TikTok security breach: Chinese app tracked user data with BANNED technique, report says

We will use your email address only for sending you newsletters. Please see our Privacy Notice for details of your data protection rights.

It comes after the US government has laid out plans to ban TikTok over national security concerns. The social media app is owned by Chinese firm Bytedance, and has repeatedly denied links to the Chinese government. Now, a new report from the Wall Street Journal has claimed that Android users were not given the option to stop the app collecting its data due to a loophole.

The report shows that TikTok exploited Android’s operating system to collect MAC addresses from users for more than a year.

MAC addresses are unique identifiers from operating systems on hardware, and cannot be changed.

Tracking the addresses was banned by Google in 2015 over concerns about security violations.

TikTok is believed to have used the practice to track users and build up data profiles on them, even if they chose to opt out of advert tracking.

 

The Wall Street Journal has clarified TikTok stopped using the practice in November last year.

But they appear to have attempted to conceal their data breaches through added encryption in their app.

In a statement, a spokesman said the company is “committed to protecting the privacy and safety of the TikTok community”.

They added: “Like our peers, we constantly update our app to keep up with evolving security challenges.”

The UK’s data watchdog has said it is “considering” the report”, along with “the potential data protection compliance matters identified” in using MAC addresses without permission.

They said: “Using them to track a device or person across websites and apps involves the processing of personal data and therefore needs to comply with the requirements of data protection law.

“The ICO’s recent work on adtech has highlighted significant concerns about transparency, profiling and information security where personal data is collected and used for the purposes of online behavioural advertising.”

DON’T MISS:
Microsoft ‘in talks’ to buy TikTok as Trump considers ban [REPORT]
Tory civil war: Boris gives green light to TikTok’s London HQ amid party outrage [INSIGHT]
Your Google Home smart speaker might have been listening to more than you thought [INSIGHT]

TikTok has been revealed before to have breached users privacy, with the app found in June to have copied iPhone users clipboards, or text boxes, as they typed them.

A video on Twitter showed an iOS 14 iPhone notifying a user constantly that TikTok was copying its clipboard.

But the app defended the practice, and said it was to stop users spamming messages.

In a statement, they also clarified they did not receive or store any data from the clipboards.

The report comes as US President Donald Trump threatened to ban TikTok by September 20, unless its owners can sell the app to an American company by that point.

Mr Trump signed an executive order to ban any US transactions with TikTok over concerns Beijing can use the app to spy on US citizens.

TikTok and Bytedance have maintained the app does not share data with the Chinese government.

Microsoft has been in talks to purchase the US, Australian, New Zealand and Canadian versions of the app from Bytedance.

Source: Read Full Article