ImageQuest recommends that our clients and other organizations ban the use of TikTok on company devices. We strongly recommend not creating a company account.
China-based ByteDance owns TikTok, and we’ve seen numerous reports that the app appears problematic from a security and privacy perspective.
For example:
- In January 2020, researchers found the app could allow hackers access to user accounts using SMS, the mobile phone texting software
- In February 2020, Reddit CEO Steve Huffman called TikTok “spyware” because “it’s always listening, the fingerprinting app they use is terrifying.”
- In August 2020, the Wall Street Journal reported that TikTok tracked Android data.
- In June 2022, BuzzFeed News reported that leaked audio recordings showed some China-based TikTok employees had full access to overseas (including U.S.) data.
- In August 2022, a security researcher found keylogging functionality in the TikTok software.
We encourage you to learn more by searching for news about “TikTok security” and “TikTok privacy.”
TikTok has denied that China maintains access to U.S. users’ data.
However, TikTok’s privacy policy says it collects “usage information, IP addresses, the user’s mobile carrier, unique device identifiers, keystroke patterns, and location data,” among other information.
TikTok also collects biometric data, including “faceprints and voiceprints.”
The app has sparked government discussions raising questions about whether the app can spread misinformation as well as steal information about users. ByteDance officials deny this, but security researchers remain unconvinced, and the concerns persist.
ImageQuest blocks TikTok in all forms on our corporate networks and devices. Employees are asked not to install and use the mobile app on their devices, especially ones accessing the ImageQuest network.
Employees also are encouraged to discuss the problems of TikTok with their family and household members.
We strongly encourage you to do the same.