The argument that the US government is using in their bid to ban TikTok is that they claim that the app collects data on US citizens, which they believe poses a risk to national security. It seems that whatever excuses TikTok is making to defend itself might be moot, especially with a recent discovery.
According to a report from The Wall Street Journal, it appears that towards the end of 2019, TikTok had actually been collecting data on Android users in the form of the user’s MAC addresses. Unlike cookies that can be easily deleted, MAC addresses are unique identifiers that are used especially in digital advertising to identify devices.
Apparently the app had been exploiting a widely-known Android security flaw which according to AppCensus co-founder Joel Reardon, who documented the exploit, is surprising that it is still exploitable and not closed by Google. The report goes on to claim that TikTok had apparently stockpiled the MAC addresses it collected for at least 15 months.
Google has since stated that they are investigating these findings, while a TikTok spokesperson claims that the app has since been updated where it no longer collects MAC addresses of its users, although we have to wonder if it is too little too late as the damage has already been done.