TikTok's privacy impact analysed

By Dylan Bushell-Embling
Monday, 13 January, 2020

TikTok's privacy impact analysed

Popular Chinese social media app TikTok demands a potentially concerning level of device control, but there is no evidence this control is being abused, according to Proofpoint researchers.

An analysis of the video sharing app’s privacy and data collection policies has found that the TikTok app requires a wide range of app permissions on both Android and iOS devices.

These include requiring full access to a device’s contact list, collecting detailed location data using GPS and other apps, and — on Android devices — the ability to access other apps running at the same time.

Proofpoint researchers found no evidence that TikTok abuses any of these abilities. But one concern raised by the company was the issue of data sovereignty.

TikTok’s website does state that all US user data is stored in the US, with backup redundancy in Singapore, and that no data enters the US and is subject to Chinese law. But there is no information on where data on users from other regions is stored.

Proofpoint researchers did note that TikTok’s recently published inaugural transparency report states that the company received no legal requests for user information from China during the first half of 2019. Meanwhile, the company received five requests from Australia covering a total of five specified accounts, the same report shows.

Proofpoint also noted that TikToks privacy model and controls are consistent with other social media platforms, but provide no bearing on what data is collected and stored by the company.

In conclusion, Proofpoint said TikTok should be treated like any social media app, in that it can be used with relative safety if a user is aware of the information it gathered and what it does with the data.

Image credit: ©stock.adobe.com/au/ink drop

Related News

ACSC outlines Office macro security measures

The Australian Cyber Security Centre has released updated information outlining steps that can be...

Unpatched Citrix bug being exploited

Cybercriminals are now actively exploiting an unpatched vulnerability in Cisco software that...

CrowdStrike report highlights 2019 cyber crime "trends"

Cyber attackers' average dwell time increased last year, with most cyber attackers aiming to...

  • All content Copyright © 2020 Westwick-Farrow Pty Ltd