Finally, device mapping, external storage access, contacts and third-party applications data collection allows TikTok the ability to reimage the phone in the likeness of the original device. The hourly checking of location is also unnecessary. The application however has a culture of persistent access or continuously asking for a decision reversal by the user. It is also notable that the device only needs to ask the user for permission to perform each of these actions once and then follow the user’s preferences. This leads us to believe that the only reason this information has been gathered is for data harvesting. He concludes:įor the TikTok application to function properly, most of the access and device data collection is not required. Perkins’ report offers a dizzying list of data the TikTok app can access while it’s running, including the device location, calendar, contacts, other running applications, wi-fi networks, phone number and even the SIM card serial number. Permissions and device information collection are overly intrusive and not necessary for the application to function.Īlso of note is that TikTok IOS 25.1.1 has a server connection to mainland China which is run by a top 100 Chinese cyber security and data company Guizhou Baishan Cloud Technology Co Ltd. In our analysis, the TikTok mobile application does not prioritise privacy. The report’s author, Thomas Perkins, writes: Published on Monday by the Australian-US cybersecurity firm Internet 2.0, it is based on a teardown of TikTok’s Android and iOS apps. So I was interested to read a report that attempts to look at the general suspicion of the service.
0 Comments
Leave a Reply. |