TikTok’s in-app browser can track every button or link you tap and every keystroke you type, according to an iOS Privacy review article from tech privacy researcher Felix Krause. This goes beyond the standard data collection we’ve sadly come to expect from social media apps in this age of surveillance capitalism. The idea that one of the largest social media platforms in the world has the capacity to monitor and record every single thing you type is shocking.

You should avoid in-app browsers

Pervasive tracking is unfortunately standard in many in-app browsers. In an earlier review of Facebook and Instagram in-app iOS browsers, Mr. Krause discovered that they insert JavaScript code into the websites you visit, allowing them to create commands that alert it to all of your activity. Using this injected code, these browsers can track “every button and link tapped, text selections, screenshots, as well as any form inputs, like passwords, addresses, and credit card numbers”, according to Mr. Krause. However, these apps at least let you open links using your default browser.

TikTok’s in-app browser goes even further. It inserts JavasScript code to track all your interactions with a website, just like Facebook and Instagram, but it can also track your individual keystrokes. And unlike Instagram and Facebook, TikTok doesn’t give you the option to open links using your default browser. If you follow a link in TikTok, you must use its in-app browser (or copy the link and paste it into your default browser).

Continue reading