Is TikTok, the Chinese-owned social network that is used mostly by teenagers to post dance videos, a national security threat?
Whether or not TikTok’s code has been doing something nefarious, there is a broader lesson here. As increasingly digital creatures, we often don’t think twice about giving the apps that we love permanent access to information about ourselves. The debate about TikTok is a reminder that we must be on guard about the data we share with any apps — whether it is from an American or a Chinese company.

Here’s what you can do to set up app defences.

Minimise Data Sharing

When you open a newly installed app on your phone, notifications may pop up asking for permission for access to sensors and data such as your camera, photo album, location and address book. When that happens, ask yourself these questions:

• Does this app need access to my data or sensor for it to work properly?
• Does the app need access to this sensor or data all the time or just temporarily?
• Do I trust this company with my data?

Sometimes it makes sense to grant access. An app like Google Maps, for example, needs to know your location so it can figure out where you are and give directions. In other instances, the need is less clear. Then there is the question of whether an app needs permanent access to our data and sensors — meaning it always has permission to get information like our location and photos even when we are not using features related to that data.

Usually the answer is no. As a brand new TikTok user, for example, I had granted it permanent access to my phone’s camera and microphone. But I have mostly used the app to scroll through people’s cooking videos and have posted only two videos. And the app doesn’t really need to know that much about me. So I eventually went into the settings to disable access to those sensors.

Even if giving access makes life easier, it may be worth putting up with some hassle if you don’t trust the company. Sinan Eren, the chief executive of Fyde, a security firm in Palo Alto, California, US, no longer trusts Facebook but uses the Facebook-owned WhatsApp. To avoid sharing his address book with Facebook, he said, he manually added his contacts to WhatsApp.

Block App Tracking

Many apps are constantly pulling information from our devices, such as the model of our phone and what version of mobile operating system it is using, and sharing that data with third parties. Marketers who gain access to that information can stitch together a profile and target you with ads across different apps — a practice known as app tracking.

To limit this invisible data harvesting, I recommend using so-called tracker blockers. The app Fyde, which is free for iOS and Android devices, automatically blocks such trackers. In my tests constantly running the tracker blockers, this app consumed less battery than other apps did. Apple said that in iOS 14, apps would be required to ask people for permission to perform tracking.

Be Curious

This last step is less technical: stay informed. If you wonder how a company manages to offer its app, do some research on the business. Read its website and send the company questions to gain a basic understanding of what’s happening with your data and what steps you should take to minimise sharing.

If it is a free app that relies on ads for revenue, you can assume that your data is part of the transaction. It’s not about what they collect today; it’s the drip over time. Before you know it, these apps have this huge profile about you that they’ve sold to many people.

New York Times News Service