TikTok new privacy policy seeks biometric data

TikTok has updated its privacy policy allowing the collection of its US users’ biometric information, including such identifiers as what it describes as "faceprints", and "voiceprints", following recent controversy. 

As TechCrunch reports, the new policy wording comes after the social media app, which is owned by Beijing-based ByteDance, paid out $92 million in February this year to settle a class action in Illinois over charges it broke biometric privacy law in that state. 

• The wording of the new policy refers to asking user permission to collect biometrics “Where required by law”. This carefully worded assurance means TikTok’s policy allows it to collect the data of most US users without their express permission because only a few states in the US have laws to restrict the gathering of such information.
• The new policy wording has only been added to TikTok’s US privacy policy, as markets elsewhere, notably the EU, have strict controls on data collection.
• No explanation has been given by TikTok about why it wants the data and what it might be used for and there is no clear definition of “faceprints” or “voiceprints”. 

Key takeaway

As Tech Crunch reports, TikTok already has a huge amount of personal data collected from its users – information about people’s devices, users’ location via their SIM card and IP addresses, and GPS; how people use TikTok and the content looked at and uploaded, along with the information contained in messages sent via the app, as well as an array of other data like keystroke patterns and rhythms. 

All this is on top of information collected when users register, which includes names, profile photos, social media accounts, phone and social network contacts and payment information.

Sourced from TechCrunch