Over the last few weeks, a number of countries have banned the use of TikTok on government devices over concerns that confidential data could be shared with the Chinese government. Are these concerns legitimate and should companies be worried about employees using the app on work devices?

What are the concerns?

TikTok has come under fire recently following accusations that its parent company – ByteDance – collects user data from the app and shares it with the Chinese government. And there have been some events that seem to back this up. For example, BuzzFeed shared leaked data from ByteDance in 2022 that showed, despite the company’s promise that US data would be stored in the US rather than China, China-based employees repeatedly accessed non-public data about US TikTok users. Forbes also claimed that TikTok spied on some of its journalists.

Should you consider banning TikTok within your company?

To date, six countries have introduced a ban of some form on the use of TikTok, as have the European Union’s top three bodies – the European Parliament, European Commission and the EU Council. However, whilst these countries have banned its use, many others haven’t. For example, the UK has said there is currently no evidence to suggest a ban is necessary. 

And a number of cybersecurity professionals agree. They argue that if governments are concerned about data sharing, they should also be concerned about the use of WhatsApp and Facebook. This ban on TikTok also comes at a time of heightened tensions between the US and China following the downing of a suspected Chinese spy balloon. As a result, some argue that the ban could be seen as a ‘tit for tat’ response, particularly as China has already banned the use of many foreign social media platforms.

Overall, there is always some risk when using third party apps, however if their use is deemed necessary for good functioning of the business, then the risk needs to be managed through good cybersecurity practices.