The TikTok data collection regimen is incredibly wide and deep. What is worse is that most people sign up without reading the privacy policy. Rule #1 – if you don’t read privacy policies, you do accept that any app can do pretty well what it pleases with your data.
TikTok data collection is, at best, highly invasive data harvesting. At worst it is the potential tracking of its 1.8 billion downloads. That means it knows who, what and where over 24% of the world’s population are at any time.
We analysed the TikTok data collection privacy policy.
Well, in fact, it is three privacy policies. One for the US, one for the EEA (European Economic Area subject to GDPR)/Switzerland and one for the rest of the world (that’s us).
We repeat Rule#1 – read these things. The company must act within the published policies or face legal consequences. The outrage is more a moral issue about privacy online – and we all know that is an oxymoron.
TikTok Data Collection Privacy Policy (last updated February 2020)
In summary, it looks like any other data-hungry monster. In essence TikTok
- Collects whatever information you give it and whatever you do on the Platform and elsewhere
- Uses the data to make content suggestions to users and to deliver highly tailored advertising (its river of gold).
- Shares information with anyone it pleases – business partners, TikTok group, content moderation, measurement providers, advertisers, analytics providers, law enforcement agencies or regulators, and with third parties where required by law.
Now that summary means that it can and does use the information in any way it wishes.
TikTok Data collection is far greater than it needs to provide the service
- Profile: username, DoB, email, phone number, user profile information, photograph or profile video. That is almost enough to steal your identity.
- User content and behavioural information: Any interaction with the Platform, including all posted content, is AI analysed for speech-to-text, face/gender/object/location recognition, interests, preferences, and other analytics. Any competition/survey data goes into your profile.
- Third parties: If you log in via social media like Facebook, your profile is co-shared with TikTok. That could be dangerous if you have overshared already.
- Advertiser Networks: It tracks your internet use outside the app – websites visited, apps downloaded and buys so that it can predict what else might interest you in the future. It tracks you outside the app via cookies, transparent gifs, AD ID and more.
- Location: What to know where 24% of the population live? TikTok works under a tightly regulated regimen in China and goes under a different name Dǒuyīn there. So, who knows how many billions it tracks there? Remember that it must obey any lawful request, and it knows precisely where you are.
- Technical information: IP address, browsing history, mobile carrier, time zone, universal Advertising ID, device model/operating system, network type, device ID, screen resolution. If you log-in from multiple devices, your profile links activity across devices.
- Location. It uses the ‘Region’ to customise TikTok. But it also provides location-based services via your GPS.
- Find other users and friends: TikTok collects your friend’s data from your telephone’s contact list or Facebook friends, or you invite your contacts to join you on the Platform. TikTok uses the contact information to send them either an SMS, email or third party message (such as Whatsapp, Facebook (including Facebook Messenger) or Twitter) inviting them to view your TikTok profile.
- Purchases from app stores like Apple or Google.
How TikTok uses it
Remember that it collects far more information than it needs to provide the service. We must assume it is first a data-gathering platform with a cute 15-second lure. We won’t cover what it needs – but what it does, that in our opinion is outside its needs – unless that is to make motza money.
- Personalised advertising but based on revenue and information-sharing arrangement with other profiles like Facebook, WhatsApp, Instagram (all Facebook companies), Twitter, Google et al
- Location-based services. Why does it need to know you are unless you are in HK at a peaceful rally?
- Content moderators (a.k.a. Censors)
- Analytics – this is social and political profiling and could be used for opinion moulding.
- Wider sharing of device ID with other advertisers means its reach is far beyond the app
- Any of your information with members of the TikTok family group
- Law Enforcement
- If your profile is public (as most are), it is visible to search engines, bots, aggregators etc.
Security
Research from CheckPoint on 18 May 2020 says it is vulnerable to hackers. TikTok says it has fixed the vulnerabilities, but any platform with over a billion users is a prime target.
GadgetGuy’s take – Read the privacy policy of any app you install
If you install TikTok without reading and understanding the privacy policy, then we have no sympathy.
The moral outrage is that this can happen with any app, and there are inadequate global measures to protect online privacy. If there was TikTok could not exist as a free service. We now say of TikTok – Dump it now. Of course, you won’t – it is addictive.
All we can do is make sure you are aware that the information collected is far wider and deeper than what is needed to provide the service and “If the product is free, the product is you.”
Have you seen how much data is collected by TikTok? If not – check https://utopia.fans/blog/tiktok-collects-users-data-delete-it-right-now/ The fact that it even knows which apps do you have and which ones were deleted already, makes me shocked. I know that there are many apps behaving the same way, but it’s a disaster for me. If I want to stay safe, I have to delete a lot and use something really secured.