Security researchers have discovered that until late last year, TikTok was secretly collecting MAC addresses from devices, violating Google policies.
TikTok concealed the way it was collecting MAC addresses through a layer of encryption on its code, hiding the tracking, likely because it violated Google’s policy against MAC Address collection and because TikTok never obtained consent or provided a way to opt out of the collection.
MAC addresses are unique device-level identifiers that can’t be reset, changed, or altered, making it an extremely effective way of tracking individuals through a device’s life. In 2013, Apple stopped letting apps track this identifier and Google did the same in 2015, though there are loopholes Android apps can take advantage of, like TikTok was until mid-November 2019.
TikTok is following the trend of many social media companies and collecting massive amounts of data because they can. And they likely won’t stop unless there’s public, private, or government pressure on them to do so. If you’re concerned about TikTok (or other apps) from taking too much of your data, go into the settings and see how you can limit the app from tracking you and personalizing your advertisements.
You can also periodically reset your mobile advertising ID, a device-level tracking identifier that you can change and reset.
For more details on TikTok’s data collection practice, visit The Wall Street Journal.