With over 1.5 billion downloads, TikTok has become the latest social media network to capture our collective attention. Now, however, it seems as though the platform is coming under scrutiny largely due to the fact that it was created by developers in China, leading the U.S. Department of Defense to encourage its employees to avoid installing the app on their smartphones.
That's according to an advisory issued in December, that has also been reported on by The New York Times, which tell users "not to install [the] app until further guidance from the ongoing national security review."
The memo, which I had an opportunity to review, conveys the DoD concern over "the app's popularity with Western users including armed forces personnel, and its ability to convey location, image and biometric data to its Chinese parent company, which is legally unable to refuse to share data to the Chinese government"
TikTok is the popular social media app that allows users to upload and share short-form video, and is especially popular for dance, lip-sync, and comedy content. Because it is developed by a Chinese company, there has been a lingering concern that information of U.S. citizens could be compromised or revealed. Understanably, the Defense Department is particularly worried about that sort of thing, especially as it relates to military personnel.
The advisory memo warns that "TikTok (formerly Musical.ly) application 12.2.0 for Android and iOS performs unencrypted transmission of images, videos, and likes. This allows an attacker to extract private sensitive information by sniffing network traffic."
Furthermore, Check Point Research released a report on Wednesday that detailed multiple vulnerabilities in the TikTok app that would allow attackers to compromise accounts, obtain content, delete videos, and reveal personal information saved on the account. According to Check Point, this information was provided to TikTok and an update fixed these vulnerabilities in December.
Check Point is a security research firm that has discovered vulnerabilities in other apps we use on a daily basis, and has a track record of working with developers to make them aware of issues to be fixed. This latest revelation, however, simply highlights a growing problem.
In reality, while the Defense Department memo and Check Point Research report deal specifically with TikTok, the truth is that the information we share on social media is increasingly at risk of being used in ways we might not intend. Instagram and Facebook users have experienced multiple breaches of their data, and third-party developers have been found to scrape user data for their own purposes on several occasions.
"Threats posed by social media are not unique to TikTok, though they may certainly be greater on that platform, and DoD personnel must be cautious when making any public or social media post," says Lt. Col. Uriah Orland, a Pentagon Spokesperson.
As a result, the Defense Department is urging its personnel not to install TikTok, or, to at least be sure they are using the most current version, which fixes the patches revealed by the Check Point release.