TikTok is an extremely popular short-form video social media platform that has attracted more than 150 million active users in the US. It has garnered so much attention—and ire—from the federal government, state governments, international bodies, and private institutions due to its popularity, the dangers associated with the platform’s data collection, and the potential for the Chinese government to use TikTok to its advantage due to the platform’s Chinese parent company. US lawmakers are particularly concerned that China will use the app to amass US user data and potentially manipulate algorithms to propagate content it chooses. The data collection issue is a concern for every TikTok user from a privacy standpoint, as TikTok collects more user data than most people realize.
TikTok, like all other big social media platforms, collects user data, coordinates with third-parties, and uses user data for algorithms and targeted ads. However, TikTok is unique in terms of the sheer volume of data it collects. Additionally, the pre-set app settings give TikTok more permissions than are necessary to use its features. And US users have taken notice—ByteDance, TikTok’s parent and the reason for the China-related concerns, settled more than 20 data privacy lawsuits brought by US users for a total of USD 92 million in 2021. TikTok has also been fined for illegally collecting data from minors. Information TikTok collects includes:
- All information you add to your profile (for example, biographical information and contact information)
- Content you post
- Location data
- Search history on TikTok
- Messages within TikTok
- Information from other accounts linked to your TikTok account (Facebook, Google, etc.); and
- Information about your phone, including IP address, mobile carrier, time zone, and app and file names on your phone.
Additionally, TikTok will collect information from you even if you don’t have an account. If someone sends you a TikTok link and you click on it, TikTok collects anonymized data including device type, IP address, what type of content you consume, and the last app you used.
TikTok permissions are automatically set-up to make your profile public and accessible. “Private Account” is toggled off, meaning anyone on the platform can see your profile and content. Other settings include suggesting your account to phone contacts, Facebook friends, etc.
It should be noted that while TikTok asserts US user data is stored exclusively on servers in the US and Singapore, TikTok employees in China are still able to access US user data.
So, what should you do?
Overall, we do not recommend using TikTok from a privacy perspective. Given the data the app collects, the accessibility of your information to the public/other TikTok users, and the prospect of Chinese employees accessing your data, it’s safer to not engage with the platform. However, if you choose to have a TikTok account, there are some security measures we recommend to help protect your information as much as possible, including:
- Do not use your real name, photo, or biographical information in your profile;
- Set your profile to private;
- Be cautious about content you post. Videos can reveal details about your activities and locations;
- Do not link TikTok to any other online accounts;
- Adjust privacy settings on the app immediately: toggle off “suggest your account to others,” “find your contacts,” and “allow others to download my videos,” and only allow “friends” to send you messages; and
- Utilize a Virtual Private Network (VPN) when using TikTok to protect location information.
Social media platforms collect and display significant personal information of which you may or may not be overtly aware. Red Five offers privacy services to safeguard your information, such as securing social media accounts and limiting online information about you. Contact Red Five to learn more.