Share this article on:
Cyber Security Minister Clare O’Neil has urged Aussies to “be mindful” of how much personal data their social media apps have access to.
After TikTok's data collection practices had been found as "excessive", Home Affairs and Cyber Security Minister Clare O'Neil has warned social media users to be wary of the volume of personal information social media companies have been enabled to access.
"Australians need to be mindful of the fact that they are sharing a lot of detailed information about themselves with apps which aren't properly protecting that information.
"I hope it concerns Australians because it certainly concerns me," Minister O'Neil said.
Last week, the opposition's cyber security spokesman, Senator James Paterson, wrote to TikTok to clarify how the viral video app handles millions of Australian users' personal data. In correspondence responding to Senator Paterson's inquiry, TikTok's director of public policy in Australia, Brent Thomas, disclosed that the only China-based staffers that can access the data are those who "need the data in order to do their jobs".
Research by Internet 2.0, a joint Australian-US cyber security firm has found that TikTok seeks an excessive amount of information from its users. The viral video app is designed to check its users' device location at least once an hour, continuously request access to contacts even if the user originally denies, maps a device's running apps and all installed apps.
Internet 2.0's technical analysis of the TikTok application on both android and iOS devices revealed what data TikTok has access to on users' phones. The researchers observed that the Apple version of the application connects to a server run by Chinese security company Guizhou BaishanCloud Technology Co Ltd, located in mainland China.
"We could not determine with high confidence the purpose for the connection," Internet 2.0 researchers stated in its report.
In an interview with Crikey, Internet 2.0’s co-founder, Robert Potter, noted that the company's analysis found the app's infrastructure appeared to be less separate from China than it has said publicly.
Despite the broad permissions TikTok asks of its users, the social media platform asserts that its data collection practices are "in line with industry standards aimed at enabling the app function".
The connection to servers in mainland China, the uncertainty about its purpose, the lack of transparency from TikTok and its Chinese-owned parent company, ByteDance, has raised concerns from both politicians and security experts.
Minister O’Neil noted that it was "regrettable" that the Coalition government "did not progress" with work that would look into data collection by social media companies requested by the Australian Competition and Consumer Commission (ACCC).
[Related: Trend Micro attains AWS healthcare competency]