TikTok: Is it safe? Should you uninstall it?

TikTok is a global sensation with over 1 billion users worldwide and hundreds of millions of new app installs every year. But governments around the world are banning it from the phones of public officials and even talking about banning it from their countries altogether. Why? TikTok is owned by ByteDance, a company founded in China. Governments in the U.S., U.K., Belgium and Canada worry that China’s government could use the massive amounts of data that TikTok collects to spy on residents of other nations and/or target them with misinformation.

How serious is this? TikTok’s CEO noted to U.S. Congress that until TikTok finishes migrating data to U.S. servers, employees based in China still have access to some U.S. users’ data. Before that, TikTok had already confirmed that employees of ByteDance used the app to spy on journalists in an effort to identify their sources, and a law implemented in China in 2017 requires companies based in China to give the government any personal data they deem relevant to the country’s national security. Mozilla’s own research has also shown that TikTok has had both a misinformation and disinformation problem, and regularly hosted content that violated their own hate speech policies ahead of two key global elections in Kenya and Germany.

Does this mean you should take TikTok off your phone? What are you exposing yourself to when you post a video or scroll endlessly through your "For You" page?

Is Your Data Private?

Nope. If you’re using the TikTok app, expect the company to collect data about who you are and what you do on and off the platform. Much of the data that they collect is similar to what platforms like Facebook and YouTube collect: your name, age, email, and phone number. It also tracks what pages you view and interact with most, your location data, and information about the device that you’re on. And while TikTok claims that it does not collect biometric data like your “faceprint” and “voiceprint”, their privacy policy says otherwise.

If the data TikTok collects is similar to what other platforms collect, should you be concerned? Mozilla advocates for more transparency from all platforms, but there are some noticeable differences in how TikTok handles data that may cause particular worry.

TikTok data privacy: what else to know

What does TikTok do with the data it collects? A 2022 study found that the company shares at least some of that data with 13 non-TikTok websites — third-party sites that TikTok users may not be aware about. More recently, we here at Mozilla studied Google’s Play Store and learned that TikTok’s Android app page claims its app doesn’t share data with third-party companies, yet it says the opposite in its privacy policy. TikTok collecting data about its users isn’t great. Sending that data to over a dozen other companies in the shadows is even worse. Worries about what TikTok shares with China’s government certainly doesn’t help the situation.

Want TikTok To Be Honest About Its Privacy Practices? Sign Our Petition!

As mentioned earlier, many nations’ governments worry that data could be shared with China’s government in order to spy on citizens globally, as TikTok has admitted to doing in the past. Worries also include the platform’s potential to target citizens with misinformation, disinformation, or propaganda.

What could TikTok do to alleviate this concern? Many legislators in the US want to ban TikTok, but if ByteDance agrees to sell TikTok to a US company, it could help it avoid legislation that would stop it from operating in the US. Although this plan is likely kaput: a spokesperson for China’s Commerce Ministry says China would never allow it.

Another option is TikTok’s “Project Texas,” a $1.5 billion plan to store all data related to US citizens in Texas where the company says it is out of reach of China’s government. It will also have an in-house committee approved by the US government to keep a watchful eye on the app, and the tech company Oracle (also based in Texas) will regularly analyze TikTok’s code and software. Until Project Texas is complete, ByteDance employees still have access to some U.S. users’ data. Though lawmakers who grilled the chief executive of TikTok, Shou Chew, in a recent house panel seemed unimpressed by this solution.

But project Texas has still inspired global offshoots. In the E.U., TikTok’s “Project Clover” would be a €1.2 billion plan to construct data centers in Ireland and Norway. This would let TikTok host and process the data it collects on European users within the E.U.

TikTok hopes that “Texas” and “Clover” will be good enough to convince other nations that China’s government doesn’t have access to its citizen’s data, but will it be good enough for you? TikTok’s efforts with these two projects will change where data about you is stored, but it does little to change the fact that this data about you is collected in the first place.

Should I install TikTok on my phone?

You should only install TikTok on your phone if you’re comfortable with the amount of data the company collects about you and with the reality that, at least in the short term, China’s government may be able to access it.

Companies like Google, Facebook and YouTube collect similar kinds of data, which isn’t great. But what makes TikTok different is the country in which that data resides, and what it might do, or have already done, with it. This has many governments worried and it might worry you too.

Tips for how to stay safe on TikTok

No solution is perfect but here are some things you can do to make your TikTok experience a little more private and secure:

Avoid oversharing - If you’re worried about how much information TikTok may have on you, be mindful of what you share on the platform. Uploading videos to the service, for example, could mean giving TikTok your face and voice biometric data.
Set your account private - If you’re worried about strangers seeing your content, set your account to private. It may prevent you from going viral but it could protect your info from those you may not want to have it.
Two-factor authentication - Whether or not you’re worried about your TikTok password leaking, you should be using two-factor authentication. The minor inconvenience when logging in is worth the major convenience of protecting your account.
Mozilla products to the rescue: VPN and Containers - Using a virtual private network on desktop or mobile can help protect some of your personal data from being hoovered up by big tech companies. Just make sure to use it every time — once a tech company learns your location, they don’t forget! And using browser containers can help section-off your cookies so sites don’t track you all across the web. At least when you’re accessing TikTok via the browser, that is. Check out Mozilla VPN and the Firefox extension Multi-Account Containers.

Should I Delete TikTok From My Phone?

Written by: Xavier Harding

Edited by: Ashley Boyd, Audrey Hingle, Carys Afoko

SEO Insight: Aslam Shaffraz