Blog

TikTok Accesses Users’ Personal Data

The Federal Communications Commission (FCC) recently requested Apple and Google to remove TikTok from their app stores amid concerns over the China-based app’s parent company misusing user data. The FCC claimed TikTok was gathering users' browser and search histories, keyboard patterns, biometric identification information, and metadata, among others. 

TikTok’s parent company ByteDance had come under fire during the Trump era when the authorities had demanded that TikTok separate its American interests from the Chinese parent company ByteDance. There were also talks of Microsoft acquiring the company in August 2020, but the deal fell through in September. 

TikTok is accessing your data

Since its inception, TikTok had pledged to address data privacy concerns by storing user data in the United States rather than China, where its parent company ByteDance is based. But, according to audio from more than 80 internal TikTok meetings obtained by BuzzFeed News, ByteDance workers in China frequently accessed data about the social platform's US users.

Screenshots and other documentation back up the recordings, ranging from small-group meetings with company executives and consultants to policy speeches. Earlier assertions that employees stationed in China had access to US user data are supported by this abundant proof. 

The proofs provide a vivid picture of the difficulties TikTok encountered in trying to separate its US operations from its parent business in Beijing. The evidence demonstrates that Chinese staffers of ByteDance accessed data much more frequently and lately than previously stated. 

The recordings illustrate that a significant amount of US user data, including public videos, bios, and comments, will not be solely stored in the Oracle server as TikTok continues to debate what data is safe. 

Instead, TikTok will keep this information at its Virginia data centre, which might still be accessed by ByteDance officials in Beijing even after Project Texas is finished. ByteDance staff in China could continue accessing the information about the interests of TikTok users in the United States, including everything from cat videos to political viewpoints.

The tapes imply that TikTok may have misled Congress, its users, and the general public by downplaying the possibility that employees in China might still access data kept in the US. The US user data was accessible to Chinese engineers from September 2021 to January 2022.

Employees of TikTok in the US were dependent on workers in China to access the data since they were unaware of how to do it and lacked the necessary authorization.

In the past, TikTok came under fire for how it gathered and used data, particularly from younger users. There have even been allegations that the company sent some sensitive user data to Chinese servers.

A new study by TheWrap shows that TikTok and ByteDance had complete access to your data.

The study was carried out by white hat security specialists, who ethically hack enterprises to test the security perimeters and warn the public of dangers. The source claims that five unbiased specialists corroborated their findings.

According to marketing firm URL Genius, TikTok and YouTube capture the most personal data of users than any other social media platform.

There is no way of knowing where your TikTok data has gone since TikTok allows third-party trackers on its platform, unlike YouTube, which gathers your data for Google. Even if you close TikTok, those third-party trackers can continue to monitor your behaviour.

Conclusion

TikTok has a history of aggressively gathering huge amounts of data from its users to follow them. The data collection algorithm used by TikTok is anything but straightforward. Whether a user creates an account and logs onto the app, TikTok is collecting data. In light of these findings, we recommend that you avoid using TikTok. Many other social media platforms do not have such a shady history regarding data collection.

Featured Posts

See All

September 27 - Blog

What is InfoStealer Malware and How Does It Work?

InfoStealer malware plays a key role in many cyber attacks, enabling extortion and lateral movement via stolen credentials. Learn the fundamentals about InfoStealers in this article.

September 26 - Blog

Blackwood APT Uses AiTM Attacks to Target Software Updates

Blackwood APT uses AiTM attacks that are set to target software updates. Is your organization prepared? Learn more in today's blog.

August 15 - Blog

Packetlabs at Info-Tech LIVE 2024

It's official: Packetlabs is a partner and attendee of Info-Tech LIVE 2024 in Las Vegas. Learn more about event dates and registration today.