The New South Wales government is considering banning public sector employees from using TikTok on work devices, engaging federal cybersecurity agencies for advice amid concerns over the social video app’s links to China.
As the federal government considers the security of the app, the NSW electoral commission has confirmed software – including TikTok – is not permitted to be downloaded on to work mobile phones without prior approval.
The state government does not yet have an overarching policy for the app’s download and use on department devices, but Guardian Australia understands that is now being reviewed.
Currently NSW departments and agencies are allowed to decide their own course of action.
Nearly half of all federal agencies have reportedly banned the app on government-owned devices in recent months, which has been criticised by the federal opposition for lacking a consistent and overarching response to the use of the app.
The home affairs department will this month finalise a review for minister Clare O’Neil into the security risks of all social media platforms and the correct government settings.
While privacy and security of data is a concern for all social media apps, the concern with TikTok and fellow China-based app WeChat has been for how data could be accessed under China’s national security law.
The UK prime minister, Rishi Sunak, this week indicated Britain could follow the US and Canada in banning the app from government devices, saying he would take “whatever steps are necessary” to protect security.
The NSW government has commenced talks with the Australian Signals Directorate’s Australian Cyber Security Centre about the app, which is owned by Chinese company ByteDance.
“The NSW Government is aware of this issue and is currently working with the ACSC,” a government spokesperson said.
“The NSW government does not have an overarching policy prohibiting TikTok from government devices. Each agency has social media guidelines and procedures in place to govern how social media apps are used on work-issued devices.”
The state’s own agency – Cyber Security NSW – has advised all users to take security and privacy “into consideration” when downloading any app on to a corporate device.
“Cyber Security NSW continually reviews guidance and develops products for NSW government entities on workplace systems and apps,” the spokesperson said.
“Cyber Security NSW will maintain a vigilant approach to cyber security.”
The NSW electoral commission would not provide “detailed public commentary” on its cybersecurity plans but confirmed employees were banned from downloading the app without explicit approval.
The agency is working with Cyber Security NSW, the commonwealth’s electoral integrity assurance taskforce and the ACSC.
NSW Labor’s digital spokesperson, Yasmin Catley, said the Coalition had “failed” to provide an overarching policy and vowed to fix it if Labor forms government in a fortnight.
“A future NSW Labor government will work with our federal government counterparts in responding to any specific concerns,” she said.
Associate professor in national security at the University of Canberra, Dr Michael Jensen, believed the federal review would probably lead to a ban on government devices in commonwealth departments, with limited exceptions, and the states would probably follow.
“I think that they’ll generally look to what’s happening nationally,” he said.
TikTok Australia’s general manager, Lee Hunter, said TikTok was not a Chinese company, insisting it was a “global” entity that stored the data of Aussie users in Singapore and the US.
“The Chinese government cannot compel another sovereign nation to provide data stored in that nation’s territory,” he said.
“We have, and will continue to, proactively engage with governments at all levels in areas of shared interest, and we are always available to answer questions they may have.”