Best of 2020: ‘TikTok is Spyware,’ Warns Reddit CEO. ‘We Don’t Care,’ Say Users

As we close out 2020, we at Security Boulevard wanted to highlight the five most popular articles of the year. Following is the third in our series of the Best of 2020.

Millennial social app TikTok is “fundamentally parasitic,” according to Steve Huffman, Reddit’s co-founder. Speaking at a VC event this week, he thoroughly trashed the lipsyncing-and-memes service, accusing the Chinese app of spying on its users.

Okay, boomer. Privacy is dead. Get over it, old white dude.

Of course, Reddit is also backed by a Chinese company—one in direct competition with TikTok’s owner. In today’s SB Blogwatch, we feel old.

Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Drivel Tube.

Get Off My Lawn

What’s the craic? Lucas Matney reports—“Reddit CEO: TikTok is ‘fundamentally parasitic’”:

 TikTok is one of the hottest social media platforms, but the CEO of Reddit had some harsh words for [it]. The comments from … CEO and co-founder Steve Huffman were some of the more controversial offered up during a panel discussion.

Huffman pushed back hard on the notion that Silicon Valley startups had something to learn from the app. … “I look at that app as so fundamentally parasitic, that it’s always listening, the fingerprinting technology they use is truly terrifying, and I could not bring myself to install an app like that on my phone.”

“I actively tell people, ‘Don’t install that spyware on your phone,’ ” he later added.

“These are baseless accusations made without a shred of evidence,” [said] a TikTok spokesperson.

Shots fired. Carrie Mihalcik carries the story background—“Reddit CEO reportedly slams TikTok”:

 TikTok, known for its quirky 15-second videos, has surged in popularity over the past year, but it’s also come under increased scrutiny. US lawmakers have accused the app, which is owned by Chinese company ByteDance, of being a threat to national security. A proposed class-action lawsuit filed in California also alleges the app has been illegally harvesting user data and sending it to China.

Reddit didn’t immediately respond to a request for comment.

And James Hale adds—“Huffman Calls TikTok Spyware”:

 A federal investigation … is still ongoing, but some government entities aren’t waiting for it to conclude. In January, the U.S. Army banned TikTok on all government-owned cell phones, calling it a “cyber threat.” And just this week, the TSA ceased using TikTok for its own social media outreach and officially barred its employees from using the app.

TikTok has repeatedly refuted claims that the Chinese government has access to its users’ data or controls users’ content. The company’s head, Alex Zhou, has said TikTok’s data is held on servers in Virginia (with backups in Singapore), and “is only being used by TikTok for TikTok users.”

But Matthew Wille opines, “there’s little evidence”:

 These concerns are deep-rooted in fear of China. About a year ago, Peterson Institute for International Economics published a report calling TikTok a national security threat.

The report centers on privacy concerns in China, rather than on the mechanics of TikTok itself. Peterson essentially called the app a threat because of its growing popularity and because its parent company, ByteDance, is legally obligated to share any requested data with the Chinese government.

But hard evidence is hard to come by. … Executives, such as Reddit’s Huffman and Facebook COO Sheryl Sandberg, are willing to publicly condemn TikTok … but none have brought hard evidence to the table to back up their claims. Instead, abstract “security concerns” are cited and re-cited — and they’re beginning to come off more as alarmist than realistic.

Huffman could be right. Maybe TikTok will turn out to be a real security threat to the United States. But … executives’ words are powerful, and they would do well to wait for hard evidence before using such alarmist language.

Sour grapes, perhaps? russellbeattie seems to think so:

 This sounds like a business person that doesn’t understand their competition, so they self-righteously trashed them as a way of avoiding the question. I mean, I sure as hell don’t know the reason for TikTok’s success, but I’m not the CEO of Reddit.

However, Libertarian_Geek agrees for once:

 I, for once, agree with the hypocritical, selectively censoring parasite who accepts money from an oppressive communist regime while editing his users’ comments. Don’t install that app from an oppressive communist regime.

The irony goes deeper. Or so says paxys:

 While it may be true, saying that in front of Silicon Valley investors, while sitting next to a Facebook executive, is pretty rich.

“Don’t install that spyware”? Milky1985 is slightly sarcastic:

 Use our Reddit app instead which we promise does none of these things. At all. We pinky swear.

Just ignore that the Reddit app needs the location permission, and the app history permission, and can access your microphone among other things, it defo doesn’t use them at all for anything dodgy, ’cause the CEO promises they are not like the other lot.

But returning to the question, Matthias Eberl did a “Privacy Analysis of Tiktok’s App and Website”:

 Multiple law infringements, trust, transparency and data protection breaches were found. … The location of the server is irrelevant – what is important is the location of the company deciding about the data.

Besides conventional trackers (Google Analytics), the highly controversial method of device fingerprinting is performed [including] Canvas fingerprinting [and] audio fingerprinting. … Bytedance states that these fingerprinting techniques are being used to identify malicious browser behaviour. Quite hard to believe, as the website still works as expected even if the corresponding script is being blocked.

Free software is being used without attributing proper licensing – Zepto.js … Murmur Hash … and FingerprintJS … just to name a few. How low can you go?

TikTok is breaching the law in several ways whilst exploiting the data of its mainly teenage users. This should get addressed immediately in a swift and rigorous manner. The required legislation for this is in place.

Meanwhile, sycodon has found his bliss:

 One of the advantages of being an old, “Get Off My Lawn” guy is that **** like TickTack, Twatter, InstaEmbaressment, and the like are utterly irrelevant to me.

And Finally:


Previously in And Finally

You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites… so you don’t have to. Hate mail may be directed to @RiCHi or [email protected]. Ask your doctor before reading. Your mileage may vary. E&OE.

Image source: Fugitron (public domain)

Richi Jennings

Richi Jennings

Richi Jennings is a foolish independent industry analyst, editor, and content strategist. A former developer and marketer, he’s also written or edited for Computerworld, Microsoft, Cisco, Micro Focus, HashiCorp, Ferris Research, Osterman Research, Orthogonal Thinking, Native Trust, Elgan Media, Petri, Cyren, Agari, Webroot, HP, HPE, NetApp on Forbes and Bizarrely, his ridiculous work has even won awards from the American Society of Business Publication Editors, ABM/Jesse H. Neal, and B2B Magazine.

richi has 472 posts and counting.See all posts by richi