U.S. government acts against TikTok, as accusations of face and behavioral biometrics collection levelled
Chinese video-sharing app TikTok is now under the microscope of the Trump administration and facing a ban due to security risks, after a number of people used it for fake registrations for the Tulsa, Oklahoma rally as part of a prank, writes the Chicago Tribune.
“Like a lot of other social media apps, TikTok seems too good to be true,” said Anita Nikolich, professor and director of the Active Computational Center at Illinois Institute of Technology in a statement. “The amount of data (TikTok) collects is above and beyond what other social media platforms collect.”
The U.S. government accuses the Chinese company behind TikTok, ByteDance, of gathering information and handing it over to the Chinese government.
Amazon has already asked its employees to delete the app, as have the U.S. Army and the U.S. Navy in December 2019, the U.S. Air Force in January, the Coast Guard, the U.S. Marine Corps, the U.S. Department of Homeland Security, TSA, and Wells Fargo, reports Business Insider. Shortly after the decision, Amazon changed its mind.
In May, TikTok was hit with a lawsuit on grounds that it violated Illinois’ biometric privacy law by illegally collecting biometric information without user consent. Currently the company is involved in multiple lawsuits in California and Illinois.
According to Nikolich, TikTok collects biometric information including facial features, how the phone is held and when and where the app is accessed. She warns the information can used for phishing and email scams.
In March, two iOS developers found TikTok was stealing information from users’ clipboards which included passwords and sensitive information. The two warned that similar behavior was noticed with LinkedIn and Reddit mobile apps, yet these practices are no longer possible following an iOS update.
The Democratic and Republican National Committees are asking their staff to take extra security measures when using TikTok, writes CNN.
According to the memo the publication reviewed, the DNC wrote “We continue to advise campaign staff to refrain from using TikTok on personal devices. If you are using TikTok for campaign work, we recommend using a separate phone and account.”
In December, the DNC warned about alleged “Chinese ties and potentially sending data back to the Chinese government,” as well as about Russian app FaceApp.
Republican National Committee national press secretary Mandi Merritt said “The RNC has advised employees and stakeholders to not download the TikTok app on their personal devices,” due to “security concerns.”
“We are fully committed to protecting our users’ privacy and security. Under the leadership of our American CEO, along with our Chief Information Security Officer and Head of Safety, TikTok’s growing U.S. team works diligently to develop a best-in-class security infrastructure and uphold our Community Guidelines which prohibit misleading and inauthentic content and accounts,” TikTok responded in a statement. “We welcome a dialogue with anyone who has questions about TikTok so that we can ease concerns they may have.”
TikTok has been banned in India and went through an extensive audit when Secretary of State Mike Pompeo said a ban was being considered citing national security concerns.