In April 2018, as Mark Zuckerberg testified before Congress amid the Cambridge Analytica scandal, photojournalists captured a fascinating line of argument in the Facebook founder’s typed notes: “Breakup strengthens Chinese companies,” it read.

This defense, which the company’s executives have wielded repeatedly in the past two years, argues that concerns over Facebook’s monopoly power voiced by US senators Lindsey Graham and Elizabeth Warren and others are misplaced. If Congress broke up or regulated Facebook, or another US tech giant, then regulation-free Chinese companies would come to dominate the world. Chinese monoliths could continue to exploit digital markets through privacy invasion, algorithmic processing, and participation in industrial policy with China’s government with impunity. Regulation would also supposedly allow US companies to be bludgeoned into oblivion, because they’d lose the ability to personalize social feeds and manipulate the media experience to maximize user engagement. Eric Schmidt has also suggested that breaking up Big Tech will only help China. Indeed, this argument has resonated even in Congress, given the concerns over American economic security it implicitly raises.

But many experts have called Zuckerberg’s argument empty and misleading. Former FCC chairman Tom Wheeler, for example, describes this as “spinning up the China bogeyman,” a strategy that “allows the companies to portray their size and the vast amounts of data they store about individuals as a national asset and an antidote to the big firms and big data of China.”

Last week settled the debate once and for all, and fully revealed the hollowness of the bogeyman theory. On Monday, Indian regulators enacted a hard ban on TikTok and 58 other Chinese applications, citing concerns over national security triggered by radical privacy violations that these apps committed against Indian users. While many in the Indian digital rights camp are decrying the decision, the government ban shouldn’t be seen only as a political move in response to rising military tensions, but rather as a strong statement that India will not stand for violations of user privacy enabled by apps like TikTok.

Scrutiny over TikTok began to reach a fever pitch in April, when a Reddit user under the handle Bangorlol posted an analysis—which has since circulated far and wide in the technical community—contending that the TikTok app radically invaded privacy. Bangorlol, who apparently reverse engineered the app, suggested that TikTok collects troves of data on its users. Hardware IDs, memory usage, apps installed, IP addresses, Wi-Fi access points, GPS pings at a temporal resolution of 30 seconds—these are just some of the categories of data that Bangorlol claimed TikTok pulls. (To its credit, TikTok openly discloses in its privacy policy that it will “automatically collect certain information from you when you use the Platform, including internet or other network activity information such as your IP address, geolocation-related data … unique device identifiers, browsing and search history.”)

These concerns appear to have been echoed by American politicians on both sides of the aisle, with Senator Marco Rubio (R-Florida) complaining about the app’s tendency to censor content that is not aligned with the Chinese Communist Party’s political interests, and Senator Chuck Schumer (D_New York) denouncing the app’s privacy implications in that TikTok stores “massive amounts of personal data accessible to foreign governments.”

Bangorlol, meanwhile, also alleged that the app is designed to disproportionately engage new users to keep them hooked on the platform, and, perhaps most insidiously, that TikTok has designed the app such that if someone attempts to debug or reverse engineer it, the app will recognize that and effectively work to conceal its exploitative qualities. “They don’t want you to know how much information they’re collecting on you,” Bangorlol wrote. (TikTok has yet to respond to this report directly, but the company has noted that it sends no user data to China and that it has “no higher priority than earning the trust of users and regulators in the US.”)

Damning as these accusations are, we’ve seen similarly shady practices from American platforms in recent years. For Facebook alone, there’s been the emotional contagion fiasco, in which users’ News Feeds were manipulated to experiment with their mental states; the Cambridge Analytica revelation; a series of anticompetitive practices; and an onslaught of one privacy violation after another.