In this article, we take an in-depth look at whether the wildly popular social media platform TikTok is safe to use.
Several countries recently banned government officials from using TikTok, and now the US House of Representatives has passed the Protecting Americans from Foreign Adversary Controlled Applications Act. Also known as the “TikTok bill”, this legislation demands that TikTok’s Chinese owner, ByteDance, sell the video-sharing platform to a non-Chinese buyer. Failure to do so will result in it being banned in the US.
Despite overwhelming bipartisan support in the House (and from President Biden), it remains highly uncertain whether the legislation will pass the Senate.
It may also face legal challenges on constitutional grounds from civil rights groups concerned that it violates the First Amendment’s free speech provisions. Whether such challenges have any legal merit, however, is debatable. Although framed as such by TikTok, the bill isn’t intended to ban on TikTok — its primary aim is instead to force a sale from the Chinese ByteDance to a US firm (or at least one unconnected to Beijing).
A ban will only be implemented if TikTok doesn’t find a suitable buyer. As context for this, the US also doesn’t allow foreign ownership of broadcast companies and has recently forced divestment of other Chinese companies on national security grounds (for example, Grindr).
Whatever the outcome, the bill highlights widespread concern over whether it’s safe to use TikTok.
What is TikTok?
TikTok is a social media platform known for its short-form video content. Users can create, share, and discover videos ranging from a few seconds to several minutes in length. Launched internationally in 2017 by ByteDance, TikTok has rapidly become one of the world’s most popular apps, especially among younger audiences. It’s currently estimated to have over 1.7 billion users worldwide.
Its algorithm is designed to personalize the user experience, offering a feed of videos curated to each user’s preferences, which has contributed significantly to the app’s addictive quality and global reach.
TikTok also includes a community aspect, where users can follow, like, comment on, and share videos from others, fostering a vibrant and interactive online community. The platform has been wildly influential, shaping internet culture, launching viral trends, and even propelling songs and artists to fame.
What are the security risks with TikTok?
Most concerns around TikTok focus on the fact that as a Chinese company, ByteDance is required to share any data deemed relevant to Chinese national security with the Chinese Communist Party (CCP) upon request.
These fears have been exacerbated by some frankly shocking admissions and accusations regarding the platform, which include:
TikTok spied on journalists
TikTok has admitted that it used its app to spy on reporters in an effort to track internal leaks. To achieve this, it improperly accessed their IP addresses and user data in an attempt to identify whether they had been in the same locales as ByteDance employees suspected of leaking information.
TikTok was used to spy on Hong Kong activists
A former senior ByteDance executive has accused TikTok of helping the CCP to spy on Hong Kong pro-democracy activists. In a US court filing, Yintao Yu said that TikTok helped identify and monitor “protest-related content”, which it then handed over to the Chinese authorities.
TikTok ran keylogging code in its app
A privacy researcher and former Google engineer claims that he found malicious code running inside TikTok’s in-app browser that could monitor keystrokes. This would allow TikTok to log users’ credit card details and other sensitive information inputted into the browser window.
Other safety concerns about TikTok
Extensive tracking and corporate surveillance
TikTok is undoubtedly at least as invasive to your privacy as any other big social media platform, such as Facebook, X, or Instagram. This means it collects and shares a wealth of information about you, including:
- Your IP address
- Your device’s International Mobile Equipment Identity (IMEI) number
- GPS location data
- How you engage with videos and other content on the platform, such as which videos you watch, how long you watch them for, and which videos you download
TikTok has also been accused of particularly aggressive pixel tracking, a form of fingerprinting that uses invisible code, to uniquely identify internet users and track their browsing histories even when they don’t themselves use TikTok.
It uses the information it collects in the following ways:
- To target you with ever more personalized ads
- To share with its business partners (primarily so they can also target you with personalized ads)
Learn more about how TikTok abuses your privacy
TikTok scams
TikTok users have been targeted with numerous scams. Some of the best-documented scams include:
- Pyramid and Ponzi “get rich quick” schemes
- Romance scams
- Mobile game scams (notably around Roblox)
- Job scams
But is TikTok really that unsafe?
Yes. TikTok undoubtedly collects far more information than it needs and has unclear data privacy protections from its host nation’s government. If you’re concerned about maintaining your privacy and minimizing how much personal information you expose, you should delete it immediately. If your security model involves trying to shield your information from the Chinese government, we advise you avoid TikTok entirely.
Learn how to delete TikTok and clear your data
However, the same is also true of Facebook, Instagram, X, Snapchat, and all of Google’s services. These services harvest a huge amount of personal data and, as Edward Snowden’s mass surveillance revelations exposed, share this with the US government.
The US government can also issue national security letters (NSLs), compelling companies to turn over vast amounts of personal data and metadata without any judicial oversight. These are usually accompanied by a gag order that prevents the company from alerting their users that they’ve served with an NSL.
The US government may also have shifted to simply buying US citizens’ internet data from commercial data brokers rather than relying on the direct cooperation of social media companies (although it still does this), but the underlying reality has hardly changed — the US government continues to spy on US citizens’ internet activities.
Learn more about why the US is not good for privacy
The US has made at least some progress at reining in the more egregious abuses by domestic social media companies themselves, but it remains questionable whether the way in which TikTok collects and abuses your data for financial gain is fundamentally any different from how other commercial social media platforms behave. TikTok is also not unusual in hosting scams.
However, as recent news that the US and UK are imposing sanctions on China following accusations it sponsored a years-long cyber-attack campaign targeting politicians, journalists, and businesses clearly demonstrates, the threat from China is very real.
And as we’ve seen from the way in which TikTok can spy on journalists and activists, spread misinformation, and even potentially log its users’ keystrokes, concerns that the wildly popular social media platform is a potentially highly dangerous tool while in Chinese hands are also justified.
How to use TikTok (more) safely
There is no safe way to use TikTok. As the incident where TikTok spied on journalists’ IP addresses demonstrates, even having TikTok installed on your phone is a serious danger to your privacy and security. If you really care about being safe and private online, you should just delete TikTok.
This is especially true if you are a journalist, activist, politician, government official, or have access to any confidential information whatsoever.
Is TikTok safe? Our verdict
No. TikTok abuses your privacy, has pushed extremist content, and may well represent a serious national security risk to citizens of other countries. There is no safe way to use TikTok, and our strong recommendation is to delete the app from all your devices.
It’s true that much of the current furor over TikTok’s Chinese ownership comes from wider geopolitical concerns, rather than the problems with the app itself. It’s also true that US-based social media giants such as Facebook and X also abuse your privacy in similar ways and share data (directly or indirectly) with the US government, and aren’t receiving the kind of scrutiny that TikTok is now undergoing.
But there’s also little doubt that China genuinely is a threat, not just US-national security, but to the national security of many nations, and that TikTok could be a highly dangerous weapon in its cyber-arsenal.
