3 reasons why you should be aware of TikTok
In March 2020, TikTok (formerly known as Musical.ly) was reported that its videos has been filtering out the “ugly, poor or disabled users”. According to the documents published by Intercept, the moderators at TikTok were instructed to exclude videos from the “For You” feed if they fail on any one of categories listed below.
Users with an “abnormal body shape (not limited to: dwarf, acromegaly),” who are “chubby … obese or too thin” or who have “ugly facial looks or facial deformities” should be removed. The reason: “if the character’s appearance is not good, the video will be much less attractive, not worthing [sic] to be recommended to new users.” (Source: The Guardian)
In reply to the allegations of discrimination, TikTok’s spokesman said the goal of the instructions were to prevent online bullying in internet platform.
Despite the scandal of its potentially discriminatory profiling of its users, TikTok is nonetheless popular in European Union. In fact, Germany is the most important TikTok market in Europe. As of the end of 2019, it has 5.5 million active users in Germany, which is more than the UK (5.4 million active users). On average, Germans generally spend 50 minutes per day with the App.
TikTok’s popularity is best illustrated by the use of Bundesliga and health care institution. Borussia Dortmund and FC Bayern Munich are now using the App to upload exclusive clips so as to reach fans around the world. A hospital in Dortmund, Germany is actually using the App to recruit new staff.
“We get all our trainees through our social media activities,” says Marc Raschke, head of communications at the clinic. (Source: The Deutsche Welle)
In the following I will talk about three reasons why you should be aware of TikTok.
#1: Data protection issues arising from TikTok
Once you downloaded the App and selected your interests, you could just jump right into the videos loop the App has prepared for you. Videos range from cat videos, life hacks, lip-synching songs or silly pranks. They are short smartphone videos, wired to be as entertaining as possible. It appeals to mostly young users under 20. So how could all these be a problem with data protection?
To start with, in its Privacy Policy applicable to Germany, last updated in February 2020, under the heading of “Where we store your personal data”, it states the following,
“The personal data collected from you will be transmitted outside of the European Union and the European Economic Area (“EEA”), in particular to third party servers in the United States and Singapore, and stored there.
If we transfer your personal data to countries outside the EEA, this takes place within the framework of the model contracts of the Commission for the transfer of personal data to third countries (“standard contractual clauses”) according to 2004/915 / EG or 2010/87 / EU (depending on the case).”
Before we discuss this in detail, let us turn to the story of ZOOM Video Communications, Inc., a similar Chinese tech counterpart like TikTok which offers video services, also headquartered in California. This April it has admitted that some call data was routed through China for non-China users. It was further found by a Toronto-based Citizen Lab that ZOOM used encryption keys issued via servers in China, raising further surveillance worries.
When Citizen Lab looked at where their U.S.- and Canada-based Zoom conversations were being routed, the researchers discovered encryption keys were sometimes generated in Beijing, though would be handled by servers in other countries, too. According to its SEC filings, Zoom isn’t just sending data through China, it also has 13 colocated data centers in Australia, Brazil, Canada, Germany, India, Japan, the Netherlands and the U.S. But the issue with sending data, especially encryption keys, to China is that “Zoom may be legally obligated to disclose these keys to authorities in China,” Citizen Lab noted. (Source: The Forbes)
Back to TikTok, it has been hit by a class action lawsuit in USA in November 2019 that claims it sent “vast quantities” of user data to China. According to the lawsuit, it accuses the company of secretly taking content without user consent.
The plaintiff is named as Misty Hong, a Californian-based university student. Ms Hong claims she downloaded the app this year but did not create an account.
Months later she alleges the firm had created an account for her, and “surreptitiously” took draft videos she had created but never intended to publish.
The data was sent to two servers in China, backed by Tencent and Alibaba. (Source: BBC News. https://www.bbc.com/news/business-50640110#:~:text=Video%2Dsharing%20app%20TikTok%20has,taking%20content%20without%20user%20consent.)
It therefore suffice to say that the routing of encryption keys, especially under the regime of the New Encryption Law enacted in China, by these technology giants generates privacy concerns. In that companies with operations in China would have to share with the authorities its encryption method under the New Encryption Law. How do these companies come to terms between its data collection from overseas users with its compliance to the data laws in China? How did they compartmentalise the data collected? These are the questions that we should ask the companies and ask again when the answers are not clearly justified.
#2: Algorithm
As with most of the social media platforms, TikTik’s algorithm in suggesting videos to users is not transparent. With respect to execution, what’s so special about the algorithm of TikTok is that users with less followers are easier to gain exposure by reaching to more users. This prevents the so called “the rich gets richer, whilst the poor becomes poorer” phenomenon.
TikTok uses AI to decide what you as a user may possibly like — from what hashtags you use, your GPS location, music preference, or even the first TikTok video that you liked, these can influence the TikTok algorithm.
However, according to Marc Faddoul, an AI researcher from University of California Berkeley School of Information, he has conducted a little experiment and found the recommendation algorithm at TikTok may in fact been sorting suggestions based on the race of the creator. To make this a bit easier to understand, here’s the tweet for illustration:
The same experiment was conducted by BuzzFeed News and they got similar results.
