TikTok accused of harvesting sensitive data, US FCC commissioner asks Google, Apple to ban app

Viral short video app TikTok has been accused of harvesting sensitive data belonging to users in the US, leading to the Federation Communications Commission (FCC) calling upon Tim Cook and Sundar Pichai, chief executives of Apple and Google respectively, to ban the services on their app stores. The move comes after reports cited leaked internal recordings from TikTok’s Bytedance headquarters in Beijing that suggested that the company’s executives in China could access any data belonging to American users at will.

Writing to the two executives on Tuesday, FCC chairman, Brendan Carr, highlighted that in the first quarter of 2022 itself, TikTok has been downloaded over 19 million times from the iOS App Store and the Android Play Store. “It is clear that TikTok poses an unacceptable national security risk, due to its extensive data harvesting being combined with Beijing's apparently unchecked access to that sensitive data.”

Carr also added that despite multiple representations, TikTok’s “pattern of conduct and misrepresentations regarding the unfettered access that persons in Beijing have to sensitive US user data puts it out of compliance with the policies (of Apple and Google’s app markets).”

USA’s move to restrict TikTok’s adoption and growth in the country comes exactly two years after the app was banned in India in 2020. While the app was suspended from appearing in Indian devices among multiple other apps with links to servers in China, the Indian government maintained that the ban was done to address concerns regarding data security, cyber espionage by China and data harvesting of Indian users by Bytedance – concerns that the US has mirrored today.

Earlier this month, an investigation by Buzzfeed News detailed audio recordings from 80 internal meetings, which appear to claim that “everything” can be seen and accessed by TikTok’s executives in China. The recordings also mention the existence of a ‘master admin’ in Bytedance’s Beijing headquarters, who can reportedly access all user data irrespective of region.

Carr has now highlighted how such data collection is done, stating that TikTok “collects search and browsing histories, keystroke patterns, biometric identifiers, draft messages and metadata, plus the text, images, and videos that are stored on a device's clipboard.”

It is important to note that TikTok has been ranked as the top app in most worldwide geographies in 2022, according to data from app market research firm, Data.ai (formerly App Annie). It has also been a commercial success – in April this year, a post by Gabrielle Bikker, market insights manager at Data.ai, claimed that TikTok earned $840 million from in-app spends around the world among any app or game. The figure was the highest ever earned by an app in one quarter.

Interestingly, TikTok announced earlier this month that the company is migrating all of its user data in the US to US-based IT services provider Oracle’s servers. However, Carr noted that this does not truly answer concerns, stating, “TikTok has long claimed that its US user data has been stored on servers in the US. Yet, those representations provided no protection against the data being accessed from Beijing.”

He further reinstated that TikTok has offered no details in terms of where its data can be accessed from – hence urging Apple and Google to suspend the app’s operations in the country. At the time of writing, neither Apple nor Google issued statements or responses on the matter.