Security expert reveals the TikTok setting that exposes your data – and how to turn it off

Apple, Android settings can override TikTok data permissions, cybersecurity expert says

If you’re one of the more than 1 billion monthly TikTok users, one cybersecurity expert is warning that without proper settings in place, the app can collect data about your contacts, browser history, location – and even personal health information.

"This application has access to those things on your phone that you might hold dear to you: your contacts, your location, your buying intent, your shopping history, your browser history, everything that we probably want to keep private," SideChannel CEO and former Department of Defense cybersecurity leader Brian Haugli said on "Mornings with Maria" Wednesday.

Haugli’s comments come just one day after FBI Director Christopher Wray admitted on Capitol Hill that the agency has concerns about the social media platform’s security dangers.

"We do have national security concerns, at least from the FBI's end, about TikTok," Wray had said on Tuesday. "They include the possibility that the Chinese government could use it to control data collection on millions of users or control the recommendation algorithm, which could be used for influence operations if they so chose, or to control software on millions of devices."

F.C.C. COMMISSIONER ESCALATES TIKTOK CONCERNS, SAYS CHINA USES DATA TO MAINTAIN ‘AUTHORITARIAN GRIP ON POWER’

Earlier this month, senior Republican and FCC Commissioner Brendan Carr doubled down on his argument that the Treasury Department and its subsidiary Committee on Foreign Investment in the United States (CFIUS) should ban TikTok for American users over national and cybersecurity concerns.

TikTok in app store

TikTok users can limit the app's access to personal data through Apple and Android phone settings, SideChannel CEO and former Department of Defense cyber security leader Brian Haugli said on "Mornings with Maria" Wednesday, November 16, 2022. (Getty Images)

"Once they obtain this data, there's all sorts of espionage, blackmail activity they can engage in," Carr said in an interview on "Cavuto: Coast to Coast." "One thing I'm really concerned about is this data is going back to Beijing and feeding their artificial intelligence operation. Right now, the [People’s Liberation Army], the [Chinese Communist Party] are using and improving that A.I. to maintain their authoritarian grip on power."

According to Haugli, TikTok users unknowingly agree to the app’s terms and conditions, granting permission for the app to build a "full profile" about that individual – what area they live in, the accounts they interact or message with, even their dog’s name.

"That's not something that most people ever want to sign up for. But we're freely giving that type of access and information out to an application that is sitting inside of China and has access to the CCP," Haugli said.

"If you go to your chart for your doctor to look at, that's now in your browser history, that application has access to your phone in a way that could give them access to all of that information," he explained while also noting passwords are vulnerable, too, and "that information you are putting into that phone, TikTok, other applications like it that you give permissions to on your phone, you're allowing that to go on."

While TikTok is owned by Chinese media company Bytedance, Haugli pointed out that any business that operates within China is "beholden" to their government’s requests.

"I don't think we're doing enough. We have the opportunity to be able to put pressure on Google and Apple to remove this application from its store," Haugli argued. "We have an opportunity to be able to build better regulation within the United States and actually set up infrastructure that could block access to this data or this data leaving our environment. It's not something that the US has set up today, and it's something that I think we very much need."

GET FOX BUSINESS ON THE GO BY CLICKING HERE

Haugli claimed that once you’ve deactivated your TikTok profile and deleted the app from your phone, your information is "scrubbed" from TikTok’s database. For those who choose to keep using the popular platform, he recommends going into your Apple or Android settings and switching "off" TikTok’s access to contacts, location services and tracking.

"If you are going to install it for whatever reason, look at the permissions you are granting it. You actually have the ability to change those permissions. Do not just accept the default application and install it as it is," he said. "The phone actually has the ability to override, and that's where the control really is."

READ MORE FROM FOX BUSINESS