WSJ: TikTok Used Loophole to Gather Data From Android Users

TikTok bypassed a Google Android operating system privacy safeguard and collected unique identifiers from millions of mobile devices which let it track users without allowing them to opt-out, according to a Wall Street Journal analysis. 

Mobile phone security experts said the move was concealed through the use of an unusual additional encryption layer, and that it appeared to violate Google’s policies on how apps can track people, and TikTok users were not informed of the move. The Chinese app company ended its practice in November. 

The analysis was reported while TikTok’s parent company, ByteDance, Ltd., is facing pressure from the Trump White House over concerns that data collected through the short-form video app could help China’s government track U.S. government employees or contractors. TikTok denies that it shares data with the Chinese government. 

The identifiers that were collected are usually used for advertising purposes, notes the Journal. 

TikTok did not respond to detailed questions, but in a statement, a spokesperson said the company is “committed to protecting the privacy and safety of the TikTok community. Like our peers, we constantly update our app to keep up with evolving security challenges.”

It also said the current TikTok version doesn’t collect MAC addresses. Most mobile apps do collect data on users, which privacy advocates oppose but tech companies say is important when providing targeted advertising and experiences. 

Google said it’s investigating the Journal’s analysis, and did not comment on the loophole that allowed the MAC addresses to be collected. Related Stories:

© 2020 Newsmax. All rights reserved.