The US Federal Communications Commission US FCC chief Brendan Carr has warned in a series of tweets that the short video app TikTok is not just another video app and needs careful monitoring. According to reports, the app has sensitive data that is being accessed in Beijing.
Carr, through Twitter, wrote a letter to Apple's CEO Tim Cook and the CEO of Alphabet, the parent company of Google Sundar Pichai, in which he pointed out that the ByteDance-owned short video app was not compliant with the two companies' app store policies, calling for Apple and Google to remove the popular Chinese app from their stores.
In the first quarter of this year, he wrote that TikTok has been downloaded nearly 19 million times from the Apple App store and Google Play store in the US. It is clear that TikTok poses an unacceptable national security risk due to its extensive data harvesting and Beijing's apparently unchecked access to sensitive data. Carr further emphasised that there are numerous provisions in the Apple App Store andApple App Store and Google Play Store policies that are relevant to TikTok's pattern of surreptitious data practices - a pattern that runs contrary to its repeated representations. According to Carr's letter, TikTok collects everything - be it search and browsing histories or biometric identifiers like faceprints, which can be used in facial recognition technology and voiceprints. It also collects location data, draft messages, metadata and text, images and videos stored on a device's clipboard.
He stated that the PRC has developed some of the most invasive and omnipresent surveillance capabilities within its own borders to maintain authoritarian control. He cited several instances in which US officials, independent cybersecurity experts and privacy and civil rights groups were involved.
Carr has also punctured TikTok's claim of moving US users data to Oracle servers located in the US as he said that those claims don't provide any protection against the data being accessed from Beijing, while he added that it says nothing about where that data can be accessed from.