In a new revelation that may amplify TikTok’s scrutiny over security concerns, a report has revealed that the app skirted Google’s built-in protection sneakily tracking users.
The exclusive report from the WSJ says the app silently collected unique identifiers (MAC addresses) of millions of mobile devices on Google’s Android platform for 15 months straight.
These data could enable the company to track users’ online activity, although it’s commonly leveraged for advertising purposes.
How TikTok managed to conceal this illegal practice is by implementing an additional layer of protection. Google started blocking third-party apps from reading device MAC addresses in 2015, two years after Apple, but TikTok managed to have access via an indirect method, the report showed.
The practice was, however, ended in November last year and violated Google’s Play Store policies. On the other hand, this is the same time when ByteDance, TikTok’s parent company, was under intense scrutiny in the US. That being the case, it implies that the retreat wasn’t purely coincidental.
Finally, now that TikTok has its house in order, at least on this particular matter, the same could be used by the app’s critics as proof.
In response, TikTok told the Journal they are “committed to protecting the privacy and safety of the TikTok community. Like our peers, we constantly update our app to keep up with evolving security challenges.”
They also cleared the doubts that the current version of the app doesn’t collect MAC addresses. TikTok has argued in the past that its app collects less data than other US tech companies, like Google and Facebook.
TikTok, together with 58 Chinese apps, was banned in India last month over security concerns. Trump’s government has also issued a ban on TikTok and WeChat that will be effective from September 20th.
Washington has argued the two apps collect massive amounts of data that could be used by China to track government employees and contractors.