Solutions Blog

The Clock is Ticking – Is It Time to Delete TikTok?

In a year of filled with concerns such as a global pandemic, murder hornets, and so much more, the crisis du jour for Americans is now…TikTok? Though it has existed for roughly two years, the short-form video app skyrocketed to pop culture prominence during stay at home orders, playing a role in everything from viral memes to political activism. But with large companies like Amazon and Wells Fargo making headlines for asking employees to delete the app, the U.S. military banning it from government-issued phones, and India outright banning it completely—all citing national security concerns—many of TikTok’s hundreds of millions of users and their employers have been left asking, “Is it safe?”

 

The short answer: no. The slightly longer answer: it’s complicated.

 

The common claim that TikTok is “Chinese spyware” that steals data from users’ devices and sends it directly to China is not true, at least not in the clear-cut way it is presented. Yet this risk can easily occur from a backdoor method or breach methods well leveraged in China with GhostNet. The Information War Monitor (IWM) found this to be true after a 10-month investigation of the state-funded GhostNet company in China. As it stands currently, the threat to security, particularly national security, is more hypothetical than tangible. However, there are several major security issues consumers and their employers should be concerned about.

 

  1. TikTok is owned by Chinese company ByteDance but is essentially two companies in one. In China, it operates as the highly restricted and censored DouYin, and everywhere else it is largely unrestricted TikTok we know. This separation is how the company is able to claim the data is safe from the oversight of the Chinese government. While TikTok argues that they do not operate in China, they only store TikTok data on servers outside of China, and they would not turn over data to China even if asked, skeptics disagree. They argue that, as TikTok’s parent company is Chinese, they could be forced to hand over TikTok’s data to the Chinese government under their recent and far-reaching national security laws. Recent issues with China imposing its national security law over Hong Kong, effectively booting out TikTok, could shed further light on this for other countries. It has been proven by US federal agencies that the Chinese government pervasively surveils within its borders and can get access to company-held data on a whim; thus, TikTok’s potential collection of information on U.S. citizens is true a security risk. The Chinese government has already acted on this with other companies, regardless of where the data resides. TickTok openly discloses the information they capture and use. (Click here to see their website posted privacy policy.)

     

  2. At its core, TikTok is a social media platform, and social media and data privacy will always be at least somewhat at odds. While the data it collects is likely no more intrusive than that collected by other social media giants, the risk of that data in the wrong hands is high, especially in a world where users often rely on social media as a source of news. There have already been several allegations that the company has sought to suppress content critical of the Chinese government or considered controversial in China.

     

  3. TikTok’s popularity makes it a prime target for hackers, and it’s unclear whether TikTok’s infrastructure is strong and sophisticated enough to withstand attacks. In January, Check Point researchers found several vulnerabilities in TikTok that could have let attackers gain control of TikTok accounts, change the privacy settings on TikTok videos, upload videos without permission, and obtain user data such as email addresses. (Click here for more details on their research.) While security issues are something all software companies grapple with and TikTok did fix the issues Check Point uncovered, the software and company are still so new that it’s hard to say whether they can be trusted going forward.

     

In short, how TikTok handles content produced and disseminated on its platform and its user data may absolutely pose a national security risk, just in a more abstract way than directly spying on government or military actions. That being said, just because you can keep TikTok—for now—doesn’t necessarily mean that you should. Always exercise caution when sharing personal information online. Despite the allure, TikTok just isn’t worth the risk. This is especially true for company-issued equipment, where the data you are risking isn’t just your own.

Categories:
Share on linkedin
Share on twitter
Share on reddit
Share on facebook
Share on email

Learn more about The Clock is Ticking – Is It Time to Delete TikTok? by filling out the form below:

GDT Recognized as Cisco Americas Technology Excellence Partner of the Year: Service Provider, Capital Partner of the Year (South) and GES Partner of the Year (South)

This week at Cisco’s annual partner conference, General Datatech (GDT) was honored with Cisco’s Technology Excellence Partner of the Year: Service Provider, Capital Partner of the Year (South), and Global Enterprise Segment (GES) Partner of the Year (South) for its innovation, leadership and best practice as a Cisco business partner across the Americas.

Read More »

The Classroom of the Future: Hybrid Learning

The need for hybrid or online learning support will only continue to grow, so how can education systems adapt to deliver a consistent learning experience, no matter where a student is joining the class from?

Read More »

GDT VP of Engineering Quoted by CRN

A lot of customers are now looking to consume storage as a service, and NetApp is making it easier to do so, said John Woodall, vice president of engineering west at General Datatech, a Dallas-based solution provider and long-time NetApp channel partner.

Read More »
WordPress Image Lightbox