Defendants deny these allegations and other material allegations in the operative complaint.(collectively, the “Defendants”), violated federal and state law by collecting and using, without sufficient notice and consent, Plaintiffs’ personal data in connection with their use of the TikTok - Make Your Day video-sharing application (and/or its predecessor app Musical.ly) distributed in the U.S. Plaintiffs filed a class action complaint alleging that TikTok, Inc.If you live in Illinois and used the TikTok app in Illinois to create videos, you may be entitled to up to 6x the Payment. Please follow me on Twitter, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.If you and/or your minor child used the TikTok and/or Musical.ly application, You May Be Entitled to a Payment from a Class Action Settlement. Though at this stage of the digital transformation, the parable of TikTok suggests there is still some way to go, so you’d best ensure your company security practice is TipTop for TikTok. The best approach is to ensure the endpoint intelligence remains on the device and can’t be shared in any useful format. After all, even the most intrusive app can’t gather data that does not exist.
The less they know, the less they knowįinally, of course, this news should be seen as a testament to support Apple’s fundamental approach to privacy and security on devices, and an argument to go further on that path.
Of course, in the short term, business users will want to figure out how to convince employees to cease use of TikTok on work devices while MDM and security vendors will be exploring ways to partition the app from any sensitive data held on a dual use work/personal machine. That some of this activity is outsourced to shadowy private entities amplifies this risk. If every nation is involved in exfiltrating data in this way, no one can really be seen as secure. It is possible the US government’s Committee on Foreign Investment in the United States (CFIUS) may soon announce a National Security bill designed to put the brakes on any potential abuse by state actors in line with the commissioner’s claims.Īll the same, if we disregard the nationalities, then the claim also exposes the challenge of doing business in an increasingly surveilled age. If Carr’s claims are true, then TikTok joins names such as NSO Group and RCS Labs on the roll call of companies dedicated to undermining user privacy.
In the event it fails to achieve that, it seems inevitable that Apple and Google will remove the app from their stores, at least in the US.īut what this really represents is an allegory for the level of risk businesses face, and will continue to face, as entities of various kinds persist in exploiting digital connectivity for their own ends. I imagine TikTok will attempt to dispute the report that prompted the commissioner’s request. Though it did move US user data to Oracle servers in the US just before the latest damaging report appeared. Objectively, TikTok does seem to have tried to distance itself from the privacy abuses Carr points to, but the most recent claim that US user data can be accessed by the company may have pushed its reputation over the precipice. That’s important, given 80 million people spend around 24 hours a month using the service. That’s a lot of people - and, conceivably, a lot of data potentially made available outside the circle of trust many may expect. The most viewed video on TikTok ever, Zach King’s Harry Potter Illusion video generated 2.2 billion views. The numbers are staggering: Khaby Lame has 142.8 million followers on the service. For example, one of the UK’s leading newspapers, the Evening Standard, today leads with a report explaining who the most followed people on TikTok are. Security, politics and hypeĬarr points out that US government and national security agencies are either urging or mandating the removal of the TikTok app from devices India has banned the app on national security grounds and some businesses have already banned its use on company devices.Īt the same time, there continue to be mainstream reports to support the service. In his letter, the commissioner provides some evidence to support his argument that TikTok fails to adhere to Apple and Google’s security practices - for example, researchers in 2020 claimed the app might be able to access sensitive data, including passwords, crypto wallet addresses and messages. The text, images, and videos stored on a device’s clipboard.Biometric identifiers, including faceprints and voiceprints.