TikTok found collecting Android users’ MAC addresses using a strategy banned by Google
In the current era, users’ privacy is the highest priority feature an application or software should be focusing on. Meanwhile, here it has been found that the popular Chinese app TikTok used to track Android Users’ data by collecting MAC addresses. Previously, we also saw how TikTok spied on Apple and Android smartphones clipboard data. Where the companies try to provide the best security to its users, TikTok is finding multiple ways to break that security.
According to a report by Wall Street Journal, TikTok skirted a privacy safeguard in Google’s Android operating system to collect unique identifiers from millions of mobile devices, data that allows the app to track users online without allowing them to opt-out.
The app logged users’ MAC addresses, unique digital identifiers attached to all smartphones that cannot be reset, allowing TikTok parent company ByteDance to track people even if they changed their privacy settings to opt-out of certain ad-tracking practices, The Wall Street Journal found.
So @tiktok_us violated @Google policies and essentially hacked Android phones in order to track users without their permission. @Google, ban TikTok from your platform and app store. Don’t wait https://t.co/i5cRAR66Br
— Josh Hawley (@HawleyMO) August 11, 2020
TikTok says that the identifiers collected by the app, called MAC addresses, are most commonly used for advertising purposes. The White House has said it is worried that users’ data could be obtained by the Chinese government and used to build detailed dossiers on individuals for blackmail or espionage. The tactic was reportedly hidden using an additional layer of encryption and was done without the knowledge of TikTok users. The company reportedly ended the practice in November.
The tech giant Google banned the app developers from collecting users’ MAC addresses in 2015, while Apple did the same two years earlier. But smartphone security experts told The Wall Street Journal that TikTok circumvented the policy by exploiting a bug and hid its tracks with an atypical extra layer of encryption.
However, a Google representative said that we are looking at the claim and will soon inform about the same. What do you think about TikTok’s policy violation? Do mention your views in the comment section below. For more news on tech and cybersecurity stay tuned on Android Rookies by subscribing to our newsletter from here.