If We're So Worried About TikTok, Why Aren't We Just As Worried About AdTech And Location Data Sales?
from the you're-not-being-consistent dept
We've noted a few times how the TikTok ban is largely performative, xenophobic nonsense that operates in a bizarre, facts-optional vacuum.
The biggest pearl clutchers when it comes to the teen dancing app (Josh Hawley, Tom Cotton, etc.) have been utterly absent from (or downright detrimental to) countless other security and privacy reform efforts. Many have opposed even the most basic of privacy rules. They've opposed shoring up funding for election security reform. Most are utterly absent when we talk about things like our dodgy satellite network security, the SS7 cellular network flaw exposing wireless communications, or the total lack of any meaningful privacy and security standards for the internet of broken things.
As in, most of the "experts" and politicians who think banning TikTok is a good idea don't seem to realize it's not going to genuinely accomplish much in full context. Chinese intelligence can still glean this (and much more data) from a wide variety of sources thanks to our wholesale privacy and security failures on countless other fronts. It's kind of like banning sugary soda to put out a forest fire, or spitting at a thunderstorm to slow its advance over the horizon.
Yet the latest case in point: Joseph Cox at Motherboard (who has been an absolute wrecking ball on this beat) discovered that private intel firms have been able to easily buy user location data gleaned from phone apps, allowing the tracking of users in immensely granular fashion:
"A threat intelligence firm called HYAS, a private company that tries to prevent or investigates hacks against its clients, is buying location data harvested from ordinary apps installed on peoples' phones around the world, and using it to unmask hackers. The company is a business, not a law enforcement agency, and claims to be able to track people to their "doorstep."
This, of course, comes on the heels of countless scandals of this type, where app makers, telecoms, or other companies collect and monetize your sensitive location data with zero meaningful oversight and little to no transparency, selling it to any nitwit with a nickel. The global adtech location surveillance market is such a complicated mess, even experts and journalists have a hard time tracking what data is being collected and who it's being sold to:
"The news highlights the complex supply chain and sale of location data, traveling from apps whose users are in some cases unaware that the software is selling their location, through to data brokers, and finally to end clients who use the data itself. The news also shows that while some location firms repeatedly reassure the public that their data is focused on the high level, aggregated, pseudonymous tracking of groups of people, some companies do buy and use location data from a largely unregulated market explicitly for the purpose of identifying specific individuals."
Do folks hyperventilating about TikTok not realize Chinese intelligence can also access this data? If so, why haven't I seen equal histrionics in relation to location data from folks like Josh Hawley? This massive, international network of telecoms, adtech vendors, and data brokers are engaged in wholesale, largely unaccountable surveillance of vast swaths of human beings. And yet, outside of a few lawmakers like Ron Wyden, countless lawmakers and regulators who've risked embolism with their TikTok outrage have been utterly silent when it comes to the threats posed by companies like HYAS:
"HYAS differs in that it provides a concrete example of a company deliberately sourcing mobile phone location data with the intention of identifying and pinpointing particular people and providing that service to its own clients. Independently of Motherboard, the office of Senator Ron Wyden, which has been investigating the location data market, also discovered HYAS was using mobile location data. A Wyden aide said they had spoken with HYAS about the use of the data. HYAS said the mobile location data is used to unmask people who may be using a Virtual Private Network (VPN) to hide their identity, according to the Wyden aide."
Either you care about U.S. data security and privacy or you don't, and I'm beginning to suspect that most of the folks who think TikTok poses an existential threat to the republic aren't engaging in a good faith understanding of the actual problem. With no privacy rules, transparency, or consistency we're a sitting duck for malicious actors, be they state-sponsored hackers, sex offending jackasses, or U.S. law enforcement officers out over their skis.
Want to genuinely shore up U.S. security and privacy problems? Pass a simple but meaningful privacy law for the internet era. Fund election security reform. Shore up our communications network security. Stop hamstringing and defunding privacy regulators at the FTC. Mandate transparency in the adtech market. Create some unified standards for the privacy dumpster fire that is the internet of things. Hyperventilating over a single Chinese-owned teen dancing app, then acting as if you've cured cancer is dangerous, counterproductive, and aggressively stupid in full context.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: adtech, data, data brokers, location, location data, privacy
Companies: tiktok
Reader Comments
Subscribe: RSS
View by: Time | Thread
Because Some politicians are getting paid by companies being allowed to get, use and profit from them! Dont take much of an IQ to work that out!
[ link to this | view in thread ]
A false dichotomy... People concerned about TikTok are concerned about that too.
[ link to this | view in thread ]
Because...
They haven't punked Trump, yet.
[ link to this | view in thread ]
Facebook wanted us to be upset
This was a trial of a new algorithm that brings things to your attention that FB wants you to be angry at/about. Tiktok was a threat to the reign of FB so it had to be destroyed, one way or another.
[ link to this | view in thread ]
Don't worry
The EU will force its privacy standards on US companies while congress continues bitching on which posts Facebook should moderate more or less.
[ link to this | view in thread ]
Again, context counts
If you look at the many security issues Karl has mentioned in the context of being harmful to the rights of individuals, they are flagrant, inexcusable derelictions of duty by the people in a position to fix the problems.
But if they are viewed in the context of unregulated assets to the authoritarian state, they are just that, and there is no incentive for government to remove them.
[ link to this | view in thread ]
Because there aren't any US businesses making money out of Tik Tok.
[ link to this | view in thread ]
Re: a false dichotomy
Obviously not, judging by the different outcomes.
[ link to this | view in thread ]
AdTech is WAY better at blackmailing Congressmen and Senators.
Hire underage prostitutes. Take video. Politicians now head-off ANY attempt to attach AdTech (directly owned and controlled by the CCP from Bejing).
[ link to this | view in thread ]
"xenophobic" - are you stupid, or just a Chinese shill?
Yes, AdTech is a problem. It's not "literal malware masquerading as an app that steals every single piece of data it can off your device and is effectively owned by the Chinese government".
Maybe if you'd watched more Sesame Street, you'd see how one of these things is not like the other.
[ link to this | view in thread ]
Re:
You sound intelligent and well-informed, perhaps you can share some evidence of TikTok being "literal malware masquerading as an app that steals every single piece of data it can off your device and is effectively owned by the Chinese government".
All these closet racists keep coming in and yelling things similar to that but can never support it, you're different from them right?
[ link to this | view in thread ]
Review
If you look at the many security issues Karl has mentioned in the context of being harmful to the rights of individuals, they are flagrant, https://www.telldunkin.one/ inexcusable derelictions of duty by the people in a position to fix the problems.
But if they are viewed in the context of unregulated assets to the authoritarian state, they are just that, and there is no incentive for government to remove them.
[ link to this | view in thread ]