TikTok Privacy and Security Concerns – Should You Use This App?

Abeerah Hashim  - Security Expert
Last updated: August 17, 2024
Read time: 33 minutes Disclosure
Share

TikTok has faced numerous allegations and bans regarding poor data privacy and user security. Yet it remains popular among the masses.

Tiktok-Circle-Logo

TikTok is a disruptive entrant in the social media realm that quickly gained popularity owing to its user-friendliness, easy accessibility, and creative content. However, the app’s Chinese ownership and potential data mishandling raised concerns about its safety for users – especially youngsters.

Does TikTok function like other social media platforms, or is it spyware? Should it be banned? Recently, TikTok has elicited much debate about online privacy and security for users. So, we did extensive research to get to the bottom of it.

In this article, we will answer all these questions and explore the security flaws of this great app.

What is TikTok?

Tiktok-Interface

The social media app allows users to create short-form videos, typically lasting up to 60 seconds. It has become popular for the freedom of creating a variety of videos. You can create and share videos on various topics, from dance and music videos to comedic skits and political commentary. 

TikTok was launched in China in 2016 under its parent company Douyin. It was later released internationally as TikTok in 2017. The app belongs to ByteDance, a Chinese tech company that became a valuable start-up worldwide. In 2020, TikTok surpassed 2 billion downloads worldwide, making it one of the fastest-growing social media apps in the century.

The app has been downloaded over 165 million times in the United States alone, translating to over 40 million active users per month. Worldwide, TikTok hosts over 1 billion, monthly active users. In comparison, social media giants like Facebook have over 2.5 billion, and Instagram has 1+ billion monthly active users, respectively.

However, the key difference is the rate of growth. TikTok has hit the numbers faster than any other social media app. It changed how people became interested in social media apps.

As of 2022, TikTok’s monthly active users compared as follows with other top 6 social media platforms:

  • Facebook – 2.94 billion users
  • YouTube – 2.56 billion users
  • WhatsApp – 2.24 billion users
  • Instagram – 2 billion users
  • WeChat – 1.225 billion users
  • Messenger – 1.3 billion users

Prominent players in the industry have noted the constant growth rate of TikTok. For example, Sheryl Sandberg, Facebook COO, admitted worrying about TikTok’s “huge” growth strategy that potentially threatened Facebook.

They’re huge, they’re growing really quickly, they’ve gotten to bigger numbers faster than we ever did… Of course we worry about it.

Source: Business Insider

Despite the CEO of TikTok being an American, the app has its roots in China under its parent company, Douyin. The association with China is what has brought controversies around the app.

Several countries have banned or blocked TikTok due to national security, privacy, and inappropriate content concerns. In some cases, bans have been lifted following the platform’s response to government concerns. However, in other cases, bans remain in place, and users in those countries cannot access the app.

Allegations and bans made against TikTok?

TikTok privacy security

In 2018, TikTok faced various allegations for its ownership by a Chinese company and its ties to the Chinese Government. Some individuals claim that the app has been used to spread sexual content and promote blasphemy

In 2019, various countries and organizations expressed serious concerns about the app. These concerns especially highlighted issues pertaining to propaganda and censorship, data collection controversies, and security issues. Some of the most allegations and actions against TikTok include:

Investigations

October 9, 2019

After Senator Marco Rubio requested it, the Committee on Foreign Investments in the United States (CFIUS) began a formal review of TikTok’s acquisition of Musical.ly, a popular lip-syncing app that was later merged with TikTok.

CFIUS was concerned about the possibility of the Chinese Government using the app to collect sensitive data on US citizens and the likelihood of TikTok being used for propaganda or other malicious purposes that align with United States interests. CFIUS ultimately concluded that the acquisition posed national security risks, and in 2019, TikTok was ordered to divest its US operations. In response to the review, TikTok implemented various measures to combat data security and privacy.

October 24, 2019

Senators Chuck Schumer and Tom Cotton requested Joseph Maguire investigate TikTok’s threat to national security. In their letter, the senators highlighted that TikTok’s parent firm, ByteDance, is subject to Chinese laws, which could compel the company to share sensitive information with the Chinese Communist Party. They were also worried that the app could be used to gather intelligence, spread political propaganda and misinformation, and influence electoral campaigns.

