Dec 22, 2019

NYT: Popular ToTok messaging app is secretly an Emirati spying tool

Mohammed bin Zayed, the crown prince of Abu Dhabi. Photo: Liewig Christian/Corbis via Getty Images

The supposedly secure messaging app ToTok is actually a spying tool being used by the government of the United Arab Emirates to mass surveil its users, the New York Times reports, citing its own internal investigation and U.S. officials familiar with a classified intelligence assessment.

Why it matters: The app has been downloaded by millions of users in the Middle East, North America, Europe, Asia and Africa, and it was one of the most downloaded social apps in the U.S. last week. Its exploitation by the Emiratis is an illustration of how authoritarian governments are increasingly finding novel and more effective ways to expand their surveillance networks and crack down on perceived enemies or dissenters.

What we know: ToTok is said to mine data from users' contacts list and tracks locations by offering a localized weather forecast, much like other Apple and Android apps.

  • It also has access to microphones, cameras and user calendars.
  • The app doesn't claim to be encrypted like WhatsApp or Signal, and its privacy policy notes that it "may share your personal data with group companies."
  • ToTok was removed from the Apple and Google Play stores after the companies were notified by the Times, but users who already downloaded the app will still be able to use it.

The big picture: The Emiratis' exploitation of the app, which is linked to a private intelligence company under investigation by the FBI, follows a pattern of authoritarian countries using digital apps to gather information.

Go deeper:

Go deeper

Army bans TikTok from government-owned phones

Photo: Chesnot/Getty Images

The Army has banned its soldiers from using TikTok on government-owned phones, calling the Chinese-owned video app a cyber threat, reports Military.com.

Why it matters: The move, coupled with the Navy's similar decision earlier this month, highlights how seriously the military and government are taking TikTok's potential national security implications.

Go deeperArrowDec 31, 2019

Report details TikTok security vulnerabilities in 2019

Illustration: Aïda Amer/Axios

TikTok patched multiple holes in its security at the end of 2019 that had left the video sharing app's accounts, videos and user information potentially exposed for most of the year, as detailed in a new report from cybersecurity research firm CheckPoint.

Why it matters: No personal data was found to be compromised, but this report provides some of the first in-depth details of security risks faced by TikTok — which is under the microscope as lawmakers criticize its Chinese ownership.

Go deeperArrowJan 8, 2020

TikTok expands content rules, cracks down on misinformation

Photo: Chesnot/Getty Images

TikTok on Wednesday published a lengthy update to its rules of conduct, sharpening its definition of unacceptable content and its stance toward misinformation.

Why it matters: The move is an acknowledgment that TikTok's previous standards did not adequately address the onslaught of content-related issues that the video-sharing platform is starting to face as it grows.

Go deeperArrowJan 8, 2020