Here’s why President Trump is banning TikTok in the U.S. TikTok’s data collection should worry and scare every American
TikTok has been making the headlines over the past few weeks, although not for the reasons the company intended. Yesterday, we told you about President Trump’s plan to ban the Chinese video app due to national security concerns and possible spying by the Chinese government. With more than 800 million users worldwide and millions of users in the United States, TikTok is probably the most successful spying tool ever deployed by the Chinese government. For those of you who may not understand why President Trump is banning TikTok in the U.S., here is why.
In early January, The U.S. Department of Defense warned Americans not to use TikTok over national security concerns. Also in February, the FTC fined TikTok $5.7 million for illegally collecting personal data of children under 13. TikTok was also under investigation in the U.K. for how it collects and uses children’s personal information.
Since the beginning of 2o2o, TikTok has faced scrutiny from India, U.K and and U.S. government over its handling of user data and amid larger tensions between the United States and China. U.S. Secretary of State Mike Pompeo also said last month that the United States is “looking at” banning popular Chinese video app TikTok in the wake of the new law in Hong Kong.
In March, U.S. Senator Josh Hawley (R-Mo.), Chairman of the Judiciary Committee’s Subcommittee on Crime and Terrorism, also warned that TikTok poses a national security issue. Senator Hawley said the following in a senate hearing on March 4, 2020:
“TikTok is owned by a Chinese company that includes Chinese Communist Party members in leadership, and it is requires by Chinese law to share user data with Beijing. TikTok has admitted that it has sent user data to China. To put it bluntly, this is a major security risk for the American people. . . This legislation is a necessary step to protect the security of the United States and the data security of every American.”
Below is the video from the hearing.
Since the first committee hearing as chair last year, the State Department, the Departments of Homeland Security and Defense, and TSA have banned TikTok on federal government devices due to cybersecurity concerns and possible spying by the Chinese government.
Then on June 26, Apple caught the Chinese social app reading data from user clipboards. The new Apple iOS 14 beta detects that TikTok was reading data from user clipboards. The new iOS 14 feature later notifies the affected users. TikTok admitted to reading users’ clipboard and pledged to stop the practice.
However, what’s even more alarming is the amount and types of data TikTok collects about its users. According to TikTok’s own privacy policy, the Chinese app collects the following information about its users.
We collect information about the device you use to access the Platform, including your IP address, unique device identifiers, model of your device, your mobile carrier, time zone setting, screen resolution, operating system, app and file names and types, keystroke patterns or rhythms, and platform. We collect information about your location, including location information based on your SIM card and/or IP address. With your permission, we may also collect Global Positioning System (GPS) data.
But that’s not all. An anonymous redditor who recently reverse-engineered the TikTok app claimed it’s a huge data collection scheme. The annonymous software engineer redditor who goes by the name of “bangorlol,” claimed that TikTok is collecting too much user data after reverse engineering the controversial app. If true, this could be a cause for concern for the many who use the app, although the claims might not come as surprise to those who have been following the recent TikTok and user data security discussions. Below is what bangorlol said:
I’m getting together the data now and enlisted the help of my colleagues who were also involved in the RE process. We’ll be publishing data here over the next few days: https://www.reddit.com/r/tiktok_reversing/. I invite any security folk who have the time to post what they’ve got as well – known domains and ip addresses for sysadmins to filter on, etc. I understand the app has changed quite a bit in recent versions, so my data won’t be up to date. I understand there’s a lot of attention on this post right now, but please be patient.