May 8, 2020

The Dutch Data Protection Authority (DPA) embarked on an inquiry to uncover how TikTok handles young users’ data. The investigation was launched in response to concerns that TikTok was collecting data from minors without obtaining proper consent from their parents or guardians.

During the inquiry, DPA focused on key issues such as types of data collected by TikTok, how that data was used, and how the company obtained consent from young users and their parents or guardians. The investigation was part of a broader effort by European regulators to scrutinize the data collection practices of major tech companies, particularly those that target young users.

June 10, 2020

The European Data Protection Board (EDPB) announced its commitment to investigate TikTok’s data protection policies and practices. The EDPB was mainly interested in TikTok’s collection of data from minors and whether the company was obtaining proper consent from parents or guardians in accordance with EU data protection laws.


Bans

TikTok has been a victim of various restrictions in different countries due to concerns about national security and user privacy. Some of the most notable bans and restrictions include:

November 18, 2019

A bill was introduced by Senator Josh Hawley proposing that Chinese tech companies and other establishments posing a similar threat undergo a national security review before being approved for acquisition by US companies.

Although, the Bill did not specifically target TikTok. However, it was part of a broader push by US lawmakers to address concerns about the potential risks associated with Chinese-owned tech companies, particularly those that collect large amounts of user data.

December 30, 2019

The US Army issued a ban prohibiting soldiers from using the app on work mobile phones. It cited concerns about potential security risks associated with the app. The Army spokesperson reported that the app was a cyber threat and was no longer allowed on work phones. Soldiers were, therefore, directed to uninstall TikTok on government-issued phones.

However, the ban on personal phones was not mandatory. Soldiers were still allowed to use TikTok on their personal devices, but they were advised to be cautious when using the app and sharing sensitive information online.

June 29, 2020

India banned TikTok, which wasn’t the first time the platform had faced scrutiny in India. For example, in 2019, the app was temporarily banned in the country over concerns about inappropriate content. The ban was later lifted after TikTok agreed to implement measures to regulate content on its platform better.

In 2020, TikTok, among other apps, faced a permanent ban that came as a blow to the app’s prospects in India. The authorities highlighted the growing concerns about the nation’s sovereignty and national security.

July 7, 2020

The US Secretary of State Mike Pompeo expressed concerns about TikTok’s data collection practices. He argued that the Chinese Government could use the app to collect sensitive information about US citizens. When asked about using the app, Pompeo said it would give up one’s privacy to the Chinese Communist Party.

July 10, 2020

The Democratic National Committee issued a warning to the campaign staff against using TikTok. The warning cited concerns about the app’s potential use for espionage and cyberattacks and urged the staff to delete it.

July 20, 2020

Ken Buck introduces a bill that would see TikTok banned from being used on government-issued devices. Buck cited concerns about the app’s data collection practices and ties to the Chinese Government. The Senate later approved the Bill in 2022, making it a law.

July 31, 2020

Donald Trump threatened to shut down TikTok’s operations in the US, quoting its national security concerns. Microsoft initiated talks with the tech company to acquire the app nationwide. Later, on August 6, 2020, Trump issued an executive deterring US firms from conducting business transactions with TikTok.

August 5, 2020

As part of the Clean Network program launched by Mike Pompeo, the US government sought to establish five key principles for a “clean” network: clean carrier, clean store, clean apps, clean cloud, and clean cable. It aimed to keep the US technology arena free from foreign interference, particularly the Chinese-owned companies like Huawei and ZTE.

Again, the program did not specifically target TikTok. But it seemed part of the broader effort by the Trump administration to address concerns about national security and data privacy related to Chinese-owned tech companies.


Feb 27, 2019

The Federal Trade Commission charged TikTok $5.7 million for violating the Children’s Online Privacy Protection Act (COPPA). The app was found guilty of collecting data from minors and lacked strict restrictions prohibiting the act.

November 27, 2019

TikTok was accused of secretly collecting and transferring data to China.

December 12, 2019

TikTok paid a $1.1 million settlement on a class action lawsuit after allegations that Musical.ly had collected data on minors. The charges claimed that by doing so, the predecessor infringed on children’s privacy rights.

April 30, 2020

TikTok and ByteDance faced a lawsuit from the parents of 4 minors. The claimants accused the app obtained children’s data without proper consent. The guardians argued that by collecting biometric identifiers, their actions violated Illinois law.

