Last week, TikTok was in the news after a damning report surfaced from BuzzFeed News which obtained over 80 internal audio recordings that suggest China-based employees of the social media app have repeatedly accessed private US user data. It was a monumental piece which I encourage everyone to go read, and now, the ByteDance-owned app is once again making headlines for all the wrong reasons.
An FCC commissioner has sent a letter to both Apple and Google asking them to remove TikTok from their respective app stores due to the severe privacy concerns the app raises. Brendan Car, the commissioner in question, published the full letter on Twitter.
“TikTok is not what it appears to be on the surface,” Carr said in his letter. “At its core. TikTok functions as a sophisticated surveillance tool that harvests extensive amounts of personal and sensitive data. Indeed, TikTok collects everything from search and browsing histories to keystroke patterns and biometric identifiers, including faceprints – which researchers have said might be used in unrelated facial recognition technology – and voiceprints. It collects location data as well as draft messages and metadata, plus it has collected the text, images, and videos that are stored on a device’s clipboard.
Carr notes that these illegal data collection efforts are likely to comply with the surveillance demands of the Communist Party of China and the PRC, which by law it must obey since it’s owned by ByteDance. He also acknowledges the app’s efforts to circumvent the privacy policies of the App Store and Play Store, as highlighted in an article from TheWrap last February.
“It is clear that TikTok poses an unacceptable national security risk due to its extensive data harvesting being combined with Beijing’s apparently unchecked access to that sensitive data,” he continued. “But it is also clear that TikTok’s pattern of conduct and misrepresentations regarding the unfettered access that persons in Beijing have to sensitive U.S. user data-just some of which is detailed below puts it out of compliance with the policies that both of your companies require every app to adhere to as a condition of remaining available on your app stores. Therefore, I am requesting that you apply the plain text of your app store policies to TikTok and remove it from your app stores for failure to abide by those terms.”
The FCC commissioner isn’t the first in Washington to raise a red flag at TikTok. Spying on users based in the US as detailed in BuzzFeed News‘ report is the same activity that motivated former President Donald Trump to push for a full-fledged ban of the app in 2019. He ultimately failed to accomplish that after a number of US-based companies (including Microsoft and Oracle) failed to acquire the app.
Since then, many US officials and cybersecurity professionals have called into question TikTok’s security and whether it serves as a national threat to the country. Carr notes in his letter that in 2019, then-Senate Minority Leader Chuck Schumer and Senator Tom Cotton described the app as “a potential counterintelligence threat we cannot ignore.” Senators Mark Warner, Marco Rubio, Ted Cruz, Marsha Blackburn, and Congressman Adam Schiff have also heavily questioned and criticized the app in the past.
In response, TikTok continues to defend itself and emphasize in ensuring user security and privacy remains a top concern of theirs. It recently partnered with Oracle to store user data in the United States that can only be accessed by employees in the States, saying that while at this time it still uses servers in Singapore as backups, it plans to “delete U.S. users’ private data from our own data centers and fully pivot to Oracle cloud servers located in the U.S.” It also repeatedly claims to “hire experts in their fields, continually work to validate our security standards, and bring in reputable, independent third parties to test our defenses” in a press statement that’s seen the light of day in separate articles from both BuzzFeed News‘ and CNBC who published it earlier today.
Still, it seems that far more will need to be done before TikTok has a chance at gaining the trust of the US government, and as more details regarding its handling of user data are surfaced, that grows less and less likely to happen.