Are there Security Risks from TikTok?

By Avalon Siegel
September 1, 2021
10 min

Tiktok has rapidly become one of the largest social medias in the market with 100 million active monthly users in the United States, and 689 million world wide. It might seem an unlikely object of superpower competition. The app serves up an endless stream of remixed songs, memes, viral clips, and the odd celebrity cameo, algorithmically selected to appeal to your interests and tastes.

Like any social media company with that much reach is likely to undergo substantial scrutiny. But last year, the Trump administrations began to raise their concerns about national potential security threats. And now it’s in the main limelight of the American legislative persecution.

App Permissions

Many apps, like TikTok, require users to agree to provide permission to various components of their phone. A user must grant TikTok access to their microphone, camera, contacts, clipboard, and location service in order to utilize the app. Some of those permissions are clearly required to create content on the app, but others are not.

The biggest concerns cybersecurity experts point to are privacy issues like data mining, device permissions, and a potential risk to national security as common causes for concern.

What differentiates it from its competitors?

All things considered, TikTok does not pose any particular risks to average users. Certainly, there is potential for the substantial volumes of user data collected by TikTok to be shared with partners, but that’s not substantially different than when using Facebook. But anyone who uses any major social network in the past 10 years has taken similar risks. There’s nothing outstanding about TikTok except the fact that it’s Chinese-owned.

During the Trump presidency

One of the hottest social media discussion topics of late 2020 was the Trump administration’s proposed ban of popular social media platform TikTok as a national security threat. At the heart of the discussion is the fact that TikTok is owned by a Chinese corporation based in China. The chief concerns focus on data collection and its potential use:

In common with other leading social media apps, TikTok collects far more information than its users generally realize, including geographical movements by the phone user.
TikTok also collects data from other social media apps the mobile owner is using. Again, this is not unique to TikTok.

This data collection could in theory be demanded of TikTok by the Chinese government. If so, the Chinese could add such data to known data they have already collected on US citizens, including a significant amount of data from earlier hacks on Equifax and the Office of Personnel Management. Such data could potentially be used for blackmail or other purposes. In the same vein, some corporations (in the US and elsewhere) may also view TikTok as a security risk via its employees who use this app.

Finally, there is concern among U.S. policymakers about potential disinformation on TikTok. Tons of U.S. teenagers use TikTok and consume political content through the application, so there is a concern that the users could amplify disinformation on the platform. This incursion of disinformation into U.S. public discourse is no doubt corrosive to the democratic process. Yet this is not a national security risk that is necessarily specific to TikTok.

Where does the US stand now?

In June of this year, President Biden withdrew Trump’s executive order seeking to ban TikTok as well as another Chinese-owned app.

Just a few weeks ago, TikTok launched new initiatives aimed at encouraging users to engage with the platform and use it in new ways. This includes a feature last week that allowed users to apply for employment by recording “TikTok résumés” to transmit to specific recruiting organizations.

Slowly but surely, it’s evolved into a massive window into American culture with access to people’s faces, IP addresses, and voices.