TikTok, the popular video posting app, has come under increased scrutiny. Recently, two lawsuits filed against the platform accused TikTok of privacy violations. According to a report from Reuters, a plaintiff accused TikTok of creating an account without her knowledge or consent in one lawsuit filed in California. The lawsuit accused TikTok of creating a file on the user. This file allegedly included biometric data based on videos that the user created, but did not upload. Finally, the lawsuit claimed that TikTok transferred user data and websites visited to servers in China. According to thepenn.org, a class-action lawsuit filed by more than two hundred parents accused Musical.ly (an app owned by the same company that owns TikTik, ByteDance Ltd.) of collecting personal information on children under the age of 13 who used the app. That data included username, email, phone number, bios, and profile picture. In both lawsuits, we see a common denominator: privacy. For years, we have been warned of the dangers of visiting websites. We’re well aware of threats such as stolen data and malware infections, but what about those pertaining to our apps? Smartphone technology is continually improving. As we move forward, we will see better protection against malware on our devices. Apple has championed its sandboxing methodology concerning apps. Basically, with sandboxing, what happens on one app does not affect another app. If you have an infected or corrupted app on your iPhone, all you need to do is delete the app. Android phones are a different situation. A user has more control when it comes to modifying their phone and installing random apps. Yet going back to the allegations against TikTok, what happens when an app is not corrupted and is working as intended? What happens when our data is sent and stored on remote servers on the other side of the world without or knowledge of consent? What can we do? One thing is to check the terms of service (TOS). Is there any language that would lead you to believe your data would be shared, sold, or used? Next, look up the company that produced the app. Do they have a history of negative reviews or questionable associations? Then it's best to skip these apps. Many apps are promoted on social media or by influencers paid to promote them. We see our favorite Instagram personality using a face shifting app and want to use it as well. The next thing we know, our face is on a billboard or in a commercial. If you decide to go ahead and download an app, check the settings. Set the settings to the highest level of privacy possible. For example, if uploading to a server can be toggled off, do so. If AutoShare or sharing to the network can be toggled off, do so. Ideally, you want any feature that can send information out of the app without your permission to be turned off. A key factor of cybersecurity is control. You, as the user, need to be the one in control, not the other way around.
About the Author: Jason Nelson writes and produces content related to Blockchain Technology, Cyber Security, and Privacy. He has had a love of technology since receiving his first computer, a TSR-80 in the 1980s. He has worked in the IT field for over a decade. Working with desktops, laptops and mobile devices. He has also been involved in the Blockchain space since 2016 as a Journalist and Content Creator. He can be found across social media as @dragonwolftech and his official site is: cryptoinsightsjournal.com which also has a YouTube channel, Crypto Insights Journal. Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.