TikTok, cannot catch a break. The app and its Chinese owners, ByteDance, are in limbo trying to salvage their US operations. The company not only employs +1000 employees but also has around 100 million users in the US.
Due to increasing “national security” concerns from the Trump Administration, TikTok was subject to a ban. President Donald Trump has even signed an executive order banning TikTok from September 20 onwards.
There is a possibility of Microsoft owning and operating TikTok in the United States, Canada, Australia, and New Zealand. President Trump favors an American acquisition as it would support the administration’s economic beliefs. Another reason could be the US Treasury getting an ‘economic benefit’ from the deal between Microsoft and ByteDance.
Microsoft has already set a September 15 deadline for any deal to take place. But, the recent investigative report from the Wall Street Journal complicates the transaction. Further, WSJ’s findings also add to the Trump Administration’s claims used to ban TikTok.
According to WSJ, TikTok had been violating the Android platform rules until last November. The app has reportedly collected user’s MAC addresses for over 18 months. On the contrary, Google had banned the tracking of “personally-identifiable information or associated with any persistent device identifier,” including MAC addresses and IMEIs.
The MAC address of a device is a unique and fixed identifier, unique to every device connected to the internet. Tracking MAC addresses can link users to their usage habits, which in turn is useful for ad-targeting. Apps and third-party analytics firms can invasively track MAC addresses and build profiles of consumer behavior. Since MAC addresses are unique to phones, users need to get a new one if they face this privacy violation.
TikTok exploited a loophole to bypass Android policies and track user MAC addresses. Even more so, TikTok was also using an extra layer of encryption at that time to conceal their foul play.
WSJ also reports that TikTok stopped this practice through an app date released on November 18, 2020. The same time as when US scrutiny towards the app started appearing.
In a statement to The Verge, a TikTok representative said,
“We constantly update our app to keep up with evolving security challenges, and the current version of TikTok does not collect MAC addresses. We always encourage our users to download the most current version of TikTok.”
The WSJ report piles on the heat the video-sharing app is taking in the US. The legal action that TikTok was considering to take against the executive order loses its standing.
Regardless of stopping the MAC address collection in November, the practice persisted does not bode well for the Chinese-owned company even though such ad-targeting methods are common to all social networks.
Senator Josh Hawley (R., Mo.) has already pushed for Google to remove the app from the Play Store. He says,
“If Google is telling users they won’t be tracked without their consent and knowingly allows apps like TikTok to break its rules by collecting persistent identifiers, potentially in violation of our children’s privacy laws, they’ve got some explaining to do.”
Google has said that it is examining WSJ’s report.