July 15, 2020

A fine amounting to $156,000 was imposed on TikTok by Korea Communications Commission (KCC) for collecting data from children under the age of 14 years. TikTok had failed to obtain consent and didn’t inform users of data transfer overseas.


Key takeaway points

Banned

TikTok bans

The most notable allegations against TikTok include censorship, propaganda, data collection, dangerous content, and security vulnerabilities. Most of TikTok’s allegations are just that, allegations. Excluding the legal fines imposed based on real judgment, the remaining allegations and bans arise from mere speculations.

While it’s good to be skeptical, it’s also important not to prejudge TikTok unless there is a credible case. In the US legal system, the presumption of innocence is crucial until one is proven guilty. When considering the list of bans, it’s essential to remember that none of them specifically details key evidence of TikTok’s spying activities. Most of these bans were imposed because of the mere fact that TikTok is associated with the Chinese Communist Party.

Another critical point to note is that most nations that renounced TikTok have unhealthy relationships with China. For instance, the United States and China have rubbed shoulders since the trade war. Additionally, the ban in India came after a border dispute in the Himalayas. The conflict catalyzed security concerns and served as a foundation for the ban.

It’s either a great coincidence that the countries with a heated clash with China are pushing the privacy allegations and ban, or these bans are politically motivated. If TikTok bans were backed up with objective evidence, we would see more of those bans spread across countries worldwide. Until then, it is right to assume that most allegations and bans are politically motivated.


Lawsuits surrounding the data collection of minors

The lawsuits against TikTok regarding the data collection of minors highlight the importance of protecting children’s privacy online.

Indeed, in the past, TikTok has failed terribly at protecting children’s online privacy. However, it has learned from its mistake and has since implemented various measures to protect minors. Therefore, tech companies must comply with regulations and take steps to protect children’s data, especially given their vulnerability.

Moreover, parents should actively monitor TikTok usage by their children and other online activities, and be aware of the risks associated with social media use.


Accusations of collecting biometric data

The accusations against TikTok for collecting biometric data without consent highlight a broader issue of inadequate data protection laws in the United States and globally. While the lawsuit against TikTok is ongoing and the claims remain unproven, the fact remains that collecting biometric data without consent is not illegal in most of the United States or other parts of the world.

In the absence of stringent data protection laws, it becomes challenging to hold companies accountable for their data collection practices. Therefore, it is vital to focus on regulating the industry as a whole and not just individual players like TikTok.

There is a need for stronger data protection laws, particularly concerning biometric data, to ensure that companies collect data with the user’s explicit consent and only use it for authorized purposes.


The California lawsuit

The California lawsuit against TikTok provides that the app retains videos recorded using the platform even if one decides not to post them. It also claims that the app collects vast data to create sophisticated user profiles for data analytics used in target advertising.

The lawsuit makes serious allegations, but many of the practices it highlights are unfortunately common in the industry. The fact that TikTok is being singled out may have more to do with its Chinese origins than with any particularly egregious data collection practices.

Ultimately, what is needed is a broader regulatory framework that will apply to all companies, regardless of where they are based, and that will protect individuals and promote transparency.


Potential risks associated with Chinese technology

Risks Illustration

It is difficult to discuss the allegations of Chinese technology objectively, considering the issue has been politicized amid the adversarial relationship between China and many Western countries. The potential risks of using Chinese technology lie in the fact that technology plays a critical role in keeping the world running. If not regulated, technology could be used as a tool for spreading propaganda and spying.

Chinese laws like the 2016 Internet Security Law, the 2017 National Intelligence Law, and the 2014 Counter-Espionage Law give the Chinese Government more power and control over businesses operating in China. The laws contain clauses that compel companies to hand over data, source code, encryption keys, and other information to Chinese authorities. This has raised concerns that Chinese businesses may be forced to act as agents for the Chinese Government, compromising the interests of other countries.

There are many concerns and issues at play in the debate over TikTok and Chinese technology. The fear is that the Chinese Government has tight control over its businesses, and its laws compel citizens and organizations to support state intelligence work.

As such, Chinese companies like ByteDance could be coerced to share data or act on behalf of the Chinese Government’s interests, potentially compromising the privacy and security of users in other countries. This fear is compounded by China’s history of cyberespionage and intellectual property theft, which raises concerns about the potential for similar activities to be conducted through Chinese technology.

