TikTok Security Concerns

Youth opening up tik tok on her phone

With the recent congressional hearing on TikTok security and data privacy rules, we thought we might take a slight deviation from our typical coverage to discuss a topic that is on a lot of lips.  Along with some comical moments that highlighted almost complete ignorance from several members of congress on how the internet works, there has been a lot of discussion of data privacy.  Also, a key point that has been much debated is the risk that the app can pose.

What Data TikTok Collects

Let’s start by looking at the data that TikTok collects about you when you sign up with an account.  TikTok receives names, ages, phone numbers and emails when people sign up for the service. The app also knows users’ approximate locations and mobile device identifiers, such as IP addresses.

TikTok also gathers additional data about you as you use the app.  It sees what your interests are, what you like and don’t like based on the content you consume.  That data can be very valuable to advertisers seeking to target a specific group of people with shared interest.  The more concerning thing is that it can be used to create a complete profile of you that could be sold, or used for whatever TikTok wants.

TikTok’s privacy policy permits the company to gather a wide range of data from consumers keystroke patterns to biometric data.  They claim however to not take in or store all this data.  Keystrokes are supposedly only used for anti-fraud or spam purposes.  Editing features may use your biometrics to produce an effect but are not supposed to uniquely identify individuals.

While this may seem intrusive, in fairness it’s only slightly more data than many other tech giants like Meta and Google collect from their applications.

Why All the Hubbub?

One of the things that has lawmakers and many Americans alike more concerned about TikTok than many other social media apps is who owns it.  TikTok is owned by a tech giant named ByteDance that is based out of Beijing China.  The Chinese Communist Party exerts considerable influence over the nation’s tech companies.  Thus, many are seeing the data that China gathers as a national security risk.

“The CCP has a track record longer than a CVS receipt of conducting business & industrial espionage as well as other actions contrary to U.S. national security, which is what makes it so troubling that [ByteDance] personnel in Beijing are accessing this sensitive and personnel data,” Federal Communications Commissioner Brendan Carr recently said.

The combination of extensive data gathering and CCP connections has many folks uneasy.  It doesn’t seem to have stopped the apps popularity however, with approximately 150 million American users that breezed past TikToks privacy policy to sign up for the app.

Possible Implications

Adding to the concerns already mentioned are the possible implications of what this data could be used for in the future.  By pushing certain content or ideas TikTok can influence public opinion about politics, morality, and a host of other things.  They could also easily use the platform to show people content that supports their own objectives, or those of the Chinese government.

Business Implications and Security

Data privacy and security matter.  If those things are important to your business, you should be very careful on the way you use this app.  TikTok collects information from the messages you send with the app and doesn’t have end to end encryption like some other social media sites. 

If you decide that there is a need for it in your business Insider had some good tips about how to minimize the risk.

“In general, if you have concerns about any potential risks of using TikTok, your best bet may be to not use the app at all. Nonetheless, there are steps you can take to minimize the digital footprint you leave within TikTok.

  • Don’t overshare: Don’t use your full name or specify your age. Keep identifiable personal landmarks like street signs and schools out of view.
  • Don’t allow other users to find you: By default, TikTok shares your content with the entire app’s community. To prevent that, you can turn off “Suggest your account to others” in settings. 
  • Don’t let other users interact with you: Also in TikTok’s settings, you can disable privacy options like “Allow your videos to be downloaded” and to restrict “Who can send you direct messages” to just friends.
  • Make your account private: By setting your account to “private” in TikTok’s settings menu, you need to approve anyone who tries to follow you, and only your friends can see the content you have liked. “

While TikTok has risk, and is possibly one of the worst offenders, this is not the biggest security risk that users face today.

Many cybersecurity experts suggest keeping all this in perspective. “Of all the serious cyber risks facing the average consumer, TikTok isn’t on the top of the list. Most Americans ought to be way more concerned about credit card fraud and password protection than TikTok,” Monica Eaton-Cardone, co-founder and chief operating officer of Chargebacks911, said.“

Like all technology, be smart and proceed with caution. 

Photo by cottonbro studio