Twenty-twenty didn’t only force us humans to rethink how we work; it also inspired us to review our concepts and definitions of online safety. Privacy now goes beyond being an add-on for applications. It has become an essential attribute for applications. It’s certainly not the desire of app makers that their apps be channels a hacker can exploit to mine private user data. Yet, there’s hardly a month that goes by without a user or group calling out a major social media or messaging company. Other times, it’s an employee choosing to blow the whistle on their employer. While users may point fingers at all big tech companies, one particularly interesting case is TikTok.
Also called Douyin in mainland China, TikTok took giant growth strides as people worldwide were stuck at home because of the coronavirus. But, why is TikTok’s case a curious one, and is the company stealing our online identity? That’s what this article explores.
A Background into TikTok and its Possible Security Issues
The Trump administration launched a national security review in the wake of its 2017 acquisition by China’s ByteDance.
For anyone familiar with the privacy concerns that surrounded FaceApp a couple of years ago, TikTok’s case is similar. Some say TikTok is a deadly Trojan horse for China’s Communist Party’s spying expeditions. They highlight the broader concerns about the impact and influence of companies of Chinese origin in the United States and elsewhere. There are grave indications that China’s government is complicit in privacy. The typical US small business remains wary of cyber threats from China.
It’s always important to clarify the dichotomy between TikTok and Douyin, even though most articles refer to them as synonyms for the company once called Musical.ly.
TikTok’s Big Problems
US lawmakers believe the app will eventually become a major tool for adding a viral element to Chinese propaganda. There are even terrorist implications, according to some observers. Many say ISIS posts radical messages on the app. As if that’s not enough, The Guardian’s investigation shows that the Chinese government ensures TikTok censors videos it cares deeply about. It includes videos on Taiwanese autonomy and Tibetan Independence.
The more popular the app becomes among nationals of a country, the more influence China’s government can have on the population.
The second issue with the app is the potential for collecting information on users. This problem is a far bigger one because most people are unaware of how much data they share online. Of late TikTok has started displaying video views publicly for all users posing a threat to privacy to its users.
China may conduct greater surveillance using “back doors” or trails left by military or government personnel using the app.
Now, we can see how much the app’s privacy problems are and whether they are easy to deal with.
TikTok’s Position on the Safety of User Data
Despite all the backlash, TikTok has remained coy on its relationship to China and how it handles user data. The company’s Global Head of Security, Roland Cloutier, points out its commitment to robust security practices.
Their approach even includes engaging multiple third-party firms to audit its technology alongside in-house experts. But this only seems to spot vulnerabilities in the system. His statement does not quite say that TikTok isn’t deliberately collecting data for ulterior purposes. However, Cloutier is a seasoned security expert with stints at ADP, the US military, and the Department of Veteran Affairs.
An Objective Analysis of TikTok’s Data Collection Practices
Should users become paranoid about the data collection practices of a famous digital outfit simply because of its links to China? It might well come across as witch-hunting. Mobile security experts admit that data collection at TikTok mirrors those at US-owned competitors with an ad-based model.
The iOS app collects standard analytics information, for instance. The user’s device model, operating system, screen resolution, and time zone are a few. A Guardian Firewall app’s iOS security researcher, Will Strafach, thinks app data collection is a concerning trend. But, he admits Tik Tok is in its infancy compared to others.
The Current Cybersecurity Issues For TikTok
There’s no foreseeable end to the tug-of-war between social media app TikTok and users over how it handles data. Yet, it’s to review some of the hard facts about the company’s methods and records.
In 2019, TikTok agreed to pay $5.7 million – a record – to the FTC after an alleged illegal collection of personal information from children under the age of 13. In the first quarter of 2021, the company has also agreed to pay $92 million in settlements across dozens of lawsuits alleging the same thing for a broader user demographic. Accusers say the company collected information using facial recognition technology, all without consent. It also shared this data with various entities in China.
The more recent settlement applies to 89 million US users. TikTok violated state and federal law in tracking and selling the data to advertisers.
Data breaches and identity thefts are already at all-time high. Identity fraud concerns 63% of Americans, and every other week, we hear news stories on how a company is a victim of a data breach and how millions of users are victims of identity theft.
Principal Security Strategist at Synopsys Software Integrity Group, Tim Mackey, highlights the inability of 40 percent of TikTok’s user base – the 10-19 years old band – to “detect or understand” the implications of scams. He believes app developers have a social responsibility to protect users from data-harvesting schemes.
Steps to Take to Be Safe From Online Threats
TikTok’s US case is not unique. Apps, mainly social media apps, can present a baggage of privacy issues. The sheer reach of these apps makes it difficult to tackle them head-on. For instance, TikTok has more than one billion users in 150 markets outside China. A good deal of ingenuity is necessary to detect the most subtle attempts at identity theft.
Here are a few things to do if you want to be safe online:
1. Apps can’t have your data if you don’t give it to them. In TikTok’s case, you can avoid the app. If you do, be sure not to link your account to other social media platforms.
2. Use a strong password (a passphrase, preferably) and a password manager.
3. Parents should put proper protections in place if their kids are going online. Monitor their activity and teach them not to share any personal details.
4. Consider using an identity monitoring service. Such services can help prevent the sharing of your data if it doesn’t sit well with you. An ID monitoring service can scour the dark web for traces of your information and promptly notify you.
Is TikTok Doomed?
With all these privacy issues, one would wonder how certain the fate of the app is. The US government’s threats to execute TikTok ban, the app might not hold up after all – it’s a new administration. TikTok itself is doing what it can to remain the relevant app that it came to be during the coronavirus lockdowns worldwide.