All the cyber risks of election campaigns on TikTok

by Francesco D'Arrigo

Not just politics. Because TikTok is a platform different from the others. The in-depth analysis of Francesco D'Arrigo, director of the Italian Institute for Strategic Studies "Niccolò Machiavelli"

Cyberspace is growing rapidly and currently includes more than 17 billion connected devices, and tens of billions more will be added in the coming decades.

Devices that are generating a new type of de-responsible human being – defined by Bauman in his book The Society under Siege – "spectator man" who seeks his justification of indifference in a comfortable role of testimony carved into the web and social media.

New technologies that in addition to obtaining, with our consent, access to all our sensitive data (bypassing any legislation to protect privacy), hide a worrying form of cognitive hacking, that is, digitally realized and widespread propaganda that tries to manipulate people's perception by exploiting their psychological vulnerabilities. Cognitive hacking is a form of social engineering that can be imposed on a large audience rather than specific individuals, which has reached a form of power never realized before and represents a great risk to national security, as it is driven by artificial intelligence (AI) that lies behind secret algorithms present in some social platforms,  in turn, they have become a deadly weapon of the hybrid war taking place even in an Italy increasingly permeable to Russian and Chinese influence.

A war in which non-state actors work in parallel with state actors to influence perceived reality.

Perceived reality that does not need to influence most of the audience to be effective.

It is enough to convince only a very small percentage of a population to destabilize a democracy quite effectively with protests, riots and disinformation operations that aim at delegitimizing the democratic order and collapsing trust in institutions.

So the question that must be asked is: how difficult is it to radicalize a small percentage of public opinion with modern forms of persuasion?

The answer: it's dangerously easy.

Let us momentarily remove from the analysis whether the causes that have recently given rise to the No-Vax social movements in Western democracies, are justified or not.

The intention is not to analyze the principles of these movements, but rather to consider whether it is possible, through digital propaganda and social conditioning, to radicalize active and non-violent citizens to carry out actions contrary to their own interests. In other words, can a good cause be intentionally turned into an action contrary to the interests of a population without its knowledge?

What we do know is that the potential advantage for a foreign adversary in intentionally radicalizing elements of any social discontent is potentially incalculable. The risk for the attacker is minimal, also because every aspect of the technology already exists and the attribution process, that is, tracing, identifying and blaming the author  of a cognitive hack, a disinformation campaign, a cyber attack or another cyber exploit is extremely complex.

All elements that make explicit the illiberal intent of social media, which with their design optimized for profit at the expense of truth and prioritizing virality rather than the quality of information, have favored the spread of fake news and dissent, causing profound obstacles to governance. We can see the result of the scourge of fake news in the dangerously corrosive effects that disinformation through social media can have on the health of a democracy and its ability to react effectively to protect the national interest in the current geopolitical context of war, as well as in the strategies of Russian and Chinese interference in Italy . We can see this in the anti-science and anti-expert ethos that infects much of the "debates" about the Russian invasion of Ukraine, climate change, nuclear energy and Covid vaccines.


In these days of italian electoral campaign, TikTok is acquiring a significant role, a social media absolutely underestimated in its intrinsic dangerousness and that recently has also shaken the consciences of Italians for the cases of suicide of minors who used this application to participate in events organized in that social platform.

TikTok is owned by the chinese private company ByteDance Ltd and its short video app, popular globally especially among young people and teenagers, has already been downloaded more than 2 billion times from the App Store and Google Play. Recent investigations into his property suggest that his leadership is vulnerable to the influence exerted by the Chinese Communist Party. This is because all Chinese companies are obliged to follow the CCP's directives even if their entities, partners, users and locations are international, as these directives apply to all Chinese companies and individual citizens globally.  China's 2017 National Intelligence Law  states that "any organization and citizen" must support and cooperate" with the work of national intelligence.

Therefore, in addition to having access to all the data of users who use the Chinese app, the Beijing government can use tikTok's cognitive hacking capabilities  , and the concern of the intelligence agencies that analyzed this social media is represented by the vulnerability of cyber security, as the White House highlighted in an executive order issued in 2020 by the Trump Administration . For these reasons, the legal and technological battle against TikTok and other companies has been raging in the United States for several years now while investigations continue and even President Biden promulgates Executive Orders to limit or even ban the use of some Chinese apps and technologies in the United States. Recently, the British government also decided to implement restrictions on TikTok, due to concerns related to the collection of sensitive data, by closing the TikTok account of the UK Parliament, after the Security Services and MPs raised concerns about the risk of data transmission to the Chinese government.

Experts believe that through TikTok you can easily destabilize an election campaign by carrying out  cognitive hacks, increasing the attraction to a particular video whose manipulation does not require any particular technical skill; only a psychosocial analysis of the locality, its inhabitants and the ideal electoral period is enough to publish it.

The most common tool used in a cognitive hack is "armed information": messages or content designed to influence the user's perceptions and beliefs in a way that harms a certain target. The active "attack" is carried out by the people affected by those messages.

For example, misinformation about a political candidate could go viral and convince a large number of people to vote for someone else.

