US Army Bans TikTok App for Soldiers Using Military Owned Phones Due to Security Concerns – China Connection
The US Army joined the US Navy in banning service members from using TikTok on any US government owned phone. Security concerns about the use of TikTok center around a Beijing, China based collecting personal data and the locations of on US citizens. The video sharing app TikTok boasts over one billion videos views each day. TikTok is hugely popular with US teenagers and up until recently was used by the US Army to recruit service personnel.
The US Army ordered soldiers to stop using TikTok and uninstall it from all government-owned phones since as of 22 December 2019. The Navy banned the app on 16 December. The military services cannot ban personnel from using TikTok or any app on their personal phones, but advised service members use caution.
The Army decision to ban TikTok follows an earlier December security bulletin issued by the US Navy. The cyber security bulletin stated that any government issued mobile devices with TikTok installed on them would be blocked from the Navy Marine Corps Intranet.
In 2018, U.S. Army Recruiting Command started using TikTok for recruiting purposes after falling short on recruiting goals. The Army surpassed its recruiting goal for fiscal year 2019 and uses a number of social media apps to connect with Generation Z.
US Government Cyber Security Concerns About TikTok
In November 2019, the US Government’s Committee on Foreign Investment in the United States (CFIUS) launched a national security review of TikTok’ s owner, ByteDance Technology. ByteDance acquired California social media app Musical.ly for one billion dollars in 2017. It took lawmakers two years to begin an investigation into potential security concerns. TikTok did not seek clearance from CFIUS before the acquisition. TikTok collects profile information but states it is stored on servers located in the United States.
However, the company is governed under Chinese laws that require access to data. It was reported that content unfavorable to the Communist Party of China was censored for users outside of China including content related to the 2019 Hong Kong protests. TikTok has blocked videos and disabled accounts about human rights violations in China, including content about re-education camps and abuses of ethnic and religious minorities.
On 16 December the US Defense Department identified TikTok as “having potential security risks associated with its use” in a Pentagon generated “Cyber Awareness Message.” The message also “identifies the potential risk associated with using the TikTok app and directs appropriate action for employees to take in order to safeguard their personal information.”
The US Marine Corps and the US Air Force have not issued any guidance or restrictions on the use of TikTok.
Plus Free Shipping!
Last year, CFIUS intervened on two other apps connected with Chinese companies. Beijing based Kunlun Tech Co Ltd opted to sell gay dating app Grindr due to CFIUS national security concerns. Ant Financial was forced to terminate plans to buy MoneyGram International Inc over CFIUS data privacy concerns.
What is TikTok?
TikTok is a video-sharing social networking app for iOS, Android, and Fire OS mobile devices. The app was first launched in September 2017 for iPhones and Android phones. It became the most downloaded app for October 2018. Fifty-two percent of TikTok downloads are on iPhones.
TikTok has been downloaded about 110 million times in the United States and 800 million times worldwide. It is available in over 150 markets and in 75 languages.
The creator of TikTok is ByteDance, a Beijing-based company founded in 2012 by Zhang Yiming. TikTok is used to create short videos to share with other app users. TikTok is not available in China. ByteDance also owns Douyin, another video-sharing app, that is accessible in China.
Is TikTok Safe?
TikTok admitted that it had suppressed videos by uploaded disabled and LGBTQ as part of an effort to curb cyberbullying. On 27 February 2019, the United States Federal Trade Commission (FTC) fined ByteDance $5.7 million USD for collecting personally identifiable information (PII) from children under the age of 13 in violation of the Children’s Online Privacy Protection Act. TikTok has been banned for certain types of content in at least five countries.
The app has a kids-only safety mode that blocks children from uploading videos, direct messaging, and commenting on videos. When in kids-only mode, children can only view others’ videos.
TikTok is allowed to use your videos for commercial purposes as stated in their end-user-license-agreement (EULA).
What Is the Point of TikTok?
TikTok is a video sharing app. Users create account and share videos that are up to 60 seconds long each. Many are dance videos with numerous special effects.
Why Do App Developers Want Your Data?
App develops want your data so they can sell it to advertising platforms and use it to develop other apps. It is estimated that some ninety percent of app data is sent back to Alphabet, the parent company of Google. When data is collected from multiple sources, it is possible to construct detailed information about app users. For example, if user profile data is harvested from a dating app and a banking app, then it is possible to deduce the sexuality and income of a bank’s customers. Many apps collect detailed information about a user’s location. This poses security risks for those working in the public sector, military, law enforcement, or government positions.
How Do App Developers Collect Data About Their Users?
Data collected through apps can include anything from profile information – relationship status, age, gender, location, employment, homeownership, and travel habits. Apps may collect information from nearby cellular towers to precisely track location. Intrusive apps may records information about the type of device they are installed, the device ID, what other apps are installed, the contents of messages, contact lists, and photos. Some even have access to calls.
How Do Apps Pose Security Risks?
Apps often pose security risks for military and government employees. For example, in 2018 it was discovered that Fitness Tracker Strava, logged and publicly shared the route of every biking, walking, swimming, rowing, and running workout path taken by users. It also logged the location of indoor workouts even those inside military facilities.
US OPSEC confirmed that Strava did indeed reveal classified military installations on its user heat map. The fitness tracker was also mapping inside sensitive US and overseas military outposts.
The location of every workout was shown on a heat map. Although the intention of sharing was so like-minded fitness users could share workout information, the map posed a huge security risk for active duty service personnel.
Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers