TikTok and other companies clean up your data whether or not you use their apps or websites.

Hot potato: Data collection has become so ubiquitous that most people simply assume that whatever website or app they use is tracking it. Indeed, even after Apple’s recent privacy crackdown, Meta has been caught stealing personal data through a loophole. However, even the most savvy users might be surprised that TikTok is tracking them, even if they have never used the company’s website or app.

According to a Consumer Reports (CR) investigation published last week, TikTok landing trackers, called “pixels” on hundreds of websites. Partnership with a security company DisableCR looked at about 20,000 websites specifically looking for TikTok pixels. The pool includes the top 1000 most visited websites and many of the largest .org, .edu and .gov domains as they tend to contain more sensitive user data.

The study found that hundreds of companies are sharing data with TikTok. Some prominent examples of websites allowing TikTok to embed pixels include the United Methodist Church, Weight Watchers, and Planned Parenthood. Perhaps most disturbingly, the Arizona Department of Economic Security is sharing user data about visits to its domestic violence and food aid pages. Incidentally, none of these groups responded to CR’s requests for comment. Big surprise.

“I was genuinely surprised that TikTok trackers are already so widespread,” Disconnect CTO Patrick Jackson said. “I think people are conditioned to think, ‘Facebook is everywhere and whatever, they’ll get my data.’ I don’t think people associate it with TikTok yet.”

“The only reason this works is because it is a covert operation. It shouldn’t take place in the shadows.” – Disable

Consumer Reports reports that the number of Meta and Google pixels found far outnumbers TikTok. However, he pointed out that the TikTok advertising platform is just getting started, while Google and Facebook/Meta have been working on it for years.

Consumer Reports focused primarily on the personal data of organizations that users might have problems with, such as hospitals or advocacy groups. Analysts took a close look at the identified TikTok pixels to see what information they shared. TikTok pixels regularly transmit visitor IP addresses, unique identification numbers, pages users view, and what they click and type. It also has access to search queries. All this regardless of whether the user has a TikTok account.

Asked for comments, TikTok spokesperson Melanie Bosselate said, “Like other platforms, the data we collect from advertisers is used to improve the effectiveness of our advertising services.”

Bosselet added that her company does not create profiles to sell to advertisers. She also claims that data from non-TikTok users is only used for “aggregated reports they send to advertisers about their websites.”

“We are constantly working with our partners to avoid unintentional transfer [certain sensitive] data,” says TikTok. This type of information may include anything about health, personal finances, or children.

However, CR states that previous investigations shown that even though sites like Meta and Goole have policies against sharing sensitive data, trackers often send it no matter what. TikTok pixels are no different.

For example, CR looked at the Girl Scouts national domain and found that TikTok has a pixel on every page of the website that can transmit personal information if a child visits it. Analysts also found that a WebMD search for “erectile dysfunction” resulted in the tracker sending the request back to TikTok.

These are just a few examples where confidential information has been returned to a company despite its privacy statements and policies. If users knew that a website they weren’t even visiting had access to this data, they would probably be outraged.

“The only reason this works is because it’s a covert operation,” Jackson said. “Some people may not care, but people should have a choice. It shouldn’t take place in the shadows.”

Some company executives did not know what data and to whom their firm was sharing. Consumer Reports has informed Mayo Clinic that its public website (not a patient portal) is sharing data with TikTok. Disconnect later checked and found that the clinic had removed the TikTok tracker, but the site still uses a “significant number” of other pixels, including those from Microsoft, Google and others.

There is currently little that consumers can do about this situation. However, CR notes that switching to more secure browsers such as Firefox or Brave and tightening security settings may reduce tracking. Privacy protection extensions are also useful.

Image credits: TikTok app Solen Feyissa, Data value chain open data watchdog

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button