TikTok tracked Android user data despite Google privacy protections

TikTok tracked Android user data despite Google privacy protections

Credit: Olivier Bergeron on Unsplash

  • TikTok tracked the MAC addresses of Android telephones regardless of Google’s privateness protections.
  • The apply led to November.
  • The information comes simply because the President is threatening a ban on the service for potential spying.

TikTok already faces the specter of a US ban as a consequence of considerations about potential Chinese spying, and its newest privateness incident received’t assist issues.

The Wall Street Journal has discovered that TikTok’s app was monitoring the MAC addresses (the {hardware} identifiers for networked gadgets) of Android customers for at the very least 15 months regardless of Google insurance policies and techniques forbidding the apply. It reportedly used a well known “workaround” safety gap to get the information in addition to an “uncommon” additional layer of encryption that masked the strategy.

The firm didn’t notify TikTok customers or give them a alternative concerning the information assortment. When customers first ran the app on a brand new machine, TikTok bundled the MAC knowledge with info together with the semi-anonymous promoting ID used to trace person habits. You can reset the promoting ID on a cellphone, however you may’t change the MAC handle.

Read More:  Poll: Could you go back to an audio jack after using Bluetooth headphones?

TikTok ended the monitoring with an replace on November 18, the WSJ stated. TikTok didn’t immediately handle the claims when the newspaper reached out for remark, however did say the “present model” of its app doesn’t collect MAC addresses.

See additionally: The greatest TikTok alternate options and apps for Android

Google stated it was investigating each the report’s findings and people of an nameless Reddit publish from April, nevertheless it declined to touch upon the loophole. AppCensus’ Joel Reardon stated he filed a bug report with Google concerning the gap in June 2019, however the flaw was clearly exploitable previous that time.

There’s no point out of comparable monitoring for iOS customers. Both Apple and Google formally banned apps from studying MAC addresses a number of years in the past.

The habits isn’t distinctive to TikTok, with AppCensus estimating that about 1.4% of Android apps exploiting the loophole to ship the MAC handle. The encryption was odd, nonetheless, and it wasn’t clear simply what TikTok’s intentions had been for the information. It additionally follows simply weeks after iOS 14 revealed that TikTok was accessing iPhone clipboards greater than needed.

Read More:  First smartphone with under-display camera in weeks, and more tech news today

Both Google and TikTok may need to reply extra questions.

The findings come on the worst doable time for TikTok. President Trump and different American politicians are pushing for TikTok to promote itself to a US firm over considerations its Chinese mother or father firm ByteDance would possibly ask it to gather delicate knowledge for surveillance. TikTok has at all times denied gathering knowledge for China and made some extent of distancing itself from ByteDance, however this might simply gas suspicions even when the information is used just for promoting and different enterprise functions.

There are already requires motion, too. Senator Josh Hawley, a politician identified for criticizing the habits of web firms, instructed the WSJ that Google ought to pull TikTok from the Play Store as a consequence of each breaking the principles and doable violations of kid privateness legal guidelines. This received’t essentially result in authorized motion past the potential ban, nevertheless it’s evident that each Google and TikTok may need to reply extra questions.

Read More:  These lavish rose gold Galaxy Note 20 Ultras will cost you a cool $6,000


Add comment