TikTok – we have all heard about the Chinese-owned app that has rapidly become the defining social media app of Gen Z. Once known as Musical.ly, TikTok quickly transformed into something more like Vine: a goofy place for memes, ironic inside jokes, weird comedy, and dance sessions. The success of the app, however, was shadowed by multiple allegations that it illegally collected data from children under 13, posing US authorities to launch an investigation to determine if the app poses a threat to American citizens. Moreover, US President Donald J. Trump has launched a full-scale attack against the app, vowing to ban it from US soil if the Chinese owners refused to sell a portion of the company to US contractors. But what’s the big deal about TikTok?
A descent into censorship and data collection
In 2017 the Chinese internet company ByteDance bought the app and relaunched it as TikTok, with all former Musical.ly accounts migrating over to TikTok in August 2018. Due to its popular success across the world, ByteDance is now the world’s largest startup, estimated to be valued at $78 billion. That’s all good on paper, but what happens with all the data that the company collects from its users? This is a relevant question, given that Chinese-owned companies are legally required to share collected data with the Chinese Government.
US politicians’ concern over TikTok began with an investigation the Guardian published on September 25, which revealed leaked documents that showed TikTok higher-ups instructing its moderators to censor videos that mentioned topics sensitive to the Communist Party of China: Tibetan Independence, Tiananmen Square, Hong-Kong protests, Taiwan. The Guardian’s investigation came after the Washington Post noted that a search for Hong-Kong related topics on the app showed virtually zero content about the ongoing pro-democracy protests, which were a major topic on any other social media sites at the time.
“These Chinese-owned apps are increasingly being used to censor content and silence open discussion on topics deemed sensitive by the Chinese Government and Communist Party. The Chinese government’s nefarious efforts to censor information inside free societies around the world cannot be accepted and pose serious long-term challenges to the US and our allies” Sen. Marco Rubio said after calling for a formal investigation into whether TikTok poses a national security risk.
The US concerns about the app soon became bipartisan, with both the Republican and the Democratic parties calling for a rigorous assessment of the potential national security risks of TikTok by US intelligence officials. Chuck Schumer (D-NY) and Tom Cotton (R-AR) expressed concern that the app could be used by foreign actors to influence political campaigns, especially given that the Chinese companies are required to adhere to Chinese law, which grants the Communist government much greater access than the US to the data belonging to private companies such as ByteDance.
TikTok has, however, pushed back against these serious allegations. The company published a blog post stating that it keeps all US user data in the United States, with a backup server in Singapore, and that none of it is subject to Chinese Law.
“TikTok has made it clear that we have no higher priority than earning the trust of users and regulators in the US. Part of that includes working with Congress and we are committed to doing so. At the start of 2019 TikTok US brought in a country general manager and a US Head of Trust and Safety who have autonomy over moderation policies. It does not restrict videos based on political content” a TikTok spokesperson said after being asked if the company censors its content.
How much data does TikTok collect from it users?
It comes to no surprise that TikTok collects a huge amount of data on its users, including which videos are watched and commented on, location data, phone model and operating system used, keystroke rhythms people exhibit when they type. Moreover, it regularly reads the copy-and-paste clipboards of its users. But is this something unusual for an app? As much as it surprises a lot of people, it’s really not – Reddit, LinkedIn and Facebook all use similar techniques to collect valuable data on their users.
If so, then what’s the big problem with TikTok? Well, it goes back to who owns the company and where does the collected data end up to, in this case the end benefactor being the Chinese Communist Party. The 2017 National Security Law in China compels any organization or citizen to “support, assist and co-operate with the state intelligence work” in accordance with the law. To put it simply, if a Chinese-owned company does not comply with the requests of the Chinese Government, it risks being taken offline completely. And TikTok is no exception, shown by the fact that the company’s own hugely popular news app called Toutiao was taken offline for 24 hours in 2017, after the Beijing Internet Information Office said it has been spreading “pornographic and vulgar content”.
But can the app be used to spread Chinese propaganda? According to the Guardian and the Washington Post, it surely can! Last year, both papers reported that TikTok’s staff and automated systems had enforced moderation rules that censored sensitive material. Further reporting showed that despite the company saying that it has autonomous control over its data, moderators in China had the final say on whether flagged videos were approved or not.
“The Communist Party of China collects bulk data overseas and then uses it to help with things that related to state security like propaganda and identifying public sentiment to understand how people feel about a particular issue. It’s about controlling the media environment globally. Once you have control, you can use it to influence and shape the conversation” Samantha Hoffman, an analyst at the Australian Strategic Policy Institute, said.
What will happen now?
As previously seen with Facebook, who got itself into a sensitive data scandal when it collected data for Cambridge Analytica, these sorts of scandals usually pop up every once in a while, only to rapidly disappear into the ether. TikTok, however, is a very special case. Why? Because the company, which is Chinese owned, operates under intense media scrutiny amidst an economic war between China and the United States of America. At the end of the day, if banning the app helps the US win a symbolic war, then TikTok will face the wrath of the American authorities.
But legitimate concerns do exist about TikTok. A Reddit user, bangorlol, has recently successfully reversed-engineered the app and shared what he learned about the Chinese video-sharing social networking service.
“So, I can personally weigh in on this. I reverse-engineered the app and feel confident in stating that I have a very strong understanding for how the app operates (or at least operated as of a few months ago). TikTok is a data collection service that is thinly veiled as a social network. If there is an API to get information on you, your contacts, or your device … well, they’re using it” Bangorlol said.
What does the app collect? Phone hardware (cpu type, number of course, hardware ids, screen dimensions, dpi, memory usage, disk space), other apps you have installed, everything network-related (ip, local ip, router mac, your mac, wifi access point name), whether or not you’re phone is rooted/jail-broken. But this is just the tip of the iceberg – TikTok has GPS pinging enabled all the time, it sets up a local proxy server on your device for “transcoding media”, it sends snippets of code on the Android version that allows for the downloading of remote zip files, it encrypts all of the analytics requests with an algorithm that changes with every update and it disables access to the app if the user tries to block communication to their analytics host of at the DNS-level.
TikTok, according to many specialists, is essentially malware that is targeting children, disguised as a social media platform that offers the younger generations a platform where they can shine on. But, unbeknownst to them, it collects all of their personal data and uses it for unspecified reasons. Sure, Instagram, Facebook, Reddit and Twitter all do the same thing, right? Yes, but comparing them with TikTok is like comparing a cup of water to the ocean. Why? Because they don’t collect anywhere near the same amount of data that TikTok does and, at the end of the day, the companies that own those apps, despite all the ups and downs, still undergo rigorous investigations on a yearly basis.
As of now, TikTok is one of the most popular free apps downloaded on the Western market. But being free doesn’t mean that the app is safe, nor beneficial to its users. Some might laugh at the thought of a social media app centered around dancing and memes being dangerous for its users, but legitimate concerns do exist about how TikTok operates and where exactly does its data end up to. Technology can bring us together, especially when it’s being used to do good and when the process is transparent. However, if the public is being kept in the shadows, democracy itself is at risk – that’s why we have to find practical solutions in order to promote transparency above all else.
This isn’t just about the Chinese Communist Party, no, it’s about all the big tech giants that have run the show without any impunity for the last few years. If they are not kept in check, we all lose.