Your IP: Unknown · Your Status: ProtectedUnprotectedUnknown

Is TikTok a threat to your privacy?

Using TikTok could put your privacy and security at risk. The popular social media app has more than one billion users and is growing rapidly, but it exposes users to a range of potential threats. So what are the problems with TikTok? And how can you stay safe while using it?

Malcolm Higgins

Malcolm Higgins

Is TikTok a threat to your privacy?

What is TikTok?

TikTok is a social media platform with a focus on short-form video content. It was established in 2016, making it one of the newer entries in a crowded social media market, but it's enjoyed explosive success since then. Today it has more than a billion users and its growth shows no signs of slowing down.

The app allows users to view videos posted by other accounts and also share videos themselves. What content users see is, for the most part, determined by TikTok's algorithms.

Is TikTok safe?

TikTok is relatively safe for the average user, but it comes with several privacy and security concerns, from invasive data harvesting to phishing scams.

While many of its competitors have their own social media privacy issues, TikTok has some unique risk factors, including potential interference from the Chinese government. We'll cover all of these issues in detail later in this article.

The TikTok algorithm

The defining feature of TikTok, and arguably the primary reason for its success, is its For You Page (FYP). This feature sets it apart from other platforms, though many competitors are now trying to mimic it.

The FYP is a continuous scrolling feed of videos curated by an algorithm. These aren't necessarily videos from creators you’ve chosen to follow. Instead, what appears on the FYP is decided by an algorithm, based on your specific interests.

The FYP is infamously effective at targeting the niche interests and personalities of individual users. The algorithm is extremely good at assessing what kind of video keeps a user on the app and then prioritizing content accordingly.

Even though the algorithm may give users a better experience, it contributes to the first major problem we need to discuss: privacy.

TikTok privacy issues

Several factors contribute to TikTok’s privacy issues.

A data-driven algorithm

Perhaps the most obvious issue with TikTok is that it gathers large amounts of user data. That’s why the algorithm is so effective: It monitors and logs user behavior and then curates their FYP to be as engaging as possible.

As soon as you start using TikTok, the company begins building a profile about you, including your interests, political leanings, and every other variable that could impact on the selection of videos you see. There are two main objections people might have to this kind of profiling.

First is a first principles issue. Should a corporation have that kind of insight into your personal life? Are you comfortable with TikTok assessing and deducing (often with remarkable accuracy) your sexuality, political leanings, or health conditions?

The second problem is a more practical one. When large corporations gather huge quantities of data about their users, it only takes one data breach for that information to fall into the wrong hands. Hackers are eager to steal valuable data from online businesses, and there’s no guarantee that social media giants are actually capable of keeping your private details safe.

TikTok’s In-App Browser

TikTok uses an in-app browser, built into the app itself. This means that, when a user tries to navigate off TikTok through an ad or a bio link, they actually stay on the app. Instead of switching to Chrome or Safari, they view the pages through TikTok’s own browser.

The internal browser gives the company the ability to monitor behavior on websites and pages that a user might assume are not within TikTok’s purview. This type of monitoring is not in breach of any privacy agreements and other apps, including Instagram, have a similar system, but it’s another area in which users might end up exposing more personal information than they intend to.

ByteDance and the Chinese Communist Party

TikTok is owned by ByteDance, a company based in China. Under Chinese law, it is required to share user data with the authorities if requested.

It is also understandably incentivised to stay in line with Chinese Communist Party policy, which some argue has led the company to suppress videos discussing human rights abuses against Uigher muslims in the Chinese province of Xinjiang.

While it’s hard to verify TikTok’s stance on these issues, the fact that ByteDance operates under the authority of the CCP should raise concerns about user privacy.

TikTok security concerns

TikTok, like most social media platforms, also has a variety of security risks associated with its use.

TikTok scams

For starters, signing up to the platform is easy and doesn’t require that users prove they are who they say they are. As a consequence, hackers can quickly create fake identities and repost the content of other larger creators.

The account owner can include a suspicious link in their bio or message new followers directly with a malicious URL. When viewers click on the link, thinking that they’re dealing with a legitimate and well-known account, they may end up downloading malware or exposing private information.

These problems are by no means unique to TikTok, but the fact that TikTok’s user base is relatively young (the largest percentage of active users is women and girls under the age of 24) makes these threats more worrying. There's very little to stop a bad actor creating a fake TikTok identity and targeting young people with scams, or worse.

Data breaches

As we discussed before, TikTok is a tempting target for hackers. The risk of data breaches isn’t just a theoretical issue either.

In 2022, Microsoft announced that it had identified at least one “high-severity vulnerability” in TikTok’s Android app. Just a few days later, reports emerged of a potential data breach involving an insecure TikTok server. Numerous cybersecurity experts voiced concerns about the incident on Twitter, although the company later denied that any user data was at risk.

TikTok is just the latest social media site to (allegedly) suffer a data breach. Facebook, Instagram, and Twitter have all faced similar incidents in recent years. However, with TikTok’s user base increasing at an unprecedented rate, it will become an ever-greater target for hackers in the years ahead.

Is TikTok safe for kids?

TikTok is intended for users over the age of 13, so younger kids should not use the app. However, parents should be wary of allowing young teens to access TikTok for several reasons.

Firstly, the TikTok algorithm may recommend inappropriate content, sometimes of a sexual nature, to users of all ages. Unlike Facebook or Instagram, most of the content TikTok users see is not from accounts they've chosen to follow; the FYP continually displays new videos from creators they may never have seen before. As a result, it's hard to guarantee that kids will only be exposed to age-appropriate content.

It is also possible for strangers to contact young people on TikTok using the direct message function. When a new profile is created, the profile is automatically set to be publicly visible. This means that anyone can message the account owner. With this in mind, make sure that kids' profiles are set to private.

To enhance safety, make use of TikTok's Family Pairing feature, which allows parents to connect their account with their kid's for added oversight.

How to stay safe on TikTok

If you’re a TikTok user, you may wish to now delete TikTok to maintain your privacy and security. However, if you want to keep using the app, you can take several steps to enhance your safety on the app and protect yourself from cybercriminals.

    1. Be wary of links and URLs. Before clicking on a link in a profile’s bio or in a direct message, make sure to verify whether the account you're dealing with is genuine. If they’re a large creator, are they verified (displaying a blue tick next to their name)? How long have they been posting for? Are their comments switched on or off? If a hacker has created a fake account, they’re likely to be unverified and relatively new and may turn off comments to avoid negative feedback.
    2. Set your profile to private. You can still enjoy all the content TikTok has to offer without making your own profile public. Have a look through your privacy settings and make sure that only people you know and trust can view your content. Doing so lowers the likelihood of identity theft and makes it harder for scammers to contact you.
    3. Don’t post personally identifiable content. When uploading videos, make sure not to include images of your home and neighborhood, views from your windows, or other content that could be used to triangulate your location. Try to limit how much you post about your work, family, and other personal contacts. The more of this information you make public, the easier it is for hackers to steal your identity and use it to launch phishing attacks against others.

Malcolm Higgins
Malcolm Higgins Malcolm Higgins
Malcolm is a content writer specializing in cybersecurity and tech news. With a background in journalism and a passion for digital privacy, he hopes his work will empower people to control their own data.