https://www.smh.com.au/technology/m...or-tracking-users-online-20231224-p5etik.html Some of Australia’s largest and best-known brands are being urged to remove a tracking tool from Chinese-owned social media giant TikTok, amid revelations it is harvesting Australians’ data including email addresses, mobile phone numbers and browsing histories without their knowledge or consent, in a potential breach of the nation’s privacy laws. TikTok’s tracking tool, known as a pixel, is an invisible piece of code that tracks a user’s web history and personal information, even if the user doesn’t have a TikTok account. The pixel can then track a user across the internet and piece together their identity including their email, phone number and buying habits – even if they don’t have TikTok on their phone. TikTok can track a user’s web history and personal information, even if the user doesn’t have the app on their phone.CREDIT:ALAMY Marketers often use tracking pixels for legitimate purposes, including re-targeting campaigns and to deliver more relevant ads that follow users across websites. Tech giants such as Meta (owner of Facebook) and Google have their own tracking pixels. But tests show the pixel from TikTok, owned by Beijing-based parent company ByteDance, doesn’t wait for user consent and is more aggressive in how it scrapes the data – data that may be made available for sharing with other Chinese corporations and the Chinese government. The revelations have prompted calls for Australia’s information commissioner to urgently launch an investigation and for websites to remove TikTok’s tracking pixel. Tracking the tracker Tests run by this masthead found TikTok’s pixel scrapes a user’s email address and mobile phone information across some of Australia’s most-visited websites, including Kmart, Sportsbet and Beyond Blue, often taking the information even before a user has clicked “I agree” or “I consent” on an online form. The tests found the pixel sends that information back to TikTok’s servers, along with the user’s location, the device they’re using and their actions on the page, including in some cases what they have added to their shopping cart. The email addresses and phone numbers are “hashed”, meaning they aren’t being stored in their original form, but are easily decrypted. A user might, for example, go online to buy a weight-loss drug, make a bet on a cricket match, then search for mental health conditions. TikTok is told about all of it. National mental health organisation Beyond Blue removed the TikTok pixel from its website after being alerted to the tracking issue. “Beyond Blue takes privacy and security extremely seriously, and we apologise for any concern this has caused,” said a spokeswoman for the organisation. How we tested the TikTok pixel We downloaded a Chrome extension called Omnibug, which is used to test marketing and analytics tools. With the extension installed, we visited websites such as Sportsbet, Kmart, Beyond Blue and many others. We went to sign up for an account on those websites, entering personal information including our full name, email address, phone number. Using Omnibug, we could see in real time that information being sent back to TikTok, often before clicking “I consent” to the website’s privacy policy. TikTok uses a tool called “automatic advanced matching” that sees when a user enters text into a form field or a search box, and if it looks like an email address or phone number, it scrapes that data. Similar data is sent to Google and Meta, but only after “I consent”, for example, has been ticked. “WhenThe AgeandSydney Morning Heraldalerted us to this issue, we immediately commenced a review of our privacy policy and removed the TikTok pixel from our website. Our investigations are continuing as a priority. “Like many health organisations, Beyond Blue uses tools such as pixels to help us deliver safe and relevant content to people online.” A Sportsbet spokesman said: “We use advanced matching, and that’s consistent with targeting advertising methods that a lot of companies use. Our understanding is they don’t decrypt or use hashed data that has been shared with them.” Kmart did not respond to requests for comment. The tests by this masthead found that for Google and Meta’s tracking pixels, email addresses and phone numbers were sent to Google and Meta only after a user had consented to the websites’ privacy policies. According to TikTok’s website, the tracking pixel can “help you find new customers, optimise your campaigns and measure ad performance”. “With the pixel, you can track website visitor actions, like view page or purchase, and create audience segments to re-engage previous site visitors or model lookalikes to find new customers,” TikTok says on its website. TikTok has rejected claims the pixel breaches Australia’s privacy laws.CREDIT:AP ‘Remove that pixel’ The extent of data collected by TikTok’s pixel without user consent has caused concern among Australian marketers. Marketing and advisory agency Civic Data has issued a warning to its clients recommending they remove the pixel from their websites on privacy grounds. In the client bulletin on December 20, which was obtained by this masthead, Civic Data director Chris Brinkworth said his company had “repeatedly observed non-consensual collection of personal data on Australian wagering, telco, finance, supermarket, e-commerce, charity and media organisations’ websites. “This raises serious privacy concerns regarding the lack of transparency, misuse of personal information and disregard for consent requirements under current regulations such as the Privacy Act 1988. Civic Data’s recommendation