicians, and political parties.
Congressional Research Service
3
Considerations for Congress
Any time Congress considers legislation that could allow the United States to regulate private commercial
transactions on national security grounds, a variety of constitutional and legal considerations, examined in
this CRS Legal Sidebar, may be relevant. Given TikTok’s popularity and role as a platform that facilitates
personal expression and exchange of information, several issues are especially salient.
First Amendment
Regulating mediums of expression can trigger the First Amendment’s protections for speech and
association. In the litigation challenging the Trump Administration’s restrictions on TikTok and in the
separate case challenging similar restrictions on the WeChat app, which are discussed in Part I, the
plaintiffs alleged the executive branch violated the First Amendment by shutting down these platforms for
speech. State laws limiting TikTok use or operations have also been subject to First Amendment
challenges. If a regulation specifically targets a medium of communication as opposed to generally
regulating a variety of businesses, it might trigger heightened constitutional scrutiny—particularly if there
is evidence the government targeted a platform because of its viewpoint or the type of speech it hosts.
Even if a regulation is aimed at a platform’s non-expressive conduct, First Amendment concerns can arise
if that law is applied to speech. For instance, the Berman Amendment added the informational materials
exception to IEEPA in response to executive branch seizures of magazines and books that Congress said
were protected by the First Amendment.
While foreign corporations outside U.S. territory do not benefit from First Amendment rights, separately
incorporated organizations within the United States may enjoy First Amendment protections. Further, the
Supreme Court has long recognized that U.S. citizens have a right to receive information and ideas from
abroad. TikTok and WeChat users in the United States also challenged the Trump Administration
restrictions by raising their own rights to receive and share content.
Assuming that a particular regulation broadly affects all speech on the regulated platform and does not
target particular viewpoints or types of content, a court would likely review any First Amendment claims
under an analysis known as intermediate scrutiny. This constitutional standard applies to regulations that
are content-neutral, or only incidentally restrict speech in the course of permissibly regulating conduct.
The standard generally requires the government to show the regulation “furthers an important or
substantial governmental interest” that is “unrelated to the suppression of free expression,” and that “the
incidental restriction on alleged First Amendment freedoms is no greater than is essential to the
furtherance of that interest.” Courts might also ask whether a regulation “leave[s] open ample alternative
channels for communication” of the affected speech. (It is also possible certain types of regulations might
be challenged as prior restraints on speech, triggering additional constitutional considerations.)
The court reviewing the WeChat ban concluded that the restrictions likely failed intermediate scrutiny.
The court acknowledged the government’s significant interests in national security—an area where courts
have sometimes been more deferential to the political branches. Nonetheless, the court concluded the
restrictions were not appropriately tailored to this interest, noting “obvious alternatives to a complete ban,
such as barring WeChat from government devices . . . or taking other steps to address data security.”
Courts applying intermediate scrutiny must look closely at the government’s evidence to ensure “that the
recited harms are real, not merely conjectural, and that the regulation will in fact alleviate these harms in a
direct and material way.” This inquiry is heavily dependent on context, and Congress might consider
whether to include evidence demonstrating these elements in the legislative record.
link to page 6 Congressional Research Service
4
Due Process
Congress may also consider whether TikTok-related bills afford sufficient safeguards to comply with
procedural due process standards. When a person is deprived of a protected property right, the Fifth
Amendment’s Due Process Clause requires the United States to provide notice of the government action
and a meaningful opportunity to contest it. Due process protections apply to foreign individuals and
entities that enter U.S. territory and establish substantial connections with the United States. In one
relevant example, a federal court of appeals held that, before the President could order a PRC-based
company to divest an acquisition under the CFIUS process, the government needed to provide the
affected company with the unclassified information on which it based its decision and the chance to
respond. Due process standards may be different when Congress directly affects property rights through a
legislative determination rather than through a judicial or administrative process. For legislative
determinations, the legislative process may provide “all the process that is due” unless the law is palpably
arbitrary.
Takings Clause
Litigants have sometimes argued that U.S. restrictions on cross-border transactions and investments
violate the Fifth Amendment’s Takings Clause, which prohibits the United States from taking private
property for public use without just compensation. The Takings Clause applies to the actual acquisition of
property and to regulatory actions that so severely restrict a property owner’s rights that they rise to the
level of a regulatory taking. In the context of foreign actors asserting constitutional rights, the Takings
Clause protects foreign individuals and entities with substantial connections to the United States,
including those whose property in the United States is taken by the federal government. Although Takings
Clause challenges to IEEPA-based actions have been largely unsuccessful, some plaintiffs continue to
raise them. In TikTok’s challenge to the 2020 Order, for example, the company argued that President
Trump’s discussion of securing a payment to the Department of the Treasury if TikTok were to be sold to
an American company amounted to an attempt to secure an unconstitutional taking. This issue did not
ultimately feature in the court’s opinion, as the court based its decision on IEEPA interpretation issues.
