To the attention of TikTok users and fans: the popular video-sharing service recently revised its U.S. privacy policy, allowing it to automatically collect biometric data from the content of its users.
TikTok’s Latest Privacy Policy Change on Biometric Data Collection
The change, first noticed by TechCrunch, appears to have been done quietly, without any formal statement. It is already active, as it went into effect on June 2.
“A change to TikTok’s U.S. privacy policy on Wednesday introduced a new section that says the social video app “may collect biometric identifiers and biometric information” from its users’ content,” TechCrunch reported.
So, what does this newly added section to TikTok’s privacy policy say?
We may collect information about the images and audio that are a part of your User Content, such as identifying the objects and scenery that appear, the existence and location within an image of face and body features and attributes, the nature of the audio, and the text of the words spoken in your User Content. We may collect this information to enable special video effects, for content moderation, for demographic classification, for content and ad recommendations, and for other non-personally-identifying operations. We may collect biometric identifiers and biometric information as defined under US laws, such as faceprints and voiceprints, from your User Content. Where required by law, we will seek any required permissions from you prior to any such collection.
Obviously, the company doesn’t provide any valid reasons for collecting biometric data, and doesn’t specify the type of biometric data which will be collected. It should be noted that the data collection happens with the user’s explicit consent. Since only a few U.S. states have laws that restrict companies from harvesting biometric details, including California, Illinois, New York, Washington, and Texas, TikTok may not even need to ask for this permission.
In other words, the moment users agree to TikTok’s terms of service and privacy policy, they also consent to have their biometric data collected.
Furthermore, TikTok also may collect information about the nature of the user’s audio, as well as the text of the words spoken in the user’s content. Of course, the service says that the extreme data collection is done to enable special video effects, content moderation, and also to improve demographic classification and content and ad recommendations.
Not the first time TikTok breaches its users’ privacy, either
It is also curious to mention that the privacy policy changes were applied shortly after TikTok agreed to pay $92 million to settle a class-action lawsuit alleging the service violated the Illinois’ Biometric Information Privacy Act, shortly known as BIPA.
Last year, TikTok was found breaking Google’s rules on data collection by exploiting the Play Store services in order to bundle personalized advertising without the users’ consent. This practice is officially banned by Google for all applications uploaded on their repository. It appears that the company was able to find a loophole allowing the application to collect the network MAC IDs of the devices.
Milena Dimitrova
An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Follow Me: