TikTok can bypass Apple and Google privacy protections and access all of users’ data, studies show

By


TikTok can bypass security protections in Apple and Google’s app stores and uses device tracking that gives ByteDance, TikTok’s Beijing-based parent company, full access to user data, according to summaries of two major studies obtained by TheWrap that appear to confirm long-standing concerns raised by privacy experts about the popular video-sharing app.

TikTok, Facebook and Google derive much of their revenue from advertising, a multibillion-dollar-a-year market. It is therefore essential for these major brands to ensure the good health of this activity. While Google owns Android and privacy rules aren’t as ad-unfriendly, Apple and iOS don’t. The company intends to make its platform the most secure operating system on the market for its users and this puts a spoke in the wheel of certain platforms like TikTok.

Apple and Google app stores are known to be very strict in implementing measures to protect users from illegal activities, fake apps and other potential dangers. Countless apps have been banned for disguising themselves as tools, such as photo filters or camera scanners, to defraud users and steal their money and personal information. The Android app store, for example, enforces guidelines around permissions, user experience, and general app accessibility to maintain app quality.

Summaries of the studies, shared exclusively with TheWrap, suggest that TikTok is able to avoid code audits on the Apple and Google app stores. More worryingly, the research revealed that TikTok is able to modify the app’s behavior at will, without users’ knowledge, and it uses device tracking, which gives the company and third parties unlimited access. to user data. This is very unusual and beyond the capabilities of US applications such as Facebook, Twitter and other social media platforms.

These dynamic properties allow TikTok to have unrestricted access to your device as part of what the app can see, said Frank Lockerman, cyber threat engineer at cybersecurity firm Conquest Cyber. The TikTok browser not only has access to web-to-device conversion, but it also has the ability to query things on the device itself.

While TikTok argues that its methods are standard, especially for ad-based social media apps, researchers and independent experts say the app’s code makes it much more difficult to monitor. As a result, just because the app isn’t doing anything bad today doesn’t mean it won’t do bad things in the future, a study finds.

After reviewing the findings of the studies, mobile development expert Russ Jowell said it’s hard to know the full extent of TikTok’s data mining capabilities and intentions. But overall, he said: It seems to me that ByteDance has gone to monumental lengths – perhaps more than Facebook, Twitter and other social networks – to conceal the inner workings of their app.

A TikTok spokesperson reportedly declined to address the studies directly, but told TheWrap that the company adheres to app store policies, adding that its product meets information security standards in the United States, UK, Ireland, India and Singapore and recently received certification from the ioXt Alliance for compliance with cybersecurity and transparency standards and commitments. In fact, TikTok said it is working with the ethical hacker community and researchers through a program called HackerOne to test its product.

The security and privacy of our global community is always a top priority, the company said. Staying ahead of next-generation cyberthreats requires continuously strengthening the security of our platform, which is why we continually work to validate our security standards and work with top industry experts to test our defenses. Nevertheless, some countries have made their own decisions regarding TikTok. The app itself is not available in China, and India banned it in 2020 for national security reasons.

Former President Trump’s administration had issued an executive order on August 6 that sought to block transactions between US companies and the Chinese parent companies of TikTok and WeChat, ByteDance and Tencent, respectively. Trump had declared TikTok and WeChat a national emergency, citing privacy and security concerns. This order invoked the International Emergency Economic Powers Act (IEEPA), a law that allows Trump to prohibit transactions between the United States and foreign entities.

The Chinese Minister of Foreign Affairs had not been late at the time to step up to the plate by firmly opposing the decrees announced by American President Donald Trump. Beijing will defend the legitimate rights and interests of Chinese companies and the United States should bear the consequences of their actions, the minister’s spokesman Wang Wenbin told reporters at a daily briefing at the same time, without giving details.

After former President Donald Trump tried to ban TikTok, the Biden administration dropped the outright ban last June but is now considering new regulations that would affect foreign-owned services, namely TikTok. The Commerce Department’s proposed rules would add criteria that Commerce Secretary Gina Raimondo would have to consider when reviewing software that presents “excessive or unacceptable risk”.

In a short time, TikTok’s popularity seems unstoppable, more than doubling the number of US users between 2019 and 2021, to 78.7 million. The TikTok app threatens the growth of Facebook and Instagram, which are both losing the fight for younger users. Last September, TikTok passed the milestone of one billion monthly users and is on track to gain more users than Instagram and more total users than Snap by 2023, according to eMarketer estimates.

TikTok is starting to attract older users, although it is exploring the possibility of making the leap to TV screens. In March 2021, the platform’s reach among users aged 35-44 doubled from the previous year, to around 18%, according to Comscore. People aged 45 to 54 represented 14.6% of total unique visitors during this period, and those aged 65 and over 3.5%, three times more than in 2020.

While TikTok argues that its methods are standard, especially for ad-based social media apps, researchers and independent experts say the app’s code makes it much more difficult to monitor. As a result, just because the app isn’t doing anything bad today doesn’t mean it won’t do bad things in the future, a study finds.

After reviewing the findings of the studies, mobile development expert Russ Jowell said it’s hard to know the full extent of TikTok’s data mining capabilities and intentions. But overall, he said: It seems to me that ByteDance has gone to monumental lengths perhaps more than Facebook, Twitter and other social networks – to conceal the inner workings of their app.

Source: Thewrap

And you ?

Do you use TikTok?

What do you think of the conclusions of the studies?

See as well :

Facebook: We stand up to Apple for small businesses around the world, company criticizes Apple for upcoming changes to iOS 14 that will hurt target advertising

Facebook reportedly secretly tracks iPhone users, even after users opt out

Second US judge says Trump can’t ban TikTok, giving TikTok another reprieve

96% of iPhone users have opted out of app tracking since the launch of iOS 14.5, showing that the vast majority of people want to maintain their privacy

Leave a Comment

Your email address will not be published.

You may also like