The Privacy Risks of Using TikTok – What Data Is China Really Collecting?

TikTok has quickly become one of the most popular apps on the planet thanks to young people using it to make lip-syncing and stunt videos. It’s had so much success that Microsoft is currently negotiating to buy it.

But should you use Tiktok? Does it pose a threat to your privacy? Let’s find out.

What is TikTok?

TikTok is similar to Vine. If you’re unfamiliar with Vine, think of TikTok as YouTube but with much shorter videos. Unlike YouTube, TikTok only allows users to upload videos that are one minute or less. But just like YouTube, TikTok has its own version of influencers.

TikTok running on an iPhone device

Is TikTok a Privacy Risk?

It can be. To answer this question thoroughly we should first examine the amount of data it collects on its users. Then we can talk about what it does with the data it collects.

To start things off, security researchers have found TikTok collecting humongous amounts of user data. For an app that supposedly only wants to help people create and share videos, it seems rather peculiar that it collects the following:

  • The user’s location data
  • Comments made on the platform
  • Videos people have watched
  • The operating system of TikTok users
  • The model of the smartphone they’re using
  • Rhythms that users generate via keystrokes when they’re inputting text

Of course, apps generally need some data to operate efficiently and make the experience better for their users.

But TikTok has made all privacy-conscious users wary about its data collection program. Recent media reports found that the app unnecessarily reads the content of its users’ clipboards when they copy and paste material from one place to another.

Researchers found the same problem with more than a dozen other apps as well. Some of the apps that read user clipboard contents include:

  • BBC News
  • New York Times
  • LinkedIn
  • Reddit

That should put into perspective that whatever data TikTok is collecting on its users is, while wrong, not unheard of in the app industry.

TikTok running on an iPhone with floating logos on the background

Another problem with using TikTok is that it’s a Chinese app. Businesses in China haven’t proven themselves to be careful with user privacy when they’re collecting vast amounts of data on them.

The U.S. Secretary of State, Mike Pompeo, recently said that Americans using TikTok were risking their privacy and exposing their data to the Chinese Communist Party. On the other hand, TikTok has strictly maintained that the company doesn’t collect and store data on Chinese servers.

Theo Bertram who works as the head of public policy at TikTok told BBC in a recent interview that the suggestion that TikTok, as a company, was under the control of the Chinese government was false.

However, there’s little doubt that whatever data TikTok is collecting, it isn’t more than what Facebook is collecting on its users.

In any case, if you go to TikTok’s privacy policy page, you can see that the service not only records the videos you watch and how long you watch, it also collects your IP address. Users who aren’t careful about the permissions they give to different apps may also end up allowing the TikTok app to know their exact location.

In addition to the data mentioned so far, TikTok also can collect a user’s phone contacts and data from other popular social networking sites. If given full permission, the TikTok app tops everything off with the user’s actual phone number and their age.

a person with long nails holding an iPhone which is running TikTok

It shouldn’t take a lot of convincing to see that TikTok collects data for more than just showing users personalized ads. The app essentially wants to know the user as a person which means it ends up knowing the user’s family and friends along with what the user likes to say to their friends, what jokes they like and the user’s personality type.

A representative of the privacy app Disconnect told the Washington Post that even though all social media and video platforms collected vast amounts of data on their users, TikTok was abnormal even among such apps. In other words, it collected too much data from users and then sent that data to its own servers.

How to Protect Your Privacy on TikTok

a person holding a phone which is concerned about privacy protectionDue to privacy issues, TikTok has been banned in a growing list of places; a list that may soon include the U.S. Law enforcement agencies in the U.S. are concerned that the app shares data with the Chinese government and that China may use the app to censor information on the internet.

Some reports have mentioned that TikTok guidelines actually ask the moderators of the app to censor videos that may tell certain historic events in a light that the Chinese government may find offensive.

Pro Tip:

If you want to use TikTok because all your friends and family do despite the privacy risks involved, then you should use a VPN service to hide your IP address and data.

A VPN service can hide your true IP address, give you a new IP address, encrypt your data and block a major portion of the paths that apps like TikTok take to collect your data. Apart from that, there are lots of small things you can do to minimize your privacy risks while on TikTok.

After using a VPN service, you can go to the settings menu of TikTok and disable the Personalized ads option. TikTok will probably still collect data on you but it won’t show you targeted ads.

Moreover, don’t give TikTok your real information. You’re not applying for a job or signing up for a local community club. In other words, there’s nothing stopping you from giving TikTok fake information about yourself.

Don’t give it permission to see your social media profiles or your contacts. Always use a burner email address for apps like TikTok and a pseudonym.

a lock surrounded by smart devices

A lot of TikTok users don’t seem to know that they can still use the TikTok app if they don’t provide their email address or phone number. Of course, they’ll have to forgo an account on the app but the returns are worth it.

TikTok allows users to watch all the videos on the app even if they’re not logged on. You’re going to have to follow your favorite creators on other platforms that don’t collect so much data on you. Also, you can forget about uploading videos if you value privacy.

TikTok Has a History of Privacy Risks and Malpractice

a person using a laptop to read the privacy policy

Once a user opens the app, TikTok notches up network requests in the hundreds within the first few seconds. The Washington Post reported that even though the total size of the data TikTok sent back to its servers was around 500 kB or half a megabyte, in terms of typed data it would amount to 125 pages.

As mentioned before, the majority of the data TikTok sends back to its servers contains information such as screen resolution and an advertising identifier.

Note:

Privacy experts warn that TikTok or any other entity that has such data can use it to fingerprint the user’s device regardless of whether or not a user has logged in.

The other problem is that there’s no easy way to know the extent of TikTok’s data collection program.

TikTok, just like all similar apps, uses different technical steps to encode the app’s activity. Therefore, it’s impossible for security researchers to fully understand the scope of the data collection processes going on in the background. TikTok representatives say that they obfuscate some of the app’s activities so they can block those who would manipulate their app and hack its users.

a group of women filming themselves for tiktok

It was only a couple of months ago when some developers from Mysk found that TikTok, along with many other apps, accessed the clipboard contents of iPhone users even when the users were not actively using the app. After numerous complaints, TikTok updated the app to bring an end to such data collection but maintained that the measure was taken to stop spam.

Last year, Check Point researchers discovered small bugs in the TikTok app which, if exploited, could enable hackers to access user data without permission. TikTok came out with an update and fixed that as well.

If you look back a bit further, TikTok had to pay a fine of about $5.7 million to the FTC because it violated privacy laws pertaining to children in the country.

Tiktok on the AppStore

TikTok, known as Musical.ly at the time, responded by enhancing the parental controls that came with the app. Even with the enhanced controls, some feel that the app can do better.

Whatever the case may be, it’s best to either not use TikTok, limit its use or use it with a VPN app on your smartphone.

Leave a Comment