Click to read the article in Turkish
The Personal Data Protection Authority (KVKK) has launched an inquiry against TikTok application after reports that it violated privacy rules.
A Reddit user revealed on April 9 via reverse-engineering that the application has access to phones' clipboards.
The KVKK previously sentenced Facebook to pay a 3.25 million lira (~474,000 USD) for violating its users' privacy.
TikTok has 28.6 million users in Turkey and more than two billion in the world.
Defining the app as a "data collection tool thinly veiled as a social media app," the user named, "Bangorlol" said, "They leaked users' email addresses ... as well as their secondary emails used for password reset."
TikTok is able to reach the following information, according to the user:
Phone hardware (cpu type, number of course, hardware ids, screen dimensions, dpi, memory usage, disk space, etc)
- Other apps installed on the device
- Everything copied to the clipboard
- Everything typed on the keyboard
- Information about viewed videos and photos on Twitter, Instagram and Facebook
- Everything network-related (ip, local ip, router mac, your mac, wifi access point name)
- Whether or not if the phone is rooted/jailbroken
- Some variants of the app had GPS pinging enabled at the time
- The app sets up a local proxy server on devices for "transcoding media"
- Has access to microphone and camera even when not running (HA/VK)
