TikTok, the social media platform that allows users to create and share short videos, has gained immense popularity in recent years, especially among young people. However, as TikTok’s popularity has grown, so have concerns about the platform’s impact on privacy. This article will expose what TikTok does with our information.
One of the main concerns about TikTok is how it collects and uses people’s information. According to the platform’s privacy policy, TikTok collects a wide range of data from users, including their location, device information, browsing history, and even their contacts and messages. This personal information is then used to personalize the content users see on the platform and to target ads to them.
However, the way TikTok collects and uses this data has raised concerns among privacy experts. A report by the Australian Strategic Policy Institute concluded that TikTok collects data from users without their explicit consent and that these practices are “excessive and unnecessary.” The report also concluded that TikTok’s privacy policy is not transparent and that users do not have sufficient control over their information.
One of the ways TikTok invades our privacy is by collecting data through device permissions. When users download the app, they are asked to give it access to various device functions, such as the camera and microphone. This allows it to collect data from users’ devices, even when the app is not in use. In addition, the social network collects personal information from users’ browsing history, including the websites they visit and the search terms they use.
Another worry about TikTok is the way it stores and manages this information. According to the same report by the Australian Strategic Policy Institute, TikTok stores user data on servers located in China, meaning that the Chinese government could have access. This has raised concerns about the potential misuse of the data, especially in light of China’s history of human rights abuses and lack of privacy protections.
In addition, TikTok’s terms and conditions have been criticized for being overly broad and giving the platform significant leeway in how it can use user data. The platform’s privacy policy states that TikTok can use user data for “research and development,” “advertising and marketing,” and “other commercial purposes.” This means that TikTok may use user data for a wide range of purposes, including targeted advertising and data mining.
Also, TikTok’s terms and conditions state that the platform may share user data with third parties, including “affiliates and partners.” A new study conducted by the consulting firm URL Genius, reveals that Youtube is the social network that collects the most data from its users. However, 71% of the data is used internally to, for example, improve its content recommendation system or offer personalized advertising. In contrast, TikTok is the social network that shares the most data with third parties and that’s exactly what is more dangerous for users information.
The problem is that it is impossible to prove that the popular application is sharing data, as it is information that its owners keep private. TikTok’s website says it stores all TikTok US user data in the United States, with a copy in Singapore. “Our data centers are located entirely outside of China, and none of our data is subject to Chinese law.” There is no other specific information on TikTok’s website about where user data is stored.
A BuzzFeed investigation revealed that, although the data was not stored in China, TikTok engineers in the Asian country were able to access U.S. customer data. Specifically, they had access to audios of more than 80 internal meetings in which it was clear that employees working from this country had “access to non-public data about U.S. users” between September 2021 and January 2022. “A lot of people started asking us what kind of data they could collect, so we set about analyzing it to find out what information they were collecting,” explains David Robinson, one of the authors of the research.
Upon analyzing the application’s code source, they realized that the intrusiveness was greater than the company claimed. “TikTok collects a lot of data for their advertising-based business model. We discovered that they check the user’s GPS location every hour and continuously request more data from the user. We also discovered that they have access to the calendar and all currently running apps, including the bank app, for example,” says the cybersecurity specialist and retired Australian Army intelligence officer.
The report by Internet 2.0, a company based in Australia and the United States, also highlights that much of the data the app collects has nothing to do with its operation. “We don’t know where the data goes or how they use it, so it’s hard to speculate. That’s what TikTok has to say,” replies the CEO of this company, who prefers not to get involved in this matter. “We only analyze their source code and IPs”. In any case, this technical analysis is what led them to conclude that TikTok was sending iOS users’ information to at least one server located in Baishan, in northeastern China. They also found sending to subdomains in Australia, Indonesia, Malaysia and France, while TikTok’s terms and conditions ensure that data is only stored in the United States and Singapore.
The social media has denied that the data is stored in China and they claim that the IP connection shown is in Singapore, not the neighboring country. “Network traffic does not leave that region. It is categorically false to insinuate that there is communication with China,” a company spokesman told ‘The Guardian’, where he stressed that these are “unfounded claims” and the result of “ignorance of how mobile applications work”.
Internet 2.0 has assured that they made all their research “available to TikTok for comment and verification”, but that the social network “refused to respond about its China-based infrastructure”. “We had several IP addresses that connected to a subdomain in China,” Robinson says while stressing that “it’s hard to deny that there were connections to China over time in the DNS data; it’s their word against their code.”
The authors of this study have stated that it doesn’t matter where the data is stored because “they can access it anyway.” According to this research, TikTok’s U.S. workers “did not have permission or expertise to query the data on their own,” so they had to “rely on their colleagues in China” to do so. In one of the recordings, one of the employees claimed that “everything is viewed in China”. On this occasion, the platform responded with a statement in which it did not clarify anything.
This is far from the first time that TikTok has raised alarms about its relationship with the Chinese government. Former President Trump argued precisely what the leaked recordings have confirmed. Republican Marsha Blackburn has sent a letter demanding explanations from the company, while Democrats Mark R. Warner and Marco Rubio have asked the Federal Trade Commission (FTC) to investigate the data processing.
FBI Director Christopher Wray warned the U.S. federal government that China may be using TikTok to monitor or influence users’ devices. He spoke on the topic at the Josh Rosenthal Education Fund Conference last month, telling students that the FBI has national security concerns about TikTok, saying it “gives [the Chinese government] the potential to leverage the app in ways that I think we should be concerned about . .”
According to Wray, China can control the recommendation algorithm in TikTok to manipulate or influence users, can collect user data “for traditional espionage operations,” and can engage in “malicious cyber activities” through the app, he said. “All of these things are in the hands of a government that does not share our values and has a mission that is very much at odds with what is in the best interests of the United States, which should concern us,” Wray added.
At least 20 public universities have also taken steps to ban TikTok in recent months, restricting access of school computers, cell phones and school WiFi.
In conclusion, many studies agree that Tiktok invades our privacy more than other social media. The problem is that the Asian media shares data with third parties but it is not known who they are and whether they are foreign governments trying to collect information about the United States. A few days ago, the European Union threatened to ban TikTok in 27 countries if the social network does not comply with the new Digital Services Act that was passed a few months ago in the parliament. In addition, the Chinese application has already been banned on all government devices in 33 U.S. states for fear that the Chinese government may have access to classified information or that it may be a risk to national security.