>
TikTok has announced an update to its privacy policy this week that will allow staff in China to spy on UK user data.
Elaine Fox, TikTok’s head of privacy in Europe, claims this is to ensure its ‘global workforce’ can make TikTok ‘consistent, enjoyable and safe’.
As well as China, user data will be accessible to employees in Brazil, Canada, Israel, Japan, Malaysia, Philippines, Singapore, South Korea.
It will also continue to be available to staff in Singapore and the United States.
While the type of data that will be shared across the world from December 2 has not been specified, it could include names, phone numbers, ages, emails and approximate locations.
Jake Moore, a cybersecurity expert, told MailOnline he believes this is a ‘worrying step’ towards more tech companies selling off consumers’ personal data.
In a statement , the Chinese-owned app says that the data it harvests from European users will be able to be accessed by staff outside the continent – including China
Speaking to MailOnline, he said: ‘Most apps on your phone will try to scrap together and analyse as much personal data as possible but TikTok is attempting to view more than most.
‘Their algorithm not only helps users soak up personalised content but TikTok is constantly learning user habits in order to profit from and even share among third parties.
‘This all may sound normal in today’s technology age, but the alignment TikTok has with the Chinese government is a worrying step in breaking down company privacy and could pave the way for more companies into selling off sensitive data on their users.
‘To explicitly use TikTok safely and securely in confidence that private data will not be spied upon, it is recommended to use a completely separate device for TikTok use.’
TikTok said the policy applies to ‘the European Economic Area, United Kingdom and Switzerland’.
The popular app could be using the data to improve the performance of its algorithm, which recommends content to users based on their previous app activity.
Ms Fox says the employees who will have access to the data have demonstrated that they need it ‘to do their job’.
She added that TikTok did not collect ‘precise location information’ from users in Europe, despite its privacy policy stating ‘with your permission, we may also collect precise location information (such as GPS)’.
Regardless of this, Mr Moore added the user data would be ‘very interesting to controlling organisations’.
‘This data will naturally improve content in feeds but we should be concerned about all of this private information getting into the wrong hands which users didn’t sign up for,’ he said.
‘Terms and Conditions are difficult to check and most people just accept them to make apps work.
‘However, there is usually a lot more in them than expected and this will usually spell out where data is going but not always when used with clever language.
‘Apple and Google do a lot to protect devices from tracking but it is extremely difficult to use these apps without some personal data being shared.’
The update comes amid a flurry of regulatory concerns about Chinese access to personal data stored by the app by the UK and US.
The hugely popular app could be using the data to improve the performance of its algorithm, which recommends content to users based on their previous app activity
TikTok, that has more than a billion users worldwide, is owned by Beijing-based ByteDance, that has been linked to the Chinese Communist Party.
However, both ByteDance and TikTok have both repeatedly insisted they are not controlled by the government.
Back in July, a letter by TikTok CEO Shou Zi Chew confirmed that its China-based employees could access a ‘narrow set of non-sensitive’ US user data.
It did also confirm that it had migrated US users’ information to servers run in Austin, Texas by software giant Oracle.
The letter came after audio from more than 80 internal TikTok meetings was leaked as part of an investigation by BuzzFeed News.
One of the clips is of a director at TikTok who referred to a ByteDance engineer as a ‘Master Admin’ who ‘has access to everything’, according to BuzzFeed.
However, the CEO wrote that the ‘allegations and insinuations’ from the BuzzFeed News article are ‘incorrect and are not supported by facts’.
This week, Brendan Carr, a commissioner for the United States Federal Communications Commission proposed banning TikTok in the country.
He told Axios: ‘I don’t believe there is a path forward for anything other than a ban.’
He said there was not ‘a world in which you could come up with sufficient protection on the data that you could have sufficient confidence that it’s not finding its way back into the hands of the [Chinese Communist Party]’.
In July this year, the UK Parliament opened up an account on the app, but it only lasted just over a week before it was taken down.
As ByteDance is based in China, MPs raised concerns about user data being sent to Beijing.
The app was also investigated by the Irish Data Protection Commission in September.
It looked into whether it was acting in line with EU laws over transferring personal data to countries like China, as well as how it was processing personal data of children.