SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image

Social media ban to put TikTok security concerns under microscope

Thu, 14th Nov 2024

As Australia looks likely to pass legislation banning social media for kids under 16, this should be used as an opportunity to place TikTok, one of the largest social media platforms and most popular among younger users, under the microscope. Beneath the dances and niche content, there's a host of privacy concerns, security risks, and geopolitical tensions that have put the platform into the spotlight of international scrutiny.

The crux of the TikTok dilemma lies in the delicate balance between furthering innovation and protecting security interests. Governments worldwide are struggling with the possible implications of Chinese-owned technology companies operating within their borders. TikTok has become a symbol of the broader challenges posed by globalised technology in an increasingly divided world. At its core, the issue stems from the platform's data collection practices, which are reportedly more extensive than necessary for its primary functions. This data gold mine, combined with TikTok's ties to China through its parent company ByteDance, raises alarming questions about potential backdoors and data exfiltration risks.

Other countries targeting TikTok

Australia's current legislation to impose social media age bans is playing out in other geographies, where TikTok is a target. The United States is considering a TikTok ban, primarily motivated by concerns over children's online privacy, while France's recent banning of several social media apps, including TikTok, on government devices underscores the growing international consensus that the platform's data practices warrant serious attention. Unlike traditional cyber threats that often involve malware or direct hacking attempts, the potential risks associated with TikTok are more subtle. The platform's algorithm, celebrated for its ability to tailor content to user preferences, could in theory be weaponised for information warfare or mass manipulation campaigns.

The allegations of Chinese Communist Party representatives having access to US user data as early as 2018 underscore the gravity of these concerns. In the world of cybersecurity, insider threats are often the most dangerous, and the possibility of state-sponsored actors having unrestricted access to millions of users' data is a nightmare scenario for security professionals.

Moreover, TikTok's global reach increases its potential as a vector for large-scale cyber attacks. The platform's influence on elections - which we saw play out last week in the US - also highlights how social media can be leveraged as a tool for disinformation campaigns and social engineering on a massive scale.

Ban alone won't solve problem, education and practice on "safe" platforms vital

We can all agree the red flags raised by TikTok pose deeper questions about data control, digital ethics, and the role of technology in society and politics.

Looking at the current situation in Australia, a social media ban is a positive move toward protecting young users, but on its own will not solve anything.

The European Union's (EU) approach to TikTok regulation offers an interesting alternative to the more extreme stances taken by other regions. By forcing compliance with the Digital Services Act, the EU has demonstrated that it is possible to mitigate risks without resorting to outright bans.

Education and training should be paramount in the political debate.  If currently all parents were able to protect their children from unregulated access to the platforms, the legislation would not be necessary. We must not also forget that the situation does not change overnight. When teenagers enter a platform on their 16th birthday, they must be prepared to use it responsibly and to navigate the surrounding challenges carefully. 

Consideration of age-appropriate platforms that can be exempt from the legislation is a solution worth considering. And even if certain platforms are not considered appropriate, a social media lite will help explain the risks and dangers to children while allowing them to learn autonomously.

Training needs to be widespread, covering protection from abuse and coercion, from social engineering, and cyber-bullying. However, training must also educate teenagers about fake news and how to responsibly consume content online. Most importantly, there must be an opportunity for practice for children and parents. Whether that is as part of a school curriculum (which would be great) or a community initiative.

Social media bans stemming from the dilemma caused by platforms like TikTok highlight the urgent need for a shift in how we engage in the digital age. We need to find a way to balance the benefits of interconnected technology with the rights of individuals, the developmental needs of children, and the security interests of nations.  A ban is only a first step, and not a silver bullet. The government needs to focus on creating strong, adaptable regulatory and education processes that are flexible enough to keep up with rapidly evolving technology.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X