We have all heard governments claim that TikTok “steals the user’s knowledge and sends it back to China”. And while these accusations are disturbing, so far there has been no genuine evidence. ByteDance, TikTok’s parent company, tried to evade the accusations and called them unfounded. However, this new WSJ report will complicate the issues for the Chinese company, which claims that TikTok used a known security flaw to track users’ MAC addresses.
The news site analyzed how the app works and studied other editions from 2018 to 2020. Although it was discovered that the platform “did not gather a data amount for a cellular app,” a previous edition caught analysts’ attention. Researchers found that until late last year, TikTok used a security flaw known to circumvent Android protections that prevent apps from tracking users through the MAC address of their devices.
“TikTok has overlooked privacy coverage in Google’s Android operational formula for collecting unique identifiers from millions of mobile devices, knowing that the app tracks users online without allowing them to opt out,” WSJ said.
MAC addresses have now been used for a long time to identify other people on networks. MAC addresses help the deployment of network battery hardware and are not replaced even if the device replaces the networks. Therefore, these addresses are called physical addresses or addresses. Therefore, many correct MAC addresses can be collected.
Google has established contingencies that help the MAC addresses of secure users. To do this, the company offers an unnamed advertising identifier, as WSJ says, which users can seamlessly reset, unlike MAC addresses that do not offer the same freedom. However, TikTok controlled to avoid this and get the MAC addresses of users. Although the “functionality” was “corrected” with an update on November 18 last year, it does not relieve the platform of any fault.
For this reason, the company’s explanation that “the existing edition of TikTok does not collect MAC addresses” recently by those whose knowledge has been secretly extracted.
Security threats like these are those that led to the platform ban in India and an executive order from President Donald Trump, which prohibits U.S.-based entities from doing business with Bytedance like WeChat. The president also set a deadline for the parent company to sell TikTok’s business to a U.S. company until September 15, after which it will also be banned in the United States. Companies like Microsoft and Twitter are in conversations.