The UK has joined international partners in banning social media app TikTok from government electronic devices over concerns the Chinese-owned app could pose a security risk. Credit: TikTok Social media app TikTok has been banned on UK government electronic devices, the Cabinet Office has announced. The ban, announced by the chancellor of the Duchy of Lancaster, Oliver Dowden, comes in the wake of a security review into the risks posed to government data by social media apps on devices along with the potential for sensitive information to be accessed and used by some platforms. The move follows other Western countries who have barred the Chinese-owned video app over security concerns and increasing fear that user data from the app (owned by Beijing-based company ByteDance) could end up in the hands of the Chinese government.Security of sensitive government information “must come first”Given the potentially sensitive nature of information stored on government devices, government policy on the management of third-party applications will be strengthened and a precautionary ban on TikTok on government devices is being introduced, according to a statement published on the UK government’s website. “Currently, there is limited use of TikTok within government and limited need for government staff to use the app on work devices. This decision is in line with similar restrictions brought in by key international partners, including the US and Canadian governments, and the European Commission.”UK concerned over how data may be used by TikTok“The security of sensitive government information must come first, so today we are banning this app on government devices,” Dowden said. “The use of other data-extracting apps will be kept under review. Restricting the use of TikTok on government devices is a prudent and proportionate step following advice from our cybersecurity experts.”TikTok requires users to give permission for the app to access data stored on the device, which is then collected and stored by the company. Allowing such permissions gives the company access to a range of data on the device, including contacts, user content, and geolocation data, the government stated. “The government, along with our international partners, is concerned about the way in which this data may be used.” Ban does not extend to personal devices, exemptions may applyThe ban does not extend to personal devices for government employees, ministers, or the general public, although the government urged all individuals to be aware of each social media platform’s data policy when considering downloading and using them.“The ban on government devices applies to government corporate devices within all government departments. Specific exemptions for the use of TikTok on government devices are being put in place where required for work purposes. Exemptions will only be granted by security teams on a case-by-case basis, with ministerial clearance as appropriate, and with security mitigations put in place.” These exemptions will cover areas such as individuals working in relevant enforcement roles, or for example, for the purposes of work on online harms, according to the government. Commenting on the ban, cybersecurity expert and partner at Red Goat Cyber Security, Lisa Forte, wrote: “I agree with the ban of Tik Tok — but why is it not applying to all the platforms? It’s a basic security principle of MDM. All social media apps are aggressive in their collection and really none of them should be on official government phones, full stop.” Related content feature Cybersecurity startups to watch for in 2023 These startups are jumping in where most established security vendors have yet to go. By CSO Staff Sep 29, 2023 19 mins CSO and CISO CSO and CISO C-Suite news analysis Companies are already feeling the pressure from upcoming US SEC cyber rules New Securities and Exchange Commission cyber incident reporting rules don't kick in until December, but experts say they highlight the need for greater collaboration between CISOs and the C-suite By Cynthia Brumfield Sep 28, 2023 6 mins Regulation Data Breach Financial