The viral video-app checks device location at least once an hour, continuously requests access to contacts, maps a device’s running apps and all installed apps, and more.
Viral video-app TikTok collects “excessive” amounts of data, according to new analysis of its source code, raising alarm about the volume of information and its securityTikTok checks device location at least once an hour, continuously requests access to contacts even if the user originally denies, maps a device’s running apps and all installed apps, and more, according to a white paper by Canberra-based cybersecurity and intelligence firm Internet 2.0.
TikTok rejected the assertion when provided with the IP address: “The IP address is in Singapore, the network traffic does not leave the region, and it is categorically untrue to imply there is communication with China. The researcher’s conclusions reveal fundamental misunderstandings of how mobile apps work, and by their own admission, they do not have the correct testing environment to confirm their baseless claims.”However, Internet 2.
On Android, TikTok collects all other running and installed applications on the phone, which Internet 2.0 said “is an unnecessary function. Theoretically, this information can provide a realistic diagram of your phone.”The analysis also found TikTok queries Android device GPS location at least once an hour and found that TikTok requests access to user contacts. If the user denies the request, Internet 2.0 said the user is continuously asked on a loop until access is granted.
TikTok said in response: “The TikTok app is not unique in the amount of information it collects, which is less than many popular mobile apps. In line with industry practices, we collect information that users choose to provide to us and information that helps the app function, operate securely, and improve the user experience.“Also like our peers, we constantly update our app to keep up with evolving security challenges and encourage our users to download the most current version of TikTok.