Bill of Attainder
The Bill of Attainder Clause has also been a topic of discussion in TikTok-related legislation. This clause
prohibits Congress from using legislation to determine guilt and inflict punishment without a judicial trial.
As explored in this CRS In Focus, there are several unresolved questions about whether the clause applies
to modern economic restrictions on foreign corporations. In two recent judicial challenges, courts held
that legislation restricting transactions with PRC-based Huawei and Russia-based Kaspersky Lab did not
violate the Bill of Attainder Clause because the laws sought to protect U.S. security, not punish a private
actor.
Other Legal Considerations
Apart from constitutional considerations, Congress may consider procedural and statutory issues that
could affect how proposed TikTok restrictions operate. A selection of these issues, which are also
examined in Table 1, are discussed below.
Judicial Review: Congress could consider legislative mechanisms to limit or streamline judicial review
of challenges to any new transaction-restriction authorities it enacts. Some existing statutes limit judicial
review of similar restrictions by exempting the decision to impose restrictions from the Administrative
Procedure Act (APA) or from judicial review in general. Some laws require legal challenges to be brought
before a specific court—usually, the U.S. Court of Appeals for the D.C. Circuit (D.C. Circuit) because of
its familiarity with special procedures in cases involving classified information. Among TikTok-related
link to page 6 Congressional Research Service
5
bills, the RESTRICT Act would limit judicial review to actions that are “unconstitutional or in patent
violation of a clear and mandatory statutory command” and give the D.C. Circuit exclusive jurisdiction
over those cases.
Classified and Other Sensitive Information: In anticipating judicial challenges, Congress may consider
prescribing how courts handle classified and other legally protected information during litigation. The
CFIUS statute is one example of streamlined procedures. It provides that, if a court determines that
classified or other protected information that is in the administrative record is necessary to resolve a legal
challenge, that information must be submitted ex parte and in camera (i.e., only the court may view it)
and maintained under seal so that it cannot be made public. The CFIUS statute also exempts the United
States from statutory requirements to provide notice to U.S. persons when using information obtained
under the Foreign Intelligence Surveillance Act of 1978 (FISA).
Confidentiality and Freedom of Information Act: When Congress creates new processes to review
private commercial transactions, it may seek to balance public interest in the process with the private
entities’ desire for confidentiality. Some existing national security review systems prohibit the
government from disclosing parties’ private information gathered during the review process unless an
exception applies. CFIUS’s legal authorities provide even stricter confidentiality by stating that materials
submitted during its review process are exempt from the Freedom of Information Act (FOIA) absent an
exception. Among the bills in Table 1, the DATA Act places certain special confidentiality requirements
on Congress, and the RESTRICT Act generally incorporates CFIUS’s confidentiality rubric and FOIA
exemption.
Naming TikTok: Another topic of discussion is whether legislation should identify TikTok by name.
Whether TikTok is identified in a bill’s text could be relevant in a Bill of Attainder challenge as part of a
broader argument that the government targeted the company for punishment. The issue might also feature
in the due process context if Congress were to make a legislative determination that TikTok presents a
national security threat. Some proposals in the 118th Congress expressly include TikTok among a defined
set of entities with whom transactions would be restricted. Other bills name TikTok, but do not mandate
that the bill’s restrictions apply to it. Instead, these proposals would require a presidential determination
on whether the bill’s provisions apply to the company. A third set would create transaction-review
frameworks that the executive branch could interpret to include TikTok, but that do not name the
company in the legislative text.
Congressional Oversight: Congress may consider options to ensure that it is informed about executive
branch actions in implementing any legislation that passes and can exercise effective oversight. For
example, the No TikTok on American Devices Act would require the executive branch to provide a
classified briefing on its implementation of the bill. Another example is the DATA Act, which would
require the President to share information about the bill’s implementation with designated congressional
committees. The DATA Act also proposes to facilitate greater congressional involvement by requiring the
President to respond to the designated committees’ requests for determinations on whether specific
individuals or entities are subject to the bill’s sanctions and restrictions.
Legal Sidebari
Table 1. Comparison of Select TikTok Bills Introduced in the 118th Congress
H.R. 503 / S. 85: No
H.R. 57: Protecting
H.R. 1081 / S.
