Despite having fewer trackers than Google, TikTok’s ad platform is still relatively new. Most consumers automatically think that any website or app they use is tracking them since data collecting has grown so pervasive. In fact, Meta was discovered in the act of scraping personal data via a loophole even after Apple’s latest privacy crackdown. Even the most knowledgeable customers, who have never used TikTok’s website or app, could be shocked to learn that the corporation is watching them.
The study was conducted by Consumer Reports
A Consumer Reports (CR) study result released last week claims that TikTok has been embedding tracking “pixels” on hundreds of websites. In collaboration with the security company Disconnect, CR searched through roughly 20,000 websites, particularly looking for TikTok’s pixels. The top 1,000 most popular websites were included in the pool, and several of the biggest .org, .edu, and .gov domains frequently have more sensitive user data.
What Consumer Reports (CR) found
The analysis discovered that TikTok receives data from hundreds of businesses. Weight Watchers, United Methodist Church, and Planned Parenthood are three prominent instances of websites that permit it to embed pixels. The sharing of user information on visits to the Arizona Department of Economic Security pages on domestic abuse and food assistance is arguably the most upsetting. The fact that none of these organizations would reply to CR’s requests for comment was the biggest surprise.
The fact that TikTok’s trackers are already so widely used startled Chief Technology Officer Patrick Jackson of Disconnect. “I believe that because Facebook is so prevalent, individuals have been trained to believe that they will eventually obtain their data. People haven’t yet associated that with TikTok, in my opinion.”
According to Consumer Reports, the number of Meta and Google pixels it discovered dwarfs TikTok’s by a significant margin. But it made a note of the fact that, in contrast to Google and Meta, TikTok’s advertising platform is still in its early years.
The major concern of Consumer Reports
Consumer Reports was interested primarily in personal information from businesses that users would probably have a problem with, such as hospitals or advocacy groups.
Analysts extensively examined them to determine what information the detected TikTok pixels shared. Its pixels routinely broadcast user IP addresses, unique visitor ID numbers, the pages users visit, and what they type and click. It also has access to search queries. Whether the user has a TikTok account or not makes no difference to any of this.
In response to a question, Melanie Bosselait, a spokeswoman for TikTok, stated: “like other platforms, we use the data we receive from advertisers to enhance the efficiency of our ads services.”
Bosselait continued by saying that her company does not create profiles to market to advertisers.
Additionally, she asserts that non-TikTok users’ data is only utilized for “aggregated statistics sent to marketers about their websites.”
TikTok claims that they “regularly work with our partners to avoid accidental transmission of [particular sensitive] data.” Any information pertaining to one’s health, finances, or children would go under this category.
However, CR claims that prior investigations have demonstrated that trackers frequently communicate sensitive data despite the regulations of websites like Meta and Google that forbid doing so. The pixels on TikTok are no different.
For instance, CR discovered that TikTok contains a pixel on every page of the national Girl Scouts website that might transfer personal information if a child is visiting. The analysts also discovered that when someone searched for “erectile dysfunction” on WebMD, the tracker sent a report of the query to TikTok.
These are only a few instances where the company received sensitive information despite its privacy policies and assurances. Users would probably be extremely upset if they learned that a website they never even visited got access to this information.
Jackson explained that “the success of the operation is dependent on its secrecy. We all need to have a choice. Even though some people might not care, it shouldn’t be taking place in secret.”
Some company officials weren’t aware of the data their company shared or with whom
Consumer Reports told the Mayo Clinic that TikTok was receiving data from its public website (not the patient portal). The clinic had taken down the TikTok tracker, but Disconnect later discovered that the website continued to employ a “significant number” of other pixels, including those from Microsoft, Google, and other companies.
What lies ahead for consumers?
Consumers currently have limited options for dealing with this issue. However, CR points out that a lot of tracking may be minimized by switching to more privacy-friendly browsers like Firefox or Brave. Strengthening security settings and the use of privacy-protecting extensions can also help reduce a lot of tracking.