I feel like this TikTok backlash is so overblown. I don't think TikTok is spying on US consumers/business, and I don't think TikTok is sharing any US private data with CCP... I believe this because there's no evidence to the contrary, and out of principle you shouldn't assume malintent.
In fact, TikTok explicitly left Hong Kong because if they didn't they would have to share private data with CCP to comply with new laws... they're intentionally leaving MAU on the table to keep their users' data safe. [1]
If you look around, US social companies are making the same mistake with your clipboard data that TikTok did. LinkedIn just got caught reading your clipboard data [2], but we aren't talking about banning them... I would assume in all of these cases, it's just an engineer who accidentally shipped a bug. There are legitimate use cases to read the clipboard (eg. more seamless 2fa).
It feels like the negative reaction to TikTok is so politicized and just comes from a "China bad" attitude.
I have no idea how anybody can look at TikTok with a straight face and not see that they're a threat. Maybe if you've conveniently closed your eyes to the CCP's behavior in the past, say, 10-20 years regarding corporate espionage and suppressing freedom of speech and compiling profiles of everybody who dares speak out about them, as well as their behavior now in recent events (particularly how they're more than eager to punish local dissidents). Then, I guess, sure, there's absolutely nothing here to see. As with every Chinese company, the problem isn't that they're Chinese. It's that as a Chinese company, they exist only with the blessing of the CCP.
> As with every Chinese company, the problem isn't that they're Chinese. It's that as a Chinese company, they exist only with the blessing of the CCP.
This, 100%.
The Chinese government's word is LAW. Just look at how many American tech companies have either a) been kicked out of China for refusing to hand over data to the CCP or given them backdoors or b) started censoring their services to stay in compliance and be allowed to stay in business there.
If the Chinese government wants something from a Chinese business, one of two things happens: 1) they get it (whether you find out about it or not) or 2) the business ceases to exist.
"... the device information, usage time and list of watched videos are being sent to Appsflyer and Facebook."
Hardly a smoking gun. Not only is this standard industry practice but the analytics servers in question here are American. The author says this violates European law (it doesn't). Then they go on to describe device fingerprinting which is also standard practice and has legitimate uses.
The second article's main point is that there are Chinese IP addresses in the APK and the privacy policies of different Chinese companies allow for data sharing.
The author doesn't witness any communication with these IP addresses. There are plenty of non-malicious reasons why a URL or IP address of a different company (Chinese or otherwise) would be in an APK. Maybe there is a library being used or the code in question might not even pertain to non-Chinese region versions. It would be like accusing a website of stealing data because they could use a Google font (interaction with Google IP address) and Google has such and such a privacy policy or history.
The famous Reddit comment which everyone seems to love is clearly fake. The author provided zero evidence when asked, saying that the hard drive on their MacBook failed and it is too difficult to "reverse engineer" the apps again. The accusations and methods are irredeemably vague. If the United States is going to become like China and start banning apps then it shouldn't be over a Reddit comment written by someone whose dog ate their homework.
Is this any less data than is collected by Facebook or Google in their apps/websites?
This seems like mostly an issue with the fact that Android lets apps get at this much data - something that should be fixed at the OS-level. There's very little mention of similar practices/vulnerabilities on iOS.
Assuming good intentions from TikTok is pretty ignorant. ByteDance's other app, DouYin, is unambiguously a CCP controlled tool that censors dissent and their CEO ingratiatingly and apologetically dedicated the company to "Strengthening the work of Party construction, carrying out education among our entire staff on the “four consciousnesses,” socialist core values, guidance of public opinion" in a public statement [1].
Suggesting that TikTok is leaving MAU on the table to keep users' data safe is laughable when ByteDance's other Party-controlled app, DouYin, is remaining in Hong Kong with a captive audience (as helpfully confirmed by Global Times [2], a well-known mouthpiece of the Party). To even suggest that it's a sign of good intentions would ignore extremely important current events and ByteDance's self-proclaimed devotion to the Party. As we speak, the Party is aggressively assimilating Hong Kong into the mainland by banning public expressions of dissent, controlling educational curriculum, and yes, good old censorship. Forcing HK residents to use only Party-controlled tools that the rest of the mainland uses, like DouYin made by ByteDance, only serves to further the "work of Party construction".
TikTok is political because it is wholly owned by a self-proclaimed political entity: ByteDance. It's disingenuous to suggest there is no reason to assume malintent when ByteDance has a history of censorship and propaganda in its flagship app: DouYin. Your glib dismissal of "China bad" has no substance behind it, while China's ample human rights and totalitarian abuses speak for themselves. Putting the actions of independent private corporations in a free-speech democracy on the same level as the actions of a publicly-proclaimed ally of an authoritarian human rights abuser is plain nonsense. Context matters.
TikTok left Hong Kong because HK is a tiny market, and they wouldn't want the PR backblash if they had to share HK data with CCP.
There's evidence that Bytedance is not independent of CCP interferences though - such as the CEO's public statement in 2018 where he stated that Bytedance products should support "socialist core values" etc.
It's been admitted that tiktok actively suppresses content on peoples front pages that include visibly disabled users, "ugly" users, fat users, etc. etc. - anything that makes their image look "bad" in their eyes.
Kind of goes against current shoe-horned American societal values of "everyone should be respected, regardless of who, what, how, when, where they are"
In fact, TikTok explicitly left Hong Kong because if they didn't they would have to share private data with CCP to comply with new laws... they're intentionally leaving MAU on the table to keep their users' data safe. [1]
If you look around, US social companies are making the same mistake with your clipboard data that TikTok did. LinkedIn just got caught reading your clipboard data [2], but we aren't talking about banning them... I would assume in all of these cases, it's just an engineer who accidentally shipped a bug. There are legitimate use cases to read the clipboard (eg. more seamless 2fa).
It feels like the negative reaction to TikTok is so politicized and just comes from a "China bad" attitude.
[1]: https://www.cnn.com/2020/07/07/tech/tiktok-leaving-hong-kong...
[2]: https://news.ycombinator.com/item?id=23716451