Security News > 2020 > August > TikTok Surreptitiously Collected Android User Data Using Google-Prohibited Tactic
TikTok has been collecting unique identifiers from millions of Android devices without their users' knowledge using a tactic previously prohibited by Google because it violated people's privacy, new research has found.
The app bundled the MAC address with other device data and sent it to ByteDance upon the app's first installation and opening on a new device, according to the report.
Mobile apps collect various data on users for advertising purposes, which has always been a point of contention for privacy advocates.
President Trump recently threatened to ban the app in the United States out of fear that it's surreptitiously collecting data on U.S. government employees and contractors to use in China's cyber activities against the United States.
TikTok has said it doesn't share data with the Chinese government and would not violate user privacy even if asked, according to the WSJ. However, many security experts have warned that due to the security flaws of the app and China's stance on cybersecurity, it's likely the Chinese government has access to whatever data the app does.
News URL
Related news
- Google: Gemini AI for Android processes sensitive data locally (source)
- Google says it's focusing on privacy with Gemini AI on Android (source)
- Google Removing Poor-Quality Android Apps From Play Store to Boost Engagement (source)
- Google backports fix for Pixel EoP flaw to other Android devices (source)
- Android malware 'Necro' infects 11 million devices via Google Play (source)
- New Octo Android malware version impersonates NordVPN, Google Chrome (source)
- Google's Shift to Rust Programming Cuts Android Memory Vulnerabilities by 68% (source)
- Google sees 68% drop in Android memory safety flaws over 5 years (source)
- Fake WalletConnect app on Google Play steals Android users’ crypto (source)