However, it’s worth noting that these concerns are not unique to China, as governments and companies around the world engage in similar activities. Also, there is no definitive evidence that TikTok has been used to engage in spying or other malicious activities.

Politically motivated attacks

US Flag

TikTok has been the subject of several politically motivated attacks in recent years. The Trump administration’s attempt to ban TikTok in the United States was widely seen as a response to concerns about Chinese technology and the growing influence of Chinese companies in the tech industry. The ban was later blocked by a federal judge, but it highlighted the growing concern about Chinese technology and its potential impact on national security.

In addition to the ban, TikTok has faced criticism from politicians in several countries, who have raised concerns about the app’s content moderation policies, data collection practices, and ties to the Chinese Government. This has resulted in a demand for greater regulation of social media platforms and increased scrutiny of Chinese tech companies.

Politically inspired attacks are also evident in the case of Huawei. The company had faced similar accusations, with the US government banning the use of its technology. The country’s government authorities discouraged organizations and entities from using Huawei technology, citing national security concerns.

Chinese tech companies aren’t the only victims. Kaspersky, a Russian company, faced similar challenges. The company was accused of being a security threat due to its alleged ties to the Russian Government. The US government has also banned using Kaspersky software on government computers.

These cases are part of a larger trend of “Sinophobia,” which refers to the fear or distrust of China, its people, or its culture. The trend became more prevalent during the Covid-19 pandemic and the trade war. These extreme biases manifest themselves in different forms ranging from political wars to economic competitions.

Potential dangers of TikTok

Unblock TikTok

There are several potential dangers associated with using TikTok, particularly in relation to data collection and privacy. TikTok collects vast user data, including location data, browsing history, and contacts unless you make your TikTok account private. This data could be used to create detailed profiles of users and target them with personalized ads or other content.

Concerns that the data collected by TikTok could be shared with the Chinese Government, which has a history of using technology to monitor and control its citizens, exist. While TikTok has denied sharing user data with the Chinese Government, there are worries that it could be compelled to do so in the future.

In addition to data collection, there are concerns about the content on TikTok. The app has been criticized for promoting dangerous challenges and activities. Two of these include the “skull breaker challenge” and the “blackout challenge,” which led to serious injuries and even deaths. There are also concerns about the spread of false information and propaganda on the app, particularly regarding political issues.

Prominent claims made against TikTok

Is TikTok safe for kids

Let’s analyze the main claims that have been used against TikTok to clear the air. 

1. Canvas and audio fingerprinting

One of the prominent claims made against TikTok is that the app engages in canvas and audio fingerprinting, empowering the company to track users’ activities.

Canvas fingerprinting involves collecting information about the user’s device and browser. This data includes device configuration, fonts, and settings, used to create a unique identifier for tracking the user across the internet. Audio fingerprinting, on the other hand, involves using a device’s microphone to identify the audio signature of the environment in which the user is located.


2. Sending unencrypted data to China

Another claim against TikTok is that the app collects and sends data to servers controlled by the Chinese Government.

In July 2020, the encrypted email service ProtonMail published a blog post claiming that TikTok’s app was sending unencrypted data to servers in China. It suggested that such data rerouting could potentially allow the Chinese Government to intercept and analyze the data.

However, TikTok denied the claim, stating that it does not send user data to China.


3. A Redditor’s reverse engineering

In December 2019, a Reddit user named Bangorlol published a series of posts claiming to have reverse-engineered TikTok’s app. The user observed the app collecting a large amount of data from users’ devices, including the clipboard content. Such data could potentially include sensitive information such as passwords and financial data. The posts went viral and sparked widespread concern about TikTok’s data collection practices.


4. Penetrum’s report

A cybersecurity firm Penetrum published a report claiming that TikTok’s app contained multiple vulnerabilities that could allow hackers to access users’ accounts and personal information.

The report also claimed that TikTok was sending data to servers in China. And that the company’s privacy policy was unclear about the types of data it collects and how it is used.

TikTok disputed the findings of the report, stating that it had addressed many of the vulnerabilities and that it takes user privacy and security seriously.


Propaganda & censorship within China

China Flag

Propaganda and censorship are pervasive in China and are tightly controlled by the Chinese Government. The Government uses propaganda to promote the ideology of the ruling Communist Party and to shape public opinion on domestic and international issues. Censorship is used to control the flow of information and limit criticism of the Government.

