TikTok poses “unacceptable security risk” and should be banned from app stores according to the FCC

TikTok mines user data

Federal Communications Commission commissioner Brendan Carr urged Apple and Google CEOs to remove TikTok from their app marketplaces. “TikTok creates an intolerable national security risk owing to its vast data collection being combined with Beijing's presumably unfettered access to that sensitive data,” Carr said in a letter to Tim Cook and Sundar Pichai dated June 24, 2022.

Data collecting to an extreme

TikTok mines user dataAccording to reports, TikTok gathers “everything,” including search and browsing histories, biometric identifiers like voiceprints and faceprints (which may be used in “unrelated facial recognition technology”), location information, and information saved on the clipboard, such as text, images, and videos.

Carr mentioned several cases as proof that TikTok's data harvesting procedures have been questionable. ByteDance “is tied to the Communist Party of China and obligated by Chinese law to comply with the PRC's monitoring requests,” Carr said in his letter to Apple and Google.

Senate and House committee members, cybersecurity experts, privacy advocates, and civil rights organizations have raised this as a worry. The “vague” policies of the social platform are a source of concern for the American Civil Liberties Union (ACLU), particularly when it comes to gathering and exploiting biometric data.

The use of the data collected is unclear

Apps that are transparent about collecting data don't have a problem, but they must also disclose how they use the data they gather. It appears that TikTok is not one of the applications that violate this condition.

The letter states that “several clauses of the Apple App Store and Google Play Store regulations apply to TikTok's pattern of covert data practices—a pattern that runs counter to its repeated claims.”

For instance, Section 5.1.2(i) of the Apple App Store Review Guidelines states that “Data collected from apps may only be shared with third parties to improve the app or serve to advertise” and that “data collected from apps must provide access to information about how and where the data [of an individual will be used.”

Should we consider TikTok an advanced surveillance tool?

When word got out that the FCC wanted TikTok taken off the main app stores, the company didn't do anything.

Speaking with CNN's “Reliable Sources,” Michael Beckerman, vice president and head of public policy for TikTok's Americas division, debunked most of the FCC's allegations against the social media company, arguing that neither Carr nor the FCC are experts in these matters and that the FCC lacks authority over matters of national security. Many social media apps perform this action without also looking at your browsing history across other apps. TikTok doesn't operate that way.

He was quoted as saying, “He's talking about faceprints—that is not something we gather,” clarifying that the technology in their app is not for identifying people but rather for filters, like recognizing when to put glasses or a hat on a face or head. It's an anti-fraud strategy that makes sure there aren't any bots or other unwanted activities by monitoring the rhythm of how people type.

He claimed, “We have never shared information with the Chinese government nor would we […]” when asked if the CCP has access to any non-public user data. As real national security organizations like the CIA during the Trump administration pointed out, the data that is available on TikTok—because it's an entertainment app—is not of national security relevance. We have US-based security teams that manage access and administer the app.

TikTok has long been condemned by politicians and privacy activists for potentially giving China access to US user data. To calm concerns, TikTok collaborated with Oracle and started sending data from its American users to servers located in the US.

However, this doesn't fully address some of the concerns that were expressed when Buzzfeed News first reported that TikTok personnel in China had been “repeatedly” accessing US user data for at least a few months. According to reports, these occurrences happened between September 2021 and January 2022, months before Oracle data rerouting. In another meeting, a director allegedly asserted that a Chinese-speaking coworker was a “Master Admin” with “access to everything.”

In the CNN interview, Beckerman stated, “We want to be trusted. “There's a lack of trust on the Internet right now, and for us, we're shooting for the highest, wanting to be one of the most trusted applications, and we're answering queries and being as honest as we can be,” the company said.

 

Source: https://blog.malwarebytes.com

Recommended For You

About the Author: John Carter

John Carter has been a content and 'ghostwriter' for many popular online publications over the years. John is now our chief editor at NewsGrab.