Whenever you sign up for a new app, like, say, TikTok, it’s up to you to read through the terms of conditions before you press 'accept.' But we all know how those terms come in pages upon pages of paragraphs and we are all guilty of barely reading through them before we accept them so we can get to playing with whatever app they preceded. Now, because of TikTok’s terms and conditions, the cybersecurity company Penetrum is calling it out.
The company alleged through a 21-page document that TikTok has taken advantage of its users. And, even though the app boasts millions of dedicated users and millions of new uploads daily, some people are starting to take notice. What this means for the future of the app, however, is uncertain right now.
Penetrum is calling out TikTok for data collection.
The document went on to point out that 37.70 percent of the known IP addresses linked to TikTok are also linked to Alibaba.com, a China-based company which faced a data leak in 2019. The document alleged that it's entirely possible TikTok is collecting too much of users’ data, potentially for less than admirable reasons, which may negatively affect users later on down the line.
Anyone else a bit uneasy with the fact that TikTok is apparently now a hotbed of political organizing and we still don’t have clear answers about how much of its data the Chinese government has access to?— Caroline McCarthy 🧢 (@caro) June 21, 2020
"From our understanding and our analysis, it seems that TikTok does an excessive amount of tracking on its users and that the data collected is partially if not fully stored on Chinese servers with the ISP Alibaba," the document stated. "It seems slightly coincidental to us that Alibaba’s data breach specifically states that the breach itself included that IMEI, IMSI, phone numbers, and user data specifically pertaining to phones was breached as well as other personal information."
One redditor claimed TikTok collects more data than any other social media platform.
If Penetrum’s findings aren't enough to make you take another look at what TikTok may or may not be harvesting, someone on reddit said they reverse-engineered TikTok to gain a better understanding. They alleged in an April 2020 reddit post that, in their findings, they realized TikTok may be getting information about your phone’s hardware, other apps on your device, and a GPS ping. And, according to the redditor, TikTok allegedly collects more data than Instagram, Twitter, and even Facebook.
Tiktok is malware that targets children. I’m a security researcher but did not conduct this research. Awakening is happening as this was sent to me from a newly red pilled 60 yr old but is security aware from my teachings. Be aware of tiktok and data privacy.. pic.twitter.com/CImuGFqgxY— Andrew Ostation (@a_ostation) June 23, 2020
TikTok released a statement in 2019.
In 2019, when TikTok came under scrutiny for data security, an official statement was released on the website. In the statement, the company claimed to have "robust cybersecurity policies, and data privacy and security practices." Obviously that greatly contradicts what Penetrum has alleged, but right now, some TikTok users are freaking out just a bit. And should Penetrum’s findings gain more traction, TikTok might end up in the social media graveyard, much like its predecessor, Vine.