TikTok has your children's home address. FaceApp stores photos of, well, your face—and has the ability to predict what you'll look like across the span of your life. Your hotel check-in app shows your travel destinations, room preferences, and upcoming stays.
Sure, that may not seem like a big deal, but all of this data could be a goldmine for other nations, waiting to attack Americans' security through cyber-hacking practices like geotargeting, facial recognition, and pattern projection. In short, your smartphone has the potential to be a more useful weapon than a missile.
Some foreign nations, such as Saudi Arabia, use information shared across apps to identify dissidents and potential spies, or to hack into computers, according to NPR. Additionally, nations can use the data collected through apps to create psycho-graphic models—groupings of people based on their shared psychological characteristics—that are deployed in disinformation campaigns.
Is TikTok Safe?
Apps like the wildly popular TikTok are particularly vulnerable. The Chinese app utilizes an algorithm that its engineers can tune to potentially distribute news or content that sways public opinion—a form of information control that has proven societal impact. And China's 2017 national intelligence law contains language that requires companies to comply with intelligence gathering operations if asked.
"China has a very different legal framework and perspective on the rule of law," says Andrea Little Limbago, chief social scientist at Virtru, an encryption and privacy company. "TikTok claims they do not store data in China, but this is difficult to validate and does not address data privacy concerns prior to February 2019. This is especially relevant as user data could inform intelligence campaigns targeting American citizens." (You might remember that in February 2019, TikTok was fined for its data privacy usage.)
Given China's history of data interference and its faulty human rights record, Americans should be concerned about data weaponization.
Adira Levine, cybersecurity fellow at the public policy think tank New America, says you should also consider the permissions you are granting when you hit "agree" or when an app prompts you to change your device settings. Such permissions create pathways for other entities, including companies and advertisers, to access the data. The more people who have access to your phone and your data, the less secure you are.
It's difficult to directly attribute cyberattacks or cyber-spying operations to specific foreign nations. It's even more difficult to make correlations between apps and nation-state attacks. However, the growing number of cyberattacks and the increasing reports of apps with potential for misuse should raise a red flag.
Ask yourself if it's really worth giving away your personal data to a company in China just to pass the time with a mindless app. And think about apps before you download them. The only way we'll be resilient against cyberattacks is if every individual is more critical of their own phone, their own apps, and their own safety.
🎥 Now Watch This:
Kristina Libby is a professor at NYU, the host of the forthcoming cyberwar podcast Threat Matrix, and a consultant, author, and innovator in emerging technology.
