According to a report by The Wall Street Journal, TikTok’s Android app collected users’ MAC addresses for 18 months illegally, and potentially used them for advertising and more invasive forms of tracking. The social networking app discontinued the practice in November of last year.
The report notes that even though the Google Play Store had banned the collection of MAC addresses as a matter of policy back in 2015, TikTok was still able to obtain the identifier through a loophole, which was exploited by around 350 other Android apps as well.
“The identifiers collected by TikTok, called MAC addresses, are most commonly used for advertising purposes. The White House has said it is worried that users’ data could be obtained by the Chinese government and used to build detailed dossiers on individuals for blackmail or espionage.”
The report comes at a time when TikTok’s Beijing-based parent company ByteDance is under pressure from the White House over concerns that data collected by the app could be used to help the Chinese government track the U.S. government employees or contractors.
TikTok has maintained that it doesn’t share data with the Chinese government and wouldn’t do so if asked.