is that all Australian businesses consider removing the TikTok pixel and other TikTok integrations from their platforms if they cannot guarantee that the data usage matches the consent given by consumers.” Civic Data’s clients include accounting software company Xero, Ticketek, Carsales, RACV and BlueScope. Call to protect Australians Senator James Paterson has called for an urgent probe by Australia’s information commissioner. Paterson, the Coalition’s cybersecurity spokesman, this year chaired a committee into foreign interference through social media that grilled TikTok executives. “This is a very serious and potentially unlawful mass breach of the privacy of TikTok users, former users and non-users,” he told this masthead. “It would be concerning from any company but is particularly alarming given TikTok is beholden to the Chinese Communist Party and has admitted its China-based employees frequently access Australian user data. There’s nothing to stop this industrial-scale unauthorised data collection being simply handed over to Chinese intelligence and security agencies, as TikTok and its employees are obliged to do under Article 7 of China’s National Intelligence Law. “The information commissioner must commence an urgent investigation into TikTok Australia and use their full range of enforcement powers to protect Australians from this extraordinary surveillance.” A spokesman for the Office of the Australian Information Commissioner said the agency was monitoring issues relating to TikTok’s handling of personal information, particularly in light of the findings made by the British Information Commissioner’s Office in an investigation into the company. “The OAIC will give consideration to the information raised which alleges data scraping in regard to TikTok’s practices,” the spokesman said. A TikTok spokeswoman denied the pixel breaches Australia’s privacy laws. “We strongly reject the suggestions outlined by Civic Data and are disappointed that a company would deliberately try to mislead or scare companies without regard to current law or the information available,” she said. “Pixel usage, which is voluntary for our advertising clients to adopt, is an industry-wide tool used to improve the effectiveness of advertising services.Our use of this tool is compliant with all current Australian privacy laws and regulations, and we dismiss any suggestion otherwise.” The China connection In 2016, China designated big data a “fundamental strategic resource”, and four years later its government designated data as the fifth “factor of production”, joining land, labour, capital and technology. Its national intelligence laws allow the ruling Communist Party to pull data upon request from companies based in the nation. China’s National Intelligence Law of 2017 requires all organisations and citizens to “support, assist and co-operate with the state intelligence work”, and the Australian government this year banned TikTok on government devices over security concerns related to China’s intelligence laws. Governments from Britain, Canada, France and New Zealand have also banned the app from official devices. Jocelinn Kang, technical specialist at the Australian Strategic Policy Institute, said data from a tracking pixel could be aggregated across websites, apps and social media platforms. She said pixel tracking could identify users through their “browser fingerprint” – a combination of their IP address, browser and system details. “However, when more identifying data such as email and phone number is associated with a user, their web activity can be better linked,” Kang said. Strategic Policy Institute researcher Samantha Hoffman said the data collected by TikTok’s pixel was similar to that of US-based tech giants Google and Meta, but the difference was “the intent”. Advertising data had “incredible propaganda value”, she said. “If you think about that, plus the access that TikTok is required to give the Chinese government, that’s the problem.” In November 2022, TikTok changed its privacy policy to make it explicitly clear user data can be accessed by some employees from across the world, including China. “They talk about how even data collected overseas can be used by the company and its partners, and would be kept private unless security organisations make demands of it,” Hoffman said. The tool kit does not exist to deal with these kinds of problems around data security, she said. “We need a long-term solution.”
Better not to buy chinese electronics, like smartphones or notebooks. You never know what they are all tracking even on hardware if that is true with TikTok software, what I believe. I also would like to know what kind of backdoors are in computer hardware made in USA ? Of course they are the good side, but data privacy is still strongest in the Euro area where I live. I also read that Facebook/Meta is selling all the data they have to third parties too. Just to make as much money they can of all the data they have. And in comparison to China the US based companies are smart(er).
The interesting question is why and how did these websites of Australian companies residing in Australia have Tiktok pixels in the first place? Were they using Tiktok pixels for their own purposes? This is the kind of question that those Australian politicians should be asking. People who never have any accounts with Tiktok or even use Tiktok shouldn't get their personal information stolen by Tiktok because of other people who happen to use Tiktok. WTF!!
Uh oh ....this has been talked about for years and not only tik tok... Nothing is going to change so don't even put any thought or time into it....