TikTok on
Personal Data from
347: ANTI-
S. 872: SAFETY
American Devices
Foreign Adversaries
H.R. 1153: DATA
SOCIAL CCP
on Social Media
Act
Act
Act
S. 686: RESTRICT Act Act
Act of 2023
Actions
Invoke IEEPA
Invoke IEEPA; visa
Title I: Prohibit
§ 3: Investigate, prohibit,
Invoke IEEPA
§ 4: Invoke IEEPA;
Authorized
restrictions
specified transactions;
regulate, and mitigate
§ 5: ban from app
Title II: Invoke IEEPA
covered transactions;
stores and
§ 4: compel divestment
prohibit and
or mitigate risk of
internet services;
covered holdings
§ 6: visa
restrictions,
foreign agent
registration
Exercising
President
President (IEEPA); State
Title I: Secretary of
§ 3: Secretary of
President
§ 4: President,
Official or
Dep’t (visa restrictions)
the Treasury;
Commerce;
§ 5: FCC;
Agency
Title II: President
§ 4: President
§ 6: State Dep’t
(visas); Justice
Dep’t
(registration)
IEEPA
All IEEPA exceptions
All IEEPA exceptions
Personal
Not applicable
All IEEPA
All IEEPA
Exceptions
removed
removed
communication and
exceptions
exceptions
info. materials
removed
removed
exceptions removed
Authorizes
No
Yes
No
No
No
Yes
Visa
Restrictions
CRS Legal Sidebar
Prepared for Members and
Committees of Congress
Congressional Research Service
7
H.R. 503 / S. 85: No
H.R. 57: Protecting
H.R. 1081 / S.
TikTok on
Personal Data from
347: ANTI-
S. 872: SAFETY
American Devices
Foreign Adversaries
H.R. 1153: DATA
SOCIAL CCP
on Social Media
Act
Act
Act
S. 686: RESTRICT Act Act
Act of 2023
Covered
Transactions by
Transactions using
Title I: Transactions
Transactions or holdings
Transactions by
Transactions with
Transactions
ByteDance (or its
mobile application or
with those that
involving foreign
covered social
companies on a
successor) or any
software programs that: knowingly provide U.S.
adversaries that pose
media companies
presidentially
entity owned by
(1) engage in theft or
persons’ sensitive
certain undue or
with certain
prepared list of
ByteDance involved in
unauthorized
personal data to certain unacceptable risks to U.S. connections to
foreign-owned-or-
TikTok-related
transmission of user
PRC-connected
national security or safety countries of
control ed
matters
data to servers in the
entities; Title II: seven
of U.S. persons
concern
untrustworthy
PRC, and (2) provide
categories of
applications and
certain PRC-related
sanctionable conduct
social media
entities access to user
entities
data
Exceptions
Law enforcement
Compliance with U.N.
Law enforcement
Certain transactions
Intelligence
No
from Review
activities, national
Headquarters
activities, national
authorized under a U.S.
activities;
security interests and
Agreement
security interests and
government-industrial
importation of
activities, and security
activities, security
security program or that
goods
research activities
research activities,
meet national security or
compliance with
law enforcement
international
functions
agreements
Presidential
No
Case-by-case up to 180
Case-by-case up to 180
No
No
No
Waiver
days if President
days if President
certifies vital to national certifies vital to national
security
security
TikTok Named TikTok named as a
Presidential
Presidential
No
TikTok named as a
No
“covered company”
determination on bil ’s
determination on bil ’s
“deemed company”
applicability to TikTok
applicability to TikTok
is mandatory
is mandatory
Confidentiality
No
No
No congressional
Confidentiality
No
No
and FOIA
disclosure of
procedures defined;
Provisions
confidential information FOIA inapplicable
Classified Info.
No
No
No
Yes
No
No
Procedures
and FISA
Exemptions
Congressional Research Service
8
H.R. 503 / S. 85: No
H.R. 57: Protecting
H.R. 1081 / S.
TikTok on
Personal Data from
347: ANTI-
S. 872: SAFETY
American Devices
Foreign Adversaries
H.R. 1153: DATA
SOCIAL CCP
on Social Media
Act
Act
Act
S. 686: RESTRICT Act Act
Act of 2023
Congressional
Requires report on
Requires report on
Authorizes
No
No
No
Oversight
national security
statute’s applicability to
congressional requests
Provisions
threat posed by
TikTok
for determinations,
TikTok within 120
information, and
days; briefing on
reports; requires
implementation within
report on applicability
180 days
to TikTok
Limits on
No
No
No
Unconstitutional actions
No
No
Judicial Review
or patent violations of
law; D.C. Circuit has
exclusive jurisdiction
Sunset
No
Jan. 1, 2026
Title II terminates five
No
No
No
years after enactment
Source: CRS, based on information in cited bil s, as introduced.
Author Information
Stephen P. Mulligan
Valerie C. Brannon
Legislative Attorney
Legislative Attorney
Disclaimer
This document was prepared by the Congressional Research Service (CRS). CRS serves as nonpartisan shared staff to congressional committees and Members
of Congress. It operates solely at the behest of and under the direction of Congress. Information in a CRS Report should not be relied upon for purposes other
than public understanding of information that has been provided by CRS to Members of Congress in connection with CRS’s institutional role. CRS Reports, as
Congressional Research Service
9
a work of the United States Government, are not subject to copyright protection in the United States. Any CRS Report may be reproduced and distributed in its
entirety without permission from CRS. However, as a CRS Report may include copyrighted images or material from a third party, you may need to obtain the
permission of the copyright holder if you wish to copy or otherwise use copyrighted material.
LSB10942 · VERSION 2 · UPDATED