Discover more from Society's Backend
A Privacy Review: TikTok
You should stick to Instagram Reels and YouTube Shorts
This is part of my privacy review series. If you’d like to see reviews of more companies, check them out here.
What data does TikTok collect?
TikTok collects as much information about you as they can from your usage of their platform. This is pretty normal for a social media service. What isn’t normal is aggregating data from other sources as seen in the quotes below (styling added):
We may collect information from and about you, including information that you provide, information from other sources, and automatically collected information.
We may obtain information about you from certain affiliated entities within our corporate group, including about your activities on their platform.
We may collect information about you from other publicly available sources.
This is incredibly concerning. TikTok actively seeks information about you from your usage of their platform and from anywhere else they can find information about you. Think about this way: anything that can be Googled about you or that you’ve posted on social media may be stored and used by TikTok. Considering Chinese companies are forced to work with the Chinese government, there’s a very real possibility that TikTok is being used to gather information to help build China’s social credit system.
China associates their citizens with a social credit number the government can use to provide certain privileges. This social credit system gives the Chinese government immense power over individual citizens. With TikTok, the Chinese government can extend this system beyond just China.
“So what? I don’t live in China so their social credit score can’t affect me, right?” Not quite. There are studies showing that TikTok serves content differently depending on geographic location. For example, Chinese TikTok users are often fed more educational content than US counterparts. TikTok has even confirmed themselves that employees will hand-pick the content they want to go viral including suppressing certain subjects such as anti-China content. If you use TikTok, you’re already being influenced by the Chinese government.
Now think about the information TikTok can collect from a user: audio and video recordings, GPS location, interests, direct messages, and more. Is this something we want in the hands of the Chinese government?
Does TikTok sell user data?
Technically no. It isn’t selling if they give it away. TikTok gives user information to payment processors, customer support providers, researchers, advertising vendors, and anyone needed to “perform business operations”:
We share the categories of personal information listed above with service providers and business partners to help us perform business operations and for business purposes…
This may seem harmless, but the vague wording of this allows for a lot of freedom to share information as TikTok deems necessary and they state they “are not responsible for the privacy practices of [their] service providers and business partners”, so even TikTok claims not to know how your data is being used or sold.
How does TikTok use your data?
TikTok is transparent about using your data for anything they need it for. There’s a long list of these usages, all vaguely worded, but all pertaining to the platform in some way. The list ends with this usage, stating they use your data:
For any other purposes disclosed to you at the time we collect your information or pursuant to your consent.
This might not seem like a big deal, but they’re basically saying: We’ll use your data for only the things in this policy and anything else we feel like adding later. This is why it’s important to read popups on apps and webpages.
Does TikTok give me control over my data?
You may submit a request to know, access, correct or delete the information we have collected about you at https://www.tiktok.com/legal/report/privacy. You may appeal any decision we have made about your request by following the instructions in the communication you receive from us notifying you of our decision.
Users of the Platform who are California residents and are under 18 years of age may request and obtain removal of User Content they posted by contacting us at: https://www.tiktok.com/legal/report/privacy.
Does TikTok store your data safely?
We use reasonable measures to help protect information from loss, theft, misuse, unauthorized access, disclosure, alteration, or destruction. You should understand that no data storage system or transmission of data over the Internet or any other public network can be guaranteed to be 100 percent secure.
Does TikTok handle data according to privacy laws?
Their history, however, tells a different story. TikTok got fined $370 million by the European Union recently for not properly safeguarding children and their data. They were fined for:
Defaulting the profiles of children under the age of 18 to “public” causing their data to be automatically shared with other users.
Not taking proper precautions to keep children from bypassing age restrictions.
Using “dark patterns” to push users toward more privacy-intrusive options when setting up their account and posting videos.
This fine follows two previous fines TikTok has faced related to protecting children on social media platforms:
A $15.8 million fine for allowing children under the age of 13 to sign up for the platform.
A $5.7 million fine by the United States Federal Trade Commission for violating US data protection rules for children.
Is TikTok trustworthy?
No. I don’t usually answer this question definitively because I try to be objective, but in this case I think this answer is objective.
TikTok collects data on people even if they haven’t signed up for an account and link it to their other social profiles so they know who’s watching videos. This means all of the information mentioned above may apply to you even if you’ve only opened a TikTok link.
The TikTok app was reverse engineered and it was determined TikTok’s data gathering goes as far as attempting to figure out what other apps are installed on a user’s phone. The app was created to make reverse engineering difficult and analytics requests are encrypted to make it difficult to know exactly what information TikTok is collecting about users.
This reverse engineering also showed that TikTok collects mountains of data compared to other social media apps. It blows my mind that people delete Facebook because they feel it violates their privacy but leave TikTok installed.
The person who reverse engineered TikTok described TikTok really well: TikTok is malware targeted primarily toward children. TikTok isn’t a social media app—it’s a data collection app.
I’m assuming most people don’t fully understand what it means to have TikTok downloaded on their phone, so I’m hoping this overview helps. If I missed anything or something is misstated, let me know.
Support me for pennies
100 of them to be exact. Support independent writing and let me know you enjoy my articles for just $1 a month.