What data does TikTok collect on you?

Chinese-owned app TikTok has been accused of harvesting its users’ data, and was even described as a potential national security risk by White House officials.

On Friday, President Trump said he intended to ban the video-sharing platform from the US because of these concerns, although over the weekend he appeared to approve of a potential move by Microsoft to acquire the company in the US.

Similar national security concerns have been cited regarding other Chinese companies, especially Huawei, prompting critics to dismiss them as protectionism on America’s part.

PARIS, FRANCE - DECEMBER 26: In this photo illustration the logo of Chinese media app for creating and sharing short videos, TikTok, also known as Douyin is displayed on the screen of a smartphone in front of a Chinese flag on December 26, 2019 in Paris, France. The social media app TikTok developed by Chinese company ByteDance continues its meteoric rise and exceeded the milestone of 1.5 billion downloads. Tik Tok now surpasses Facebook and Instagram. (Photo by Chesnot/Getty Images)
Image:TikTok is Chinese-owned

Rival social media platforms and politicians have warned of data risks regarding TikTok, but it isn’t clear what actual risks they are citing – other than the company’s origins in China.

Earlier this year, a thread on Reddit amalgamating original research included a description of TikTok as “a data collection service that is thinly-veiled as a social network”.

But this was refuted by a security researcher called Baptiste Robert, who tweets under the handle @fs0c131y, who found the data which TikTok collects is relatively standard for social media apps.

TikTok analysis in progress. It’s time to stop this non sense and put facts in the center of the discussion pic.twitter.com/CUpEbA6f9w

— Elliot Alderson (@fs0c131y) August 2, 2020


Here are five things about its users which TikTok actually collects, and how they compare to other social media apps:

Tiktok has been threatened by Donald Trump
Image:TikTok has been threatened by Donald Trump

1. Everything you write, even if you don’t send it

TikTok scans and analyses all the “information you provide in the context of composing, sending, or receiving messages”, according to its privacy policy.

That includes the content of the message you’re composing, even if you delete it.

This could be seen as a major privacy invasion, but if it is then it’s a pretty ubiquitous one. Facebook has been using the content of private messages to build up user profiles for advertisers for years.

The logo of TikTok application is seen on a screen in this picture illustration taken February 21, 2019
Image:Unusually, TikTok collects keystroke dynamics

2. Everything you touch on the screen

Keystroke dynamics are a type of biometric which can identify people based on how they type at a keyboard or swipe on a screen.

The company acknowledges capturing users’ “keystroke patterns or rhythms” in its privacy policy, although it doesn’t say what for.

These patterns could be enormously powerful, however. Researchers have found that keystroke patterns can indicate a lot about users, from their gender through to whether they are clinically depressed.

TikTok does seem to be the only company which acknowledges capturing keystroke dynamics.

Image:TikTok records what devices people use to access the platform

3. Everything about the device you use to access TikTok

Our mobile and tablet devices can communicate a lot of information when they’re using TikTok, including your IP address, any unique device identifiers, as well as the following:

  • the model of your device
  • your mobile carrier
  • time zone setting
  • screen resolution
  • operating system
  • app and file names and types.

This sounds like a lot, but it’s actually standard and most of it is necessary for the app to display and run properly.

Donald trump texting
Image:Mr Trump has also appeared to approve of a potential move by Microsoft to acquire TikTok in the US

4. Your contacts

TikTok collects contacts from users’ phonebook, as well as from social network contacts if a user’s login is linked with one of those services.

Although this only happens “with your permission”, the permission only has to be given by the main account holder, who could be revealing their connection to somebody else who hasn’t given their permission.

This also isn’t unique to TikTok, and almost every social media platform will allow you to import contacts and see if there are any matches to users on the platform itself.

TikTok has a ketamine problem

TikTok has a ketamine problem

5. What you’re interested in

This isn’t at all unique to TikTok. It’s the point of social media platforms to keep serving their users the kind of content that will keep them scrolling and using the platform.

But this is where the company’s links to China have caused concern.

TikTok’s homepage – it’s For You Page – is a feed specifically curated for each user by TikTok’s algorithms, and there’s no obvious mechanism for users to use the platform from a neutral perspective.

This means that any manipulation of that content – potentially for the purposes of political censorship – could end up going completely unnoticed by the user, who doesn’t have any methods to address it.


TikTok row shows tension between US tech policy and rise of China

Accusations of such censorship have also been levelled at social media companies in the West, including by President Trump.

Earlier this year, Mr Trump signed an executive order aimed at curbing protections for the platforms based on accusations they were manipulating content against Conservative views.

Studies have found no evidence that social media companies target users based on their political positions rather than against the companies’ own content policies.

Equally, according to Baptiste Robert, there is no evidence of TikTok misappropriating data in a way that other social media apps wouldn’t.

He concluded his analysis by stating: “TikTok doesn’t have a suspicious behaviour and is not exfiltrating unusual data.

“Getting data about the user device is quite common in the mobile world and we would obtain similar results with Facebook, Snapchat, Instagram and others.”

Mark Gibson

Graduates in Northwestern University, Evanston, Illinois 1990. Move to Los Angeles California in 2004. Specialized in Internet journalism.

Leave a Reply

Your email address will not be published. Required fields are marked *