A few days ago, I overheard a teenager at a coffee shop venting to her friend about the TikTok ban. “If TikTok’s gone, I’m just gonna move to REDnote. It’s even cooler, and we can finally hear authentic Mandarin Trap!” she said, laughing. Her statement, made in jest, was a striking reflection of a growing movement. What started as frustration among TikTok’s 170 million U.S. users has rapidly turned into a mass exodus to REDnote, a Chinese social media app with even more troubling implications for U.S. cybersecurity.
Let’s cut to the chase. TikTok, for all its faults, at least pretends and tries to put on a show of storing some U.S. user data on American servers. REDnote? Not so much.
REDnote, known in Mandarin as “Xiaohongshu” or “Little Red Book,” has already attracted millions of former TikTok users, including high-profile influencers like rapper Doechii and Bunnie XO, wife of Jelly Roll. Searches for REDnote have surged 100% in recent months, and the term “TikTok refugees” has gone viral. While the app may seem like a harmless haven for content creators, its proximity to the Chinese government and lack of transparency make it a cybersecurity minefield
This Shanghai-based app proudly operates under Chinese cybersecurity laws, which means everything from your dance videos to your DM screenshots is just a government request away from landing on someone’s desk in Beijing.
Oh, and the terms of service? They’re in Mandarin. So unless you’re fluent or willing to trust Google Translate with your data destiny, you’re most likely agreeing to something like: “We’ll take whatever we want, thanks. Enjoy the bubble tea.”
While banning TikTok may seem like a step forward for U.S. cybersecurity, it highlights a deeper systemic issue: our failure to address the larger problem of data misuse across all social media platforms, foreign and domestic. As experts point out, U.S. legislation is woefully behind the curve, and the narrowly focused ban on TikTok has left a gap for malicious actors to exploit.
Additionally, the ban has created a new pop culture phenomenon that intertwines U.S. and Chinese users on REDnote, further complicating the geopolitical cybersecurity landscape. Ironically, by banning TikTok, the U.S. may have inadvertently increased its vulnerability to foreign influence and data exploitation.
Cybersecurity experts are clear: REDnote is like TikTok, but without the thin veneer of regulatory cooperation. Its servers are in China. Its data-sharing policies are a mystery. And its user base is growing faster than you can say “national security breach.”
But the real issue here isn’t just TikTok or REDnote. It’s the fact that U.S. policymakers banned TikTok without addressing the larger problem: we have no comprehensive strategy for regulating how social media platforms, domestic or foreign, should handle our data.
This means we’re playing whack-a-mole with cybersecurity. Ban TikTok? Fine. Millions of users will just flock to the next shiny app, whether it’s REDnote, some other China-based platform, or an even less secure app that hasn’t hit the radar yet.
And let’s not forget: the terms of the TikTok ban do nothing to protect Americans from the data misuse happening on domestic platforms. Facebook, Instagram, and others have their own laundry lists of privacy scandals. But, hey, these are all American companies. We are all safe. Right?
Instead of these piecemeal bans, we need a real, systemic solution. How about a comprehensive data privacy law that applies to all platforms, regardless of where they’re headquartered? Or mandatory transparency about how apps handle user data? But that is a crazy idea, I know.
Until then, we’ll keep watching this digital game of musical chairs, where a new app just seems to play a slightly worse song. And the U.S. will continue to act surprised when its cybersecurity problems don’t magically go away.
