Security News > 2020 > August > TikTok Surreptitiously Collected Android User Data Using Google-Prohibited Tactic
TikTok has been collecting unique identifiers from millions of Android devices without their users' knowledge using a tactic previously prohibited by Google because it violated people's privacy, new research has found.
The app bundled the MAC address with other device data and sent it to ByteDance upon the app's first installation and opening on a new device, according to the report.
Mobile apps collect various data on users for advertising purposes, which has always been a point of contention for privacy advocates.
President Trump recently threatened to ban the app in the United States out of fear that it's surreptitiously collecting data on U.S. government employees and contractors to use in China's cyber activities against the United States.
TikTok has said it doesn't share data with the Chinese government and would not violate user privacy even if asked, according to the WSJ. However, many security experts have warned that due to the security flaws of the app and China's stance on cybersecurity, it's likely the Chinese government has access to whatever data the app does.
News URL
Related news
- SpyLend Android malware downloaded 100,000 times from Google Play (source)
- Google's March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities (source)
- How Google tracks Android device users before they've even opened an app (source)
- Google fixes Android zero-day exploited by Serbian authorities (source)
- Google expands Android AI scam detection to more Pixel devices (source)
- Google Rolls Out AI Scam Detection for Android to Combat Conversational Fraud (source)
- New North Korean Android spyware slips onto Google Play (source)
- Malicious Android 'Vapor' apps on Google Play installed 60 million times (source)
- Google Gemini's Astra (screen sharing) rolls out on Android for some users (source)
- Google fixes Android zero-days exploited in attacks, 60 other flaws (source)