Dude, where's the friggin' source? You can't just slap on a controversial title like this and expect everyone to believe you at face vale. Unless you think we're all tards. Don't worry, I already googled it.
%% You mean like part of a bigger pattern of TikTok being outlawed by state govs?? A well know proven pattern\outlawed by now; 34 out of 50 states , a much bigger negative Any idea why all [ USa states]have not outlawed TikTok by now??
TikTok lags on extremism as MPs call out graphic content on platform ByPaul Sakkal March 19, 2024 https://www.smh.com.au/politics/fed...phic-content-on-platform-20240318-p5fd91.html TikTok is the only social media giant not signed up to a global anti-extremism pact, Australia’s top internet regulator says, as MPs call out the Chinese-owned company for the proliferation of graphic content stemming from the Hamas-Israel war on its platform. As the US government threatens to ban the app to force it out of Chinese hands, Australia’s eSafety commissioner, Julie Inman Grant, announced she had issued legal notices to Google (YouTube), Meta (Facebook and Instagram), Twitter/X, WhatsApp, Telegram and Reddit forcing them to explain steps they had taken to remove terrorist and violent extremist material. Australian eSafety Commissioner Julie Inman Grant has issued legal notices to multiple tech giants.CREDIT:MARTIN OLLMAN TikTok was not among the groups targeted in Inman Grant’s social media enforcement, but Inman Grant said it was newer and regulators had insufficient tools to track its behaviour, flagging a focus on TikTok in her next round of legal notices. Emphasising TikTok’s harmful algorithm, Inman Grant said in an interview on Monday she had given a presentation on social media to an attorney-general advisory board whose members were “gobsmacked” that big tech was not doing the basics on monitoring content and were “going backwards” from previous standards. “Any form of terrorist and violent extremist material is either designed to divide and cause fear or spread propaganda,” she said. “It comes from ideologues from a range of different stripes. It’s meant to have a corrosive impact on people and therefore social cohesion and even democracy.” TikTok, which has 8.5 million users in Australia and more than a billion globally, has become the subject of heated political debate due to a US push for its Chinese owner, ByteDance, to divest the company to reduce national security risks as companies in China are obliged to co-operate with the Chinese Communist Party. Opposition home affairs spokesman James Paterson, a frequent TikTok critic, and Labor MP Josh Burns said tech companies must help maintain social cohesion by clamping down on violent depictions of events such as the Israel-Hamas war, which Paterson said was all over the popular video-sharing app. Paterson has labelled TikTok a “bad-faith actor” and urged the Albanese government to join other countries in curbing Chinese influence on TikTok’s operations. Prime Minister Anthony Albanese said on Saturday that Labor had no plans to move beyond existing rules stopping government officials from using TikTok on phones with sensitive information. On Monday, senior minister Tanya Plibersek said: “We’ll take the advice of our security and intelligence agencies on anything we need to do around TikTok. I think people should be careful of the data that they put online in general. Like I say, if the security and intelligence agencies give us advice on TikTok, we’ll take it.” The Global Internet Forum to Counter Terrorism, established in 2017 and designed to share information to clamp down on violent content, includes all major social media platforms except for TikTok. “[TikTok] is sort of behind the rest of the companies,” Inman Grant said, noting that other members of the group may be uncomfortable co-operating with a Chinese-owned firm. “But they are in a class of themselves because they’re not part of these broader groups.” A TikTok spokeswoman was unable to comment on the platform’s non-involvement in the global forum. TikTok, however, is a member of the United Nations-backed group Tech Against Terrorism. Paterson, who has consistently backed Israel in its war in Gaza, said some of the most graphic content online from the war existed on TikTok. Burns, a Jewish MP, said the eSafety commissioner’s warnings were important, adding that platforms such as TikTok had “a responsibility to ensure they are not exacerbating tensions within society, or radicalising people”. Greens leader Adam Bandt said: “The growing alarm about the slaughter of civilians is not the result of an algorithm, but the brutal reality of the invasion of Gaza that Labor continues to support.” The EU warned TikTok in October about “disinformation” spreading on the platform after Hamas’ terrorist attack on Israel, which killed about 1200 Israelis. More than 31,000 Palestinians have been killed since the war began, according to the Hamas-run Health Ministry. In November, TikTok said it was countering antisemitism and had removed millions of videos related to hate speech, hateful behaviour, harassment and bullying.