Following hijabi creator @jiggybus caused the App to recommend other women who wear a hijab. … Following @uwayeme, a black woman, prompted recommendations for other black women. (Source: BuzzFeed News)
TikTok’s answer to this is it uses collaborative filtering.
“Our recommendation of accounts to follow is based on user behavior: users who follow account A also follow account B, so if you follow A you are likely to also want to follow B.”
In response to TikTok’s answer, Faddoul said, this can create a feedback loop where people are only ever recommended a particular type of creator, leading to a lack of diversity in their feed. This effectively creates what we call an “Echo Chamber”, an enclosed space where a person encounters only beliefs or opinions that coincide with their own, so that their existing views are reinforced and alternative ideas are not considered.
The actual racial discrimination in TikTok’s algorithm is heavily criticized but this is not just an issue about the ethnicity. Its algorithm has a strict censorship system, according to the survey at a German news website Netzpolitik.org, TikTok would restrict the content of various disabled person. If you’re obese or belong to sexual minority group, your content at TikTok will also be affected. The reason, said TikTok, is to protect these users from being subject to bullying. Without the mechanism of “the rich gets richer”, TikTok uses another reason to restrict the voice of the minority.
Another key issue lies on the restriction of TikTok on political content. Such as the protest by German farmers, such as the large scale imprisonment on Uyghurs, such as the political violence against women in India and the daily life of a disabled person. According to the standard of TikTok, all of these content should in no event occupy a prominent position in the App. If you want to publish any content which has a political agenda, you either have to cooperate with TikTok or you have to get around the administrative system so so not to have your video taken down. Recently, the United Nations decided to cooperate, its video which advocates against violence against women has obtained more than 887 million views.
On the other hand, when an American girl uploaded a video using her TikTok account speaking about sensitive topics relating to concentration centres of the Chinese Uyghurs, TikTok immediately suspends her account.
This way of operation is nothing new under the sun in the social media platform in Mainland China. Such as the content restriction at Friends Circles in WeChat App, such as the “Closed Screen Monitoring” at Weibo. However, being the first ever social media platform that has received popularity worldwide, TikTok seems in trying to duplicate the operations model which has been working in China with the users from all over the world.
Interestingly, in the latest election rally by Trump, it is precisely that the TikTok users started the campaign that called on users to register for tickets, but don’t turn up, which resulted in a low rally turn out in Oklahoma. Doubts hence should be cast on the question of “how TikTok’s algorithm qualifies which content falls under a political agenda”.
#3: Concerns from US and European regulators
With the trade war between PRC and USA entered into the second phrase with the imposition of sanctions or export regulations, the fact that TikTok is a brainchild by developers in China could be seen as a potential security concerns by certain US authorities that certain government employees information could possibly be compromised. For instance, US Department of Defence, US Navy and US Army urged its employees to refrain from downloading or using the App. In the recent bill presented by Senator J. Jawley on March 2020 titled “No TikTok on Government Devices Act”, it proposes that TikTok should be banned for use and downloads on government-issued mobile devices.
The CIFUS (known as Committee on Foreign Investment in the United States), which serves as the gatekeeper for approving all US transactions made by foreign buyers in protection of its national interests, has opened an investigation on TikTok due to its mother company, ByteDance, did not requested clearance from CFIUS on its acquisition of similar American App Musical.ly in 2018. Failing to obtain a clearance from CFIUS could render the entire transaction made void, with the payment made by the foreign buyer already paid for nothing; or the merged US company have to be ordered for a sale by the order of CFIUS. In 2020, CFIUS ordered the sale of Grindr, a dating app, since it is of the view that the ownership of the US company by Chinese gaming company Kunlun Tech caused a national security risk.
Under National Intelligence Law of China, the mother company of ByteDance would have to provide the Chinese government for intelligence operations which may very well result in transfer of location, images and biometric data to China. Again, how is TikTok able to comply with the US-based regulations to protect its US users when in China there is an obligations for its mother company to comply with national intelligence law — is a dire question which TikTok has not fully and satisfactorily answered.
Back to Europe. On 10 June 2020, European Data Protection Board (“EDPB”) announced it will establish a taskforce to “coordinate potential actions and to acquire a more comprehensive overview of TikTok’s processing and practices across the EU” at its 31st plenary session. The supervisory authority in the Netherlands had, before EDPB’s announcement, announced earlier in May 2020 that it will investigate TikTok in relation to the processing of minors’ personal data.
My testing on the App (21 June 2020) indicates that the age declaration is only made by the user. This agrees with the Privacy Notice of TikTok applicable to Germany, where it says under Clause 13,
“The Platform is not intended for users under the age of 13. If you believe that we have or collect personal information with respect to such users, please contact us at privacy@tiktok.com.”
It requires users under its terms and conditions that they fulfil the national age limitation with respect to giving legal consent. However, it is clearly not sufficient with the T&C in place simply without any other safeguards in compliance with GDPR on protection of minors.
In the spring of 2019, TikTok was sentenced by US Federal Trade Commission to a record of $5.7 million fine for handling of personal data of minors (e.g. names, e-mail addresses) without parental permission. Elsewhere, in UK, the Information Commissioner’s Office had also started an investigation in this respect against TikTok. Let’s see how the events would unfold over the next couple of months.
