Ban TikTok?

Should employers be concerned about data security?

Is TikTok an amazingly popular (especially with teens) video-sharing app? Or is TikTok a serious threat to personal, corporate and national security? The answer appears to be “Yes!” 

TikTok Boom

TikTok’s growth has been explosive. It’s been the most downloaded app in Apple’s App Store since 2018. TikTok is reported to have been downloaded over two billion times (175 million in the U.S.), and to have 800 million monthly active users, from over 150 countries. Users are young, with more than 65% being 34 or younger. And they spend a lot of time on the app, averaging 52 minutes a day on TikTok, with teens spending 80 minutes. This activity has reportedly produced $3 billion in profits last year. This app is no slouch. It’s fun. It’s growing. And its user demographics are a marketer’s nirvana.

TikTok Bust

Despite profound success, TikTok’s future is in serious question. TikTok’s growth story is being overshadowed by controversy. Concerns over user data security and international espionage are at the heart of a snowballing crisis for the Chinese-owned app. Unlike with other outcries over social media/technology privacy issues, these controversies aren’t merely rumors. They’re very serious allegations with matching consequences.

The types of actions governments and corporations have taken against TikTok are really unprecedented. Here’s a sample:

  • 2019: Federal Trade Commission fines ByteDance (TikTok’s parent company) for violating online child protection laws.
  • 2019: United Kingdom opens an investigation into TikTok data protection for children.
  • 2019: India places provisional ban on TikTok for issues around pornography and child protections.
  • 2019: A large class-action law suit was filed in California, claiming TikTok illegally transferred personal data of U.S. citizens to China.
  • 2020: India permanently bans TikTok, citing security concerns around Chinese government spying. 
  • 2020: The United States Military bans TikTok from all government-issued phones.
  • 2020: Amazon accidentally releases an internal employee memo asking all employees to delete TikTok from company phones.
  • 2020: Wells Fargo directs employees to remove TikTok from company phones.

So, what is the problem with TikTok? Why are these, and other organizations, so concerned about the app’s access to data. There seem to be two primary areas of concern. The first is personal privacy and illegal consumer data collection. The second is corporate and national espionage—spying done through TikTok on behalf of the Chinese Communist Party (CCP).

Data Syphoning

It’s widely understood that mobile devices collect immense amounts of data from user actions. They track your web browsing, app usage, driving, spending, steps, sleeping, etc.  That TikTok tracks user data isn’t controversial. The problem is what data the app tracks, how it tracks it, and what it does with the data.

Not everything is publicly known about TikTok and what it’s doing. However, it is important to recognize that TikTok is a rebranded version of the Chinese app Douyin. Because it operates behind the Chinese Firewall, Douyin was developed using a very different set of priorities, ethics and protections than apps developed in the U.S. and other liberal democracies. The Chinese people are restricted and censored in ways that are illegal here. Supposedly, TikTok runs on a separate set of servers than Douyin to enable these differences. Yet, many believe the app retains most of Douyin’s “China-market” capabilities.

There are many ways a downloaded app, like TikTok, could surreptitiously collect sensitive data from a phone without users being aware. For example, Apple flagged TikTok for copying data from user’s clipboards. Also, an app developer recently reversed engineered TikTok and found that the app has the ability to intercept and open zip files and perform other functions that should not be part of a mobile app. TikTok might also be able to collect very sensitive data, like fingerprint markers. TikTok just raises a lot of red flags for consumers.

“There’s a reason governments are banning it. Don’t use the app. Don’t let your children use it. Tell your friends to stop using it. It offers you nothing but a quick source of entertainment that you can get elsewhere without handing your data over to the Chinese government. You are directly putting yourself and those on your network (work and home) at risk.” 

Bangoral

A Trojan Horse

It’s not only user data that’s at risk. Large corporations and governments are concerned with CCP corporate and military espionage. TikTok is only one example of a concerted international curtailment of Chinese technology companies. Earlier this month, U.S. Secretary of State Mike Pompeo stated that the U.S. is considering a ban on TikTok. Australia, Japan and other nations have suggested that they also might join India in banning TikTok.

This is part of a greater effort against Chinese technology. Companies like Huawei are already excluded from the U.S., United Kingdom, Australia, New Zealand, Japan and Taiwan. The core issue is that many, if not all, Chinese tech companies are controlled to some degree by the Chinese military.  

Considering prior action and the strained relationship between the U.S and the CCP, it should not come as a surprise if the U.S. bans TikTok in the coming weeks and months. 

Protect Your Data

In my opinion, when there’s this much smoke, there’s fire. My response to what’s happening with TikTok is to err on the side of caution. I recommend removing TikTok from your personal phone, or any connected device that also has access to any important data. I recommend parents make this decision for their children. I also recommend any employer whose employees access any company data have employees remove TikTok from that device. 

More Ideas