Yet social media platforms are among the most powerful companies in the world, not least because they can collect massive amounts of user data and use algorithms to turn the data into actionable knowledge.
Here’s How It’s So Addictive, With About 1.2 Billion users from December 2021. This number is expected to reach 1.8 billion by the end of the year.
It is against the backdrop of these massive numbers that the U.S. Federal Communications Commission (FCC) strongly stated: letter to the CEOs of Apple and Google last Tuesday, urging them to remove TikTok from their app stores because the company — or rather its Chinese parent company ByteDance — cannot be trusted with US users’ data.
What are the concerns?
In his letter, FCC Commissioner Brendan Carr says:
TikTok is owned by Beijing-based ByteDance – an organization obligated to the Communist Party of China and required to comply with PCRs under Chinese law [(People’s Republic of China)] supervision requirements.
TikTok US has repeatedly refused violation of US data privacy regulations. It states that user data is stored on US servers and is not shared with ByteDance. But Carr says these measures don’t guarantee the privacy of US users:
TikTok’s statement that “100% of US user traffic is redirected to Oracle” (in the US) says nothing about where that data can be obtained from.
After tough questioning by US senators, TikTok . has allowed the data stored in the US is in fact accessible from China, subject to unspecified security protocols on the US side.
Australian users also have their data stored on US servers, with backups in Singapore. But it is unknown whether this data — which may include user browsing, images, biographical information, and location — is subject to the same safeguards as US data.
Carr’s unusually blunt language may have been caused by leaked audio obtained by: Buzzfeed from more than 80 internal TikTok meetings.
According to a Buzzfeed report from mid-June, China-based ByteDance employees have repeatedly accessed non-public data on U.S. TikTok users. The tapes overwhelmingly contradict TikTok’s previous data privacy certainties†
For example, at a meeting in September 2021, a senior US-based TikTok executive referred to a Beijing-based engineer as a “main administrator” who “has access to everything”. That same month, a US-based Trust and Safety staffer was heard to say, “Everything is seen in China.”
In short, the recordings to confirm the claim that employees based in China often have access to US data, and more recent than previous statements claimed.
Can it all be innocent?
On the one hand, TikTok is engaged in entertaining users, with the aim of keeping them on the platform and exposing them to targeted advertisements. On the other hand, TikTok can be used to distribute disinformation and affect users to their detriment.
In this armed context, the US government’s strong objections to TikTok become more apparent.
In addition, past events have also provided good reasons to suspect Chinese actors of massive online data collection.
In 2020, Australian media reported about a data breach by Zhenhua Data, a Chinese company that includes the Chinese government and the People’s Liberation Army.
The leak allegedly contained details of more than 35,000 Australians, including dates of birth, addresses, marital status, photos, political associations, family members and social media accounts. This information has been collected from various sources, including TikTok.
Would Banning TikTok Be Effective?
Removing TikTok from the Google and Apple app stores can only be done by country. India forbidden the platform in June 2020.
If the Australian government made the TikTok domain inaccessible from Australia, it would still be accessible through a virtual private network (VPN). A VPN service allows users to create a secure private network within a public network, disguising their country of origin. It is the same tool that enables file sharing on Pirate Bay and access to Netflix shows from other countries.
But even if TikTok were banned in Australia and access removed, or if users were to massively terminate their accounts, existing data on the company’s US and Singaporean servers would remain there. And we now know that this data is accessible to TikTok’s parent company, ByteDance, in Beijing.
What should TikTok users do?
Like any technology, TikTok itself is neither good nor bad. But the way it’s used creates potential for both.
The best defense with potentially dangerous technology is to approach it with healthy skepticism and share as little as possible. In the case of TikTok (and other social media), this can involve†
- not divulging your full name
- do not disclose your age and birthday
- not revealing your physical location (including through photos or video)
- disabling the “suggest your account to others” setting.
You can also request an account removal† But don’t expect TikTok to delete all associated data. That is now TikTok’s data and you agreed to hand it over when you signed up.