This executive order represents a significant but conditional resolution to the prolonged regulatory standoff over TikTok's operations in the United States, marking the culmination of a process that began with the Protecting Americans from Foreign Adversary Controlled Applications Act. The order characterizes the situation as balancing two competing interests: protecting the approximately 170 million American users, content creators, and businesses that rely on TikTok for entertainment and livelihood against national security concerns about the platform's control by ByteDance Ltd., a China-based parent company. After four previous enforcement delays extending from January 2025 through December 2025, the order announces a determination that a proposed divestiture constitutes a "qualified divestiture" under the Act—but this determination is expressly contingent on execution of implementation agreements that have not yet occurred. The order provides a 120-day window of federal non-enforcement beginning September 25, 2025, during which the Department of Justice will not enforce the Act's prohibitions or impose penalties; however, the statutory prohibitions remain on the books and could be enforced if the transaction fails to close within this window. The order explicitly positions this approach as addressing Congressional concerns about foreign adversary control while avoiding what it characterizes as harm to millions of Americans who depend on the platform.
The order details a comprehensive divestiture framework under which TikTok's U.S. operations will transfer to a newly established joint venture based in the United States, with ByteDance and its affiliates retaining less than 20 percent ownership while U.S. persons hold majority control. The determination follows an interagency process led by the Vice President in coordination with the National Security Council, Office of Science and Technology Policy, and multiple cabinet departments including Treasury, Justice, Commerce, and the Office of the Director of National Intelligence. The order identifies four specific safeguards: removal from foreign adversary control through the ownership structure, transfer of algorithm and content-moderation control to the new joint venture, prohibition on storing sensitive U.S. user data under foreign adversary control with required storage in American-operated cloud environments, and intensive monitoring of software updates, algorithms, and data flows by "trusted security partners." Critically, the Act requires precluding any "operational relationship" with ByteDance, including cooperation on recommendation algorithms or data sharing; the order goes further by requiring all recommendation models using U.S. user data to be completely retrained and monitored by trusted security partners, a technical requirement that materially affects migration timelines and the credibility of national security risk mitigation. The divestiture applies to TikTok applications, Lemon8, CapCut applications, and associated websites.
Implementation responsibility falls primarily to the Attorney General, who receives the 120-day enforcement moratorium from the order's September 25, 2025 date and must issue written guidance and letters to providers confirming no liability for conduct during this period or since the Act's January 19, 2025 effective date. The Attorney General is designated as the U.S. government's representative under the Framework Agreement and must receive compliance information from the joint venture and security partners. Significantly, the order directs the Attorney General to defend the Executive's exclusive enforcement authority against attempted state or private party enforcement, characterizing such efforts as encroachments on executive power. Full resolution is subject to two distinct gating conditions: first, execution of the Framework Agreement's implementation agreements, which triggers removal of the Act's prohibitions; and second, a separate agreement between the Committee on Foreign Investment in the United States (CFIUS) and certain investor parties ensuring their economic incentives align with Framework Agreement compliance, which resolves the 2020 divestment order regarding ByteDance's acquisition of Musical.ly. The order reserves presidential authority to issue further directives as necessary for national security, establishing an ongoing oversight mechanism beyond the initial 120-day implementation window. Senior leaders should note that if implementation agreements are not executed before the 120-day window expires, federal enforcement discretion could lapse and statutory prohibitions would remain enforceable.