When reached for comment by many publications, TikTok could not confirm the product developments which necessitated the addition of biometric data to its list of disclosures about the information it automatically collects from users, but said it would ask for consent in case such data collection practices began. Here’s where a slight loophole comes in. Although the app said it would seek “required permissions” to collect “faceprints and voiceprints” where required by law, it failed to elaborate on whether it’s considering federal law, states laws or both—only a handful of US states have biometric privacy laws, including Illinois, Washington, California, Texas and New York.
The senators also quizzed TikTok on whether any data is gathered for users under the age of 18 or whether it makes any inferences about its users based on the biometric data it collects. They also asked the platform to provide a list of all third parties that have access to the data.
“The coronavirus pandemic led to an increase in online activity, which has magnified the need to protect consumers’ privacy,” the letter reads. “This is especially true for children and teenagers, who comprise more than 32% of TikTok’s active users and have relied on online applications such as TikTok for entertainment and for interaction with their friends and loved ones.”
TikTok has been given until 25 August to respond to the lawmakers’ questions.
As most of you may have noticed, this isn’t the first time TikTok’s excessive data collection plans have come under scrutiny. Earlier this year, the company paid out $92 million to settle a class-action lawsuit claiming it unlawfully collected users’ biometric data and shared it with third parties. Some argue that TikTok’s legal team may have wanted to quickly cover itself from future lawsuits by adding a clause that permits the app to collect personal biometric data.
This came after the Federal Trade Commission (FTC) in 2019 slapped TikTok with a $5.7 million fine for violating the Children’s Online Privacy Protection Act (COPPA), which requires apps to receive parental permission before collecting a minor’s data.
This new controversy comes at a time when TikTok has been working to regain the trust of some US users. Under the Trump administration, the federal government attempted to ban TikTok from operating in the country entirely, calling the app a national security threat because of its ownership by a Chinese company. TikTok fought back against the ban and went on record to state it only stores US-based user data in its US data centres and in Singapore.
The platform also said that it has never shared user data with the Chinese government nor censored content, despite being owned by Beijing-based ByteDance. And it said it would never do so, if asked. Meanwhile, although Biden has signed an executive order to restrict US investment in Chinese firms linked to surveillance, his administration’s position on TikTok remains unclear.