{"id":19468,"date":"2022-06-29T06:30:08","date_gmt":"2022-06-29T14:30:08","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2022\/06\/29\/news-13201\/"},"modified":"2022-06-29T06:30:08","modified_gmt":"2022-06-29T14:30:08","slug":"news-13201","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2022\/06\/29\/news-13201\/","title":{"rendered":"FCC commissioner wants Apple, Google to remove TikTok from App Stores"},"content":{"rendered":"

<\/p>\n

Credit to Author: Jonny Evans| Date: Wed, 29 Jun 2022 05:34:00 -0700<\/strong><\/p>\n

FCC Commissioner Brendan Carr<\/a> has written\u00a0to Apple and Google<\/a>\u00a0to request that both companies remove the incredibly popular TikTok app from their stores, citing a threat to national security.<\/p>\n

Carr warns the app collects huge quantities of data and cited a recent report<\/a> that claimed the company has accessed sensitive data collected from Americans. He argues that TikTok\u2019s, “pattern of conduct and misrepresentations regarding the unfettered access that persons in Beijing have to sensitive U.S. data…puts it out of compliance,\u201d with App Store security and privacy policies.<\/p>\n

He warns that TikTok functions as a sophisticated surveillance tool that harvests extensive amounts of personal and sensitive data. He claims it collects:<\/p>\n

In his letter, the commissioner provides some evidence to support his argument that TikTok fails to adhere to Apple and Google\u2019s security practices \u2014 for example, researchers in 2020 claimed the app might be able to access sensitive data<\/a>, including passwords, crypto wallet addresses and messages.<\/p>\n

Carr points out that US government and national security agencies are either urging or mandating the removal of the TikTok app from devices; India has banned the app on national security grounds; and some businesses have already banned its use on company devices.<\/p>\n

At the same time, there continue to be mainstream reports to support the service. For example, one of the UK\u2019s leading newspapers, the Evening Standard<\/a><\/em>, today leads with a report explaining who the most followed people on TikTok are. The numbers are staggering: Khaby Lame has 142.8 million followers on the service. The most viewed video on TikTok ever, Zach King\u2019s Harry Potter Illusion video generated 2.2 billion views.<\/p>\n

That\u2019s a lot of people \u2014 and, conceivably, a lot of data potentially made available outside the circle of trust many may expect. That\u2019s important, given 80 million people spend around 24 hours a month<\/a> using the service.<\/p>\n

Objectively, TikTok does seem to have tried to distance itself<\/a> from the privacy abuses Carr points to, but the most recent claim that US user data can be accessed by the company may have pushed its reputation over the precipice. Though it did move US user data to Oracle servers in the US just before\u00a0the latest damaging report appeared<\/a>.<\/p>\n

I imagine TikTok will attempt to dispute the report that prompted the commissioner\u2019s request. In the event it fails to achieve that, it seems inevitable that Apple and Google will remove the app from their stores, at least in the US.<\/p>\n

But what this really represents is an allegory for the level of risk businesses face, and will continue to face, as entities of various kinds persist in exploiting digital connectivity for their own ends. If Carr\u2019s claims are true, then TikTok joins names such as NSO Group and RCS Labs on the roll call of companies dedicated to undermining user privacy<\/a>.<\/p>\n

It is possible the US government\u2019s Committee on Foreign Investment in the United States (CFIUS) may soon announce a National Security bill designed to put the brakes on any potential abuse by state actors in line with the commissioner\u2019s claims.<\/p>\n

All the same, if we disregard the nationalities, then the claim also exposes the challenge of doing business in an increasingly surveilled age. If every nation is involved in exfiltrating data in this way, no one can really be seen as secure. That some of this activity is outsourced to shadowy private entities<\/a> amplifies this risk.<\/p>\n

Of course, in the short term, business users will want to figure out how to convince employees to cease use of TikTok on work devices while MDM and security vendors will be exploring ways to partition the app from any sensitive data held on a dual use work\/personal machine.<\/p>\n

Finally, of course, this news should be seen as a testament to support Apple\u2019s fundamental approach to privacy and security on devices, and an argument to go further on that path. After all, even the most intrusive app can\u2019t gather data that does not exist. The best approach is to ensure the endpoint intelligence remains on the device and can\u2019t be shared in any useful format. Though at this stage of the digital transformation, the parable of TikTok suggests there is still some way to go, so you\u2019d best ensure\u00a0your company security practice is TipTop<\/a>\u00a0for TikTok.<\/p>\n

Please follow me on\u00a0Twitter<\/a>, or join me in the\u00a0AppleHolic\u2019s bar & grill<\/a>\u00a0and\u00a0Apple Discussions<\/a>\u00a0groups on MeWe.<\/em><\/p>\n

http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: Jonny Evans| Date: Wed, 29 Jun 2022 05:34:00 -0700<\/strong><\/p>\n

\n
\n

FCC Commissioner Brendan Carr<\/a> has written\u00a0to Apple and Google<\/a>\u00a0to request that both companies remove the incredibly popular TikTok app from their stores, citing a threat to national security.<\/p>\n

Is your data going TikTok?<\/strong><\/h2>\n

Carr warns the app collects huge quantities of data and cited a recent report<\/a> that claimed the company has accessed sensitive data collected from Americans. He argues that TikTok\u2019s, “pattern of conduct and misrepresentations regarding the unfettered access that persons in Beijing have to sensitive U.S. data…puts it out of compliance,\u201d with App Store security and privacy policies.<\/p>\n

To read this article in full, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[2211,1670,10554,11066,714,24580],"class_list":["post-19468","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-apple","tag-google","tag-mobile","tag-mobile-apps","tag-security","tag-small-and-medium-business"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/19468","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=19468"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/19468\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=19468"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=19468"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=19468"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}