Volume 42 - Issue 1 - January 5, 2023
State of Kansas
Office of the Governor
Executive Order No. 22-10
Prohibiting Use of TikTok on State-Owned Devices and Networks
WHEREAS, the security and privacy of Kansas citizens’ data is of the utmost importance to the State of Kansas, requiring state agencies entrusted with Kansas Citizens’ data to perform due diligence and exercise due care in safeguarding that data;
WHEREAS, the Federal Bureau of Investigation and the Federal Communications Commission have warned that user data from the social media platform TikTok is being shared with the Chinese government, posing both a national and cybersecurity threat;
WHEREAS, federal legislation recently passed requiring the Director of the Office of Management and Budget, in consultation with other government officials, to develop standards and guidelines for executive agencies requiring the removal of TikTok or any successor application or service;
WHEREAS, due to the potential security and privacy risks associated with TikTok, after consultation with the Office of Information Technology Services (OITS), it is in the best interest of Kansas citizens that we prohibit the use of the TikTok platform on state-owned devices and prohibit access through the state network.
NOW, THEREFORE, pursuant to the authority vested in me as Governor of the State of Kansas and head of the Executive branch:
- All entities under my jurisdiction and their employees shall be prohibited from utilizing the TikTok platform on state-owned devices or through the State of Kansas network;
- Any active official State of Kansas TikTok accounts shall be removed and any instances of the TikTok application shall be removed from state-owned devices;
- OITS shall put in place limitations on the ability to access the TikTok website from the State of Kansas network; and
- All entities under my jurisdiction shall also put limitations in place to prevent the installation of the TikTok app on their state-owned/leased devices.
- Other statewide elected officials, independent boards and commissions, the Regents Universities, and the Judicial and Legislative Branches are encouraged to adopt comparable policies for their employees and networks.
All entities under my jurisdiction will have 30 days from the date of this Order to comply with this Order. At the 30-day mark, the Kansas Information Security Office (KISO) will begin to implement limitations on the State network consistent with this Order. Exceptions to this Order for mission essential functions or for law enforcement purposes must be filed with and approved by the KISO. Entities requesting exceptions must also work with the KISO to implement appropriate mitigating controls.
This document shall be filed with the Secretary of State as Executive Order No. 22-10 and shall become effective immediately.
Dated December 28, 2022.
Doc. No. 050782