These types of operations have already been successfully carried out on several online platforms, especially Facebook and Twitter, where unmediated communication before the 2016 presidential elections reached levels of aggression and disinformation never seen before. On Facebook, posts have circulated with Hillary Clinton's face distorted, deformed like a devil, accompanied by the most bizarre conspiracy theories. Deepfake videos describing the "fact" that she and her campaign manager John Podesta belonged to a satanic sect, after the publication by hackers (presumably Russian), of an email exchange in which they talked about a dinner organized with "spirit cooking"...

Or, as is happening in these hours on Instagram with the disinformation campaign triggered by the videos that have also become viral in other social platforms, of the parties of the young Finnish Prime Minister Sanna Marin, considered the worst enemy of Vladimir Putin. Were Marin's videos exfiltrated from a hacked smartphone of one of the party participants, to delegitimize her after she decided to say goodbye to her country's neutrality by joining NATO?


TikTok is a fundamentally different app from other social media, not only for the ability to hook and collect all user data but above all for the artificial intelligence techniques made available by the Chinese army to manipulate and shape the behavior of users and its citizens.

It is a program that develops predictive behavioral models extrapolated from digital data exposed by online users through their computers, smartphones, wearables, and almost all other data-tracking devices. Unlike Facebook which analyzes the current network of friendships, TikTok uses an AI-powered behavioral profile to populate  a user's feed before friends are even added to the account. It also predicts the type of friends you should have for your personality.

Once equipped with this information, TikTok AI has the ability to shape the behavior of younger users and influence them using methods similar to those used by dog trainers, that is, distributing positive and negative feedback loops to encourage them to behave in certain ways. In practice, the user sees a feed of people to whom he is not necessarily connected who publish videos that appear funny or exciting that generate positive emotions, at which point users can be directed to watch any video of misinformation and / or propaganda, with the solicitation to share it. With repeated exposure to positive emotions, younger, manipulable users will become unconsciously bound to the propaganda message in the same way that dog brain trainers train dogs.

Some coding experts have claimed to have decoded some of these processes, noting that over time adolescents may be induced to associate positive emotions to some positive political situations to a political party or react negatively to negative positions to the same political party.

The technology also has the ability to create a user-specific profile of individuals' fears and anxieties, learning which stimuli can trigger the desired responses and behaviors. It could then use addictive principles and implement stimuli that force young people to adopt certain behaviors. And that's where addiction comes in. Recent studies have found that anything that generates dopamine and cortisol, and social media for young adults have this effect, will transform the prefrontal cortex even when you are offline.

In Paris, scientists are building a "robotic limbic system" to test this paradigm, especially with regard to children's behavior.

Obviously TikTok has always rejected these criticisms, calling them "disinformation" triggered by the trade war between the US and China and has declared itself in favor and willing to verify, calling the accusations of amplification of content on behalf of the Chinese government ridiculous.

TikTok's lawyers said the company carried out several internal audits of the app's security, finding inaccurate allegations that reflected the analysis of older versions of the app, and also recalled that TikTok's user data is stored in the United States and Singapore and the app is not even available in China.

However, it has been widely demonstrated that TikTok uses behavioral profiling artificial intelligence that  can influence user behavior, remarkably similar to that of its sister app Douyin – which is also owned by ByteDance but can only be downloaded in China.

Hence the concerns of the US Intelligence Agencies, which consider this behavioral profiling AI already widely used by the Chinese government to try to exercise social and political control to preemptively model people's behavior on a scale never seen before in the history of humanity.


Privacy breaches aren't the only concern, given the willingness of users to grant their sensitive data in order to use the various apps.

The real threat is the strategic targets of artificial intelligence that uses TikTok data for psychological manipulation purposes.

From an extensive investigation still ongoing, NSA experts have discovered that not only TikTok but also the widespread Alipay platforms and apps of Ant Group, WeChat Pay, QQ Wallet, Tencent QQ, CamScanner, SHAREit, VMate, capable of capturing the data of billions of users who have downloaded them to their devices, understanding their needs and potentially influencing their decision-making process,  in particular of young and very young, they represent a huge flaw in the protection of privacy, but above all the ties they have with the Chinese Communist Party and Chinese ISPs make them a source of data collection very worrying for national security.

An important consideration concerns our young people, the generations that represent the future of the country. We need to help the parents of minors to understand that TikTok is a social very different from the others, and not even adults, in large part, understand the risks 100%, because in addition to granting an autocratic state the possibility of filing and monitoring our children, these data are used for influence operations to which they are more exposed because they are more easily assimilated by children and the very young.

An example: you notice little the texts or the caption under a video, but on TikTok young people express themselves in code, it is there that one of the dangers that make it difficult to identify the incitement to commit acts of violence, crimes or suicide.

According to the Center for Disease Control, suicide is the second leading cause of death for young people, with a very strong increase in recent years among young people who use social media, aged between 10 and 24 years.

For these reasons it is urgent to implement a cultural campaign of "cyber education" aimed at all citizens, to help our young people defend themselves from cognitive hacking, to provide more in-depth knowledge to those who work in large public and private companies, in institutions, in particular to those who hold executive responsibilities.

The lack of awareness of the cyber risk of our political leaders and the threat that such apps pose to national security can certainly not be balanced by the likes, which in any case almost never correspond to votes at the ballot box.