Australian cybersecurity firm Internet 2.0 published a deep-dive into the social media application TikTok on Android and Apple platform. The firm determined the TikTok mobile application does not priorities privacy and say it’s undertaking excessive data harvesting.
TikTok’s source code revealed the platform is harvesting personal data
The research said TikTok app checks the users location after every 60 minutes. Adding that TikTok has persistent access to the user’s calendar. Researchers also discovered the app is able to assess all other running apps on the phone and know what other applications are installed on the device too.
Researchers were unable to find a similar pattern in the Android version
Internet 2.0’s Robert Potter said there wasn’t specific evidence that TikTok was using the apps vulnerabilities to actually harvest data. A new research study by Australian company Internet 2.0, has found that TikTok requests grant almost complete access to the contents of a phone while the app is in use.
It’s not clear that the data is being sent to China
He also noted that other apps will have server links to China, but claimed the company hasn’t been fully transparent in the past, warning that this was only likely to fuel concerns about the app.
We don’t have visibility over exactly what’s being pulled. All we can say is that TikTok grants itself permission to pull the data. Under close examination, we saw it connecting to servers around the world, including in China.Robert Potter – Internet 2.0
Internet 2.0 has also highlighted concerns about the Apple version of the app with a server connection to mainland China which is run by a top 100 Chinese cyber security and data company Guizhou Baishan Cloud Technology Co. Ltd.
TikTok has responded to the claims raised in the report.
The IP address is in Singapore, the network traffic does not leave the region, and it is categorically untrue to imply there is communication with China. The researchers’ conclusions reveal fundamental misunderstandings of how mobile apps work, and by their own admission, they do not have the correct testing environment to confirm their baseless claims.TikTok