An Australian politician is calling for TikTok to be banned following a report raising concerns the social media platform could be logging keystrokes — including passwords.
Liberal Senator James Paterson, who sits on the Parliamentary Joint Committee on Intelligence and Security, said on Friday if the government cannot solve national security concerns in relation to social media platforms, then those platforms should be banned.
"I think the geopolitical environment which we are in puts an extra impetus on addressing this now – we don’t want to wake up in a conflict scenario and think we need to protect our cyber security," he told The Australian.
"If god forbid the worst happens we need to be sure we're in a secure cybersecurity position."
Former US President Donald Trump tried to ban TikTok, also citing security concerns and TikTok is already banned in India.
Speaking to Yahoo News Australia, Nigel Phair the Director of Enterprise of UNSW Canberra Cyber, said we need to take out the passion and hype regarding this conversation and ask — what are we trying to achieve here?
Facebook, Instagram, Twitter, not just TikTok
Mr Phair said the question at hand relates to what TikTok can see, and whether users should be concerned, but the issue itself should extend beyond TikTok.
Instead, we need to be looking at all social media platforms alongside TikTok.
"I think we need a much bigger Australian conversation about what it means to use social media," he said.
Australians need to question what they "give up" when they sign up for a new platform, he says, for example, do you sign up to a new platform with your real name?
Mr Phair says these media reports can often be perceived as potentially fear-mongering and essentially say "oh, [social media companies] can access your address book".
"Well, yes, it can. All those apps can, and they can because you are allowed them to," he said.
"So we need people to start making informed decisions about whether they want it to."
Why TikTok became so controversial
The report which kicked off the calls for TikTok to be banned was done by security researcher and developer, Felix Krause.
His report determined the TikTok iOS app, which is opened in their in-app browser, has the capability to "subscribe" to keyboard inputs, which could include passwords and credit card information.
Mr Krause's research definitely isn't specific to one platform and he has shared his findings relating to several social media companies on his blog.
When opening a website from within the TikTok iOS app, they inject code that can observe every keyboard input (which may include credit card details, passwords or other sensitive information)
TikTok also has code to observe all taps, like clicking on any buttons or links. pic.twitter.com/Dcv0N4ccKD
— Felix Krause (@KrauseFx) August 18, 2022
Mr Krause said this statement confirms his findings.
"TikTok injects code into third-party websites through their in-app browsers that behaves like a keylogger. However, claims it’s not being used," he said on his website.
He also noted that we "can’t know what TikTok uses the subscription for", which is why more transparency is needed.
Should Australia ban TikTok?
In Mr Phair's opinion, the short answer is no.
He noted by banning the app you're running the risk of everyone wanting to use it. He also points out people could just use a VPN to access a social media site if it were banned.
Social media companies cross borders, so it's hard for Australia to enforce changes within these companies. Mr Phair says the best thing Australians can do is become more informed.
He says there is a discussion to be had about where data that is collected by social media giants is stored, and there should be more transparency relating to who can access that data and why.
Given TikTok is owned by ByteDance, which is a Chinese company, it's unsurprising there has been a visceral reaction to Mr Krause's report.
Mr Phair pointed out Australia doesn't have a healthy national security relationship with China.
Asking questions about how data is being stored and how it is being used is fair and should inform decisions going forward.
Peter Khalil, who sits on the same committee as Mr Paterson, told The Australian the government should commit to strengthening privacy laws.
"Reforming privacy laws are important so they're fit for purpose in a digital age, and actually responsive to the different ways that Australia interact with each other and around the world," he said.
Planning for the next TikTok
TikTok boasts an estimated 1 billion users worldwide. But just like Facebook and MySpace, there could be a day when its popularity wanes and another platform reigns supreme.
"Facebook is huge, but if you look at the stats, it's nowhere near what it was. They were smart, they bought Instagram to pick up the next generation of people," Mr Phair said.
"There will be another thing, and we might look back and like 'who's got TikTok on their phone?'."
That's why these conversations shouldn't be specific to TikTok.
"We need to get on top of the platforms we have now, but we also need a framework for the next TikTok or social media conglomerate," Mr Phair says.
The report's conclusions about TikTok are incorrect and misleading. Contrary to its claims, we do not collect keystroke or text inputs through this code, which is solely used for debugging, troubleshooting and performance monitoring. https://t.co/eUl9hikO3h
— TikTokComms (@TikTokComms) August 19, 2022
He added governments could play a part in helping social media companies understand they need to "provide a trustworthy and safe platform".
But at the end of the day, it comes down to these companies.
The companies need to clearly explain to people what they are getting into by hitting "agree" on the terms and conditions, and what it means to participate on a platform.
"So it goes back to the informed consent so that you, or I, or anyone else can sit there and go 'Yeah, I'm comfortable with that'," Mr Phair said.
Do you have a story tip? Email: email@example.com.