Censorship in China extends to social media platforms such as TikTok and WeChat, which are required to censor content that is regarded as politically sensitive or harmful to social stability. This censorship can take many forms, including the removal of posts, the suspension of accounts, and the blocking of certain keywords and hashtags. 

Moreover, the Government has implemented a system of censorship known as the ‘Great Firewall‘, which blocks access to certain websites and online services. It also employs a large number of people known as “Internet police” who monitor online activity and censor content deemed inappropriate or subversive.

Propaganda is also a crucial part of the Chinese Government’s approach to media and information control. It uses a range of tactics to promote its policies and ideas and to shape public opinion. They include state-controlled media outlets to disseminate government messages, the control of online discussion forums, and the use of paid online commentators to influence online conversations.

One of the critical goals of propaganda and censorship in China is to maintain social stability and prevent the spread of ideas that are deemed to be harmful to the Government or social order. This includes suppressing information about politically sensitive topics such as Tibet, Taiwan, and the Tiananmen Square massacre, as well as controlling discussion of sensitive topics such as human rights abuses.

Has TikTok censored information or spread propaganda?

Internet censorship statistics

There have been allegations that TikTok censors information and spreads propaganda, particularly in relation to topics that are sensitive or controversial in China.

Documents leaked to The Guardian

In 2019, The Guardian published an article citing leaked documents that revealed how TikTok moderators censor certain content, like videos featuring political protests, and to promote content that paints China in a positive light.

According to the documents, moderators were also told to suppress videos from users with low income or physical or mental disabilities. TikTok responded to the allegations saying it no longer applied the guidelines cited by the article.  Additionally, it clarified that the Chinese Government never asked TikTok to remove any content, and it would not do so if asked.


Censoring a video about the Uighurs

In another instance, TikTok was accused of censoring a video that discussed the treatment of Uighurs in China.

The video was created by a user who was criticizing China’s treatment of the ethnic minority group. It reportedly received over 1.6 million views before TikTok removed it for violating the app’s community guidelines. TikTok later stated that the video was removed due to a human moderation error and restored the video.


Censorship of Hong Kong protests

TikTok has also faced criticism for its handling of content related to the pro-democracy protests in Hong Kong.

In 2019, reports emerged that TikTok was censoring videos that mentioned the protests or featured footage of the protests. TikTok responded that the censorship was due to a human moderation error. It also assured to review its policies to prevent similar errors from occurring in the future.


TikTok’s data collection practices

make TikTok account private

One of the biggest concerns about TikTok is the likely sharing of collected data collected with the Chinese Government. While TikTok has denied it, many fear that the company could be compelled to leak private data. This has raised concerns about the potential for the Chinese Government to use TikTok to spread propaganda and fake news, both in China and abroad.

TikTok data collection and usage

TikTok collects a wide range of data from its users, including personal information, device information, location data, and content-related data. Data is collected using different methods, including when users create an account, use the app, and interact with the app content. According to TikTok’s privacy policy, some of the data it collects includes:

  • Account information, such as name, email address, and phone number
  • Profile information, such as username, age, gender, and profile picture
  • Device information, such as device type, operating system, and network information
  • Location information, such as GPS data, IP address, and WiFi access points
  • Usage information, such as search queries, content viewed, and interactions with other users
  • Content-related information, such as the audio and video of the content users create and upload to the app

TikTok collects this data to provide and improve its services, personalize content and ads, and for security and fraud detection purposes. The company also notes that it may share user data with third-party service providers, business partners, and law enforcement authorities.


Other methods the Chinese government collects user data

The Chinese Government could use similar methods to those of Cambridge Analytica. In particular, the Government targets social media sites and users’ online activities. They employ sophisticated surveillance systems to track and analyze online behavior. 

In the past, the Chinese Government has been accused of cyber espionage to obtain sensitive data from other governments and organizations. Furthermore, it steals data by collaborating with other private companies.

For instance, China reportedly urged Huawei to build backdoors into its products, allowing the Government to access users’ information

As for collecting data from big companies and governments, China can do so by spying on political leaders or tapping their communication channels. Moreover, it hacks into other Government’s networks to obtain sensitive information that could give them an edge in political wars.


How TikTok’s data collection practices compare with Meta

TikTok’s data collection practices are similar in many ways to Facebook’s, but there are also some key differences. Both platforms collect a wide range of data from users. That includes personal information such as email addresses, names, and phone numbers, as well as more behavioral data such as location, browsing history, and search queries.

Unlike TikTok, where most of the data is collected via its main platform, Meta (Facebook’s parent firm) collects user data from various platforms, including its subsidiaries such as Instagram, Messenger, WhatsApp, Facebook, and Oculus. The company understands the importance of data and hence uses all means to gather as much information as possible, to the point of even being a victim of illegal data collection practices.

Another critical difference between TikTok and Facebook is how they handle user data. Facebook has a long history of data breaches and privacy scandals, whereas TikTok’s allegations are mostly unsubstantiated. However, TikTok has been criticized for its lack of transparency around data collection and usage.

Facebook also uses Pixel, a tracking code that can be installed on a website to track visitors and their behavior on the site. It collects data such as page views, clicks, and purchases and sends that data back to Facebook to be used for advertising and analytics purposes. It allows Facebook to create a detailed profile of users’ online behavior. And that’s not just on Facebook-owned platforms but across the entire internet.

Most developers also depend on Facebook’s software development kit (SDK). Apparently, it enables users to log in to different apps using their Facebook details. But this functionality also serves as a gateway for sharing data across multiple platforms.

While TikTok and Facebook may collect similar amounts of user data, Facebook’s data collection practices are more widespread and comprehensive. It tracks users across the entire internet and shares their data with numerous third-party apps and services.


Should regular users use TikTok?

Whether or not regular internet users should use TikTok is a matter of personal preference. While there are concerns about the app’s data collection practices and ties to the Chinese Government, many users enjoy using TikTok. Compared to apps such as Facebook, TikTok collects far much fewer data. 

VPN

If you’re an average person, the best course of action is to know the potential risks associated with using TikTok. Additionally, taking steps to protect their privacy, such as using a VPN and limiting the personal information shared on TikTok, is paramount.

Should TikTok be restricted in different scenarios?

Restriction

There are valid arguments for why TikTok should be restricted in certain scenarios, particularly those involving sensitive information.

For instance, government employees, politicians, and executives often hold a significant amount of valuable information that could be compromised if accessed by the wrong parties. These individuals must take extra precautions to keep themselves and the information safe.

While there is no evidence suggesting TikTok’s use for spying on behalf of the Chinese Government, it is technically feasible. The close ties between Government and the Chinese tech industry raise concerns about the app’s potential to be used for espionage. Therefore, it is essential for those who hold sensitive data to be cautious and not use TikTok in any scenario that could jeopardize their national security.

In fact, some organizations and individuals have already taken steps to restrict the use of TikTok. For example, the US Army has banned soldiers from using TikTok on government-issued phones. Likewise, the Democratic National Committee has warned its staff against using TikTok on personal devices. Similarly, the Senate has voted to ban federal employees from downloading TikTok on government-issued devices.

Yes, TikTok may pose potential risks, but it is not the only app that collects user data. Other popular apps and social media platforms, including Facebook and Instagram, also collect vast amounts of user data. However, the close ties between the Chinese Government and industry raise unique concerns that cannot be ignored.

While a general ban may be too extreme, restricting the use of TikTok in certain sensitive scenarios may be necessary to safeguard sensitive information.

TikTok’s efforts to distance itself from propaganda and censorship concerns

TikTok has come under scrutiny for its connections to the Chinese Government and the potential for censorship and propaganda. Nonetheless, TikTok has tried to distance itself from these issues, assuring users of its commitment to transparency and privacy.

However, most of these attempts are PR-related and are meant to improve the app’s public image and reputation.

  • In October 2019, TikTok announced a ban on political advertising on its platform, citing concerns about transparency and accuracy in political campaigns and avoiding the spread of propaganda.
  • TikTok reported its plan to hire more than 10,000 individuals in the United States.
  • The company hired an American, Kevin Mayer, as the CEO. Mayer is the former CEO of Disney.
  • TikTok releases transparency reports to the public to show the number of videos removed from the platform. 
  • It has established a transparency center in Los Angeles and Washington where outside experts can review its content moderation policies and practices.
  • The app launched an advisory council consisting of two former congressmen and academicians from the law, tech, mental health, and Government to guide its content policies. 
  • Manipulated content, such as deep fakes or shallow, was banned.
  • TikTok has collaborated with experts to protect it from foreign influence. 
  • It partnered with Lead Stories and PolitiFact to monitor misinformation during the 2020 US elections. 

TikTok security issues addressed so far

Security
  1. Vulnerabilities in the SMS verification process: In 2019, Check Point Research identified vulnerabilities in the SMS verification process used by TikTok, which could allow hackers to take over user accounts. TikTok fixed this issue by implementing more secure verification methods.
  2. Collection of MAC addresses: Researchers discovered that TikTok was collecting MAC addresses, which are unique identifiers for network interfaces, from Android devices. This could potentially be used for targeted advertising or tracking. TikTok stated that the collection was unintentional and issued a fix.
  3. Access to user clipboard: It was discovered that TikTok was accessing the clipboard on iOS devices, potentially allowing the app to read any data that a user had copied to their clipboard. TikTok claimed this was due to an anti-spam feature and issued a fix to stop the app from accessing the clipboard.

Does it make sense for TikTok to spy? 

Based on available information, the likelihood of TikTok being used for spying purposes is not high.

However, as noted earlier, the possibility cannot be completely ruled out. The fact that TikTok’s parent company is situated in China, a country with strict laws regarding data and national security, does raise concerns.

Additionally, the large amount of data that TikTok collects on its users could potentially be used against other countries, organizations, and executives. 

On the other hand, the CIA has stated that there is no evidence of past government spying. Moreover, TikTok is being watched closely by cybersecurity researchers, politicians, the media, and intelligence services. As a result, any major spying would be detected relatively quickly.

Ultimately, the decision to restrict or ban TikTok depends on the individual or organization’s risk tolerance and the sensitivity of the information they possess. Although, a general ban on TikTok may be too extreme. However, restricting its use in certain scenarios, such as in high-level government positions or companies handling sensitive information, may be reasonable. Considering the potential risks and benefits of TikTok and other apps collecting large amounts of data is also critical.

Is the TikTok ban feasible?

On top of the logistical challenges of a TikTok ban, there are also legal and constitutional considerations. In the US, for example, any move to ban TikTok would likely invite legal action on the grounds of free speech and due process. In addition, it is unclear whether the Government has the legal authority to ban a specific app outright or whether such a move would require legislative action.

If the TikTok ban were to be implemented, it would most likely be through major players in the tech industry, such as Apple and Google. If the two tech giants banned TikTok in their app stores, it would see a significant decrease in its usage.

However, this would not entirely prevent users from downloading the app. Jailbroken iPhones and rooted Android phones can still access the app. Various sites provide third-party apps that users can still install on their phones. 

Another option is to instruct ISPs to block TikTok but this could still be a challenge. Likely, ISPs will not keep the app from working on their network. The app’s popularity and its constant push for new features give it leverage. It has become most people’s source of entertainment, especially for the younger generations.

Furthermore, banning TikTok would escalate tension between US and China. As previously mentioned, TikTok’s parent company, ByteDance, is based in China. So banning TikTok may appear as an attack on Chinese businesses, resulting in retaliation from the Chinese Government.

At this point, the TikTok ban may only be feasible in theory. In actual sense, the move is likely to face significant challenges and obstacles. Thus, many experts have called for a more nuanced approach to addressing the privacy and security concerns associated with TikTok, such as increased transparency, stringent security regulations, and closer scrutiny of the platform’s data practices.

Is TikTok still dangerous for users’ privacy?

Safe Illustration

TikTok remains a subject of controversy due to its data collection practices, censorship, and spreading of propaganda. While the app has been vigilant in addressing some of these concerns, most people are still skeptical about its use. 

There are still some legitimate concerns about its data collection practices. TikTok collects a wide range of user data, including location, search history, and device information. This data is used to personalize content and advertisements. However, the practice also raises questions about how the data is used and whether third parties could access it.

The United States and China have a very heated relationship. The fact that a Chinese company owns Tiktok escalates the situation. There are worries that if the Chinese Communist Party gains access to users’ private data, they could use it to distort the status quo. Besides using the app to spread propaganda, the Chinese government could use it as a tool for surveillance of online activities, censorship of political content, and tracking of individuals.

How is TikTok different from other platforms?

We all know social media has become a big part of our daily lives. Since TikTok’s popularity, there have been debates on how the app differentiates itself from other social media platforms. There are a few aspects that make TikTok different from other platforms: 

  • TikTok banned political ads: Unlike other social media platforms, TikTok banned political advertising on its platform in 2019. This decision was made to promote a safe and positive environment for users to engage with content and avoid the spread of misinformation or propaganda.
  • TikTok’s audience skews young: The platform has become especially popular among younger users, with a significant portion of its user base comprising Generation Z and millennials. New York Times reported that 18 million, which makes up a third of TikTok’s daily active users in the United States, are under the age of 14 years. These younger users are attracted to the platform’s short-form videos and creative, often humorous content. The videos on TikTok are often centered around dance trends, lip-syncing, and comedic skits.
  • TikTok is a short-form video-streaming app: TikTok’s format differs from other social media platforms. It is a short-form video-streaming app, with most videos lasting between 15 and 60 seconds. This differs from other social media platforms, typically allowing for longer-form content. The app allows users to easily edit and enhance their videos with music, filters, and other effects.

So what do we do about TikTok?

The dilemma of what to do about TikTok is a contentious issue. There are varying opinions on handling the concerns about TikTok data privacy, censorship, and propaganda. Here are some of the proposed solutions:

  • Ban TikTok: This is perhaps the most extreme solution to the problem. The United States government has already attempted to ban TikTok through executive orders, but the legality of these bans has been challenged in court. Some argue that a complete ban on TikTok is necessary to protect national security and prevent the Chinese Government from accessing sensitive information. However, others argue that a ban on TikTok would be a violation of free speech and an infringement on individual rights.
  • Sell TikTok to other investors: Another proposed solution is for ByteDance to sell TikTok to another company. This would ensure that the app is no longer owned by a Chinese company and alleviate concerns about Chinese government influence. However, it is unclear who would be willing to purchase TikTok and whether a sale would ultimately address the concerns about data privacy and censorship.
  • Allow TikTok to operate as is but under close scrutiny and tighter regulations: The solution would involve allowing TikTok to continue operating in the United States but with stricter oversight and regulations. This could include increased transparency about data collection and usage, mandatory audits, and penalties for violations. However, it would require significant collaboration between TikTok and the Government. However, such an approach would be effective in addressing the concerns about TikTok.

Future recommendations

  • Improved regulation: Improved regulation of technology products, particularly those with ties to the Chinese Government, could help to address concerns about data collection and privacy.
  • Increased transparency: TikTok could be more transparent about its data collection and usage practices. This will reduce the need to put the app under scrutiny.
  • User education: Users could be educated about the potential risks of using TikTok and how to protect their privacy.
  • Alternative platforms: There is always a chance to choose alternative platforms to TikTok that prioritize user privacy and security and are not tied to the Chinese Government.
  • International cooperation: Healthy relationships with other countries could be improved to address the global challenges technology products pose. The United States could improve ties with the Chinese Government to curb the heated clash.

FAQs

TikTok collects user data, including device information, location data, and user-generated content. Those details are then used to personalize content, target ads, and improve the app’s performance. However, experts keep raising concerns about the extent of data collection and how the platform shares collected data with third-party companies.

Despite the inherent risks associated with using any social media platform, users can take steps to protect their privacy on TikTok. These include setting a strong password and limiting the amount of personal information shared on the platform. You also need to be mindful of the types of content shared and engaged with on the app. Using a security and privacy tool like a VPN is also recommended.

There have been several privacy scandals involving TikTok in the past few years as highlighted above in our article. Many countries called for the app to be banned in 2020 after allegations that it collected and shared user data with the Chinese government. The company has since denied these allegations and taken steps to address privacy and security concerns.

TikTok has implemented several measures aimed at improving user privacy. Those include enhancing data security and improving transparency around data collection and sharing practices. The app now provides users with more control over their data, too. Still, more needs to be done to address privacy concerns on the platform.

Share this article

About the Author

Abeerah Hashim

Abeerah Hashim

Security Expert
174 Posts

Abeerah is a passionate technology blogger and cybersecurity enthusiast. She yearns to know everything about the latest technology developments. Specifically, she’s crazy about the three C’s; computing, cybersecurity, and communication. When she is not writing, she’s reading about the tech world.

More from Abeerah Hashim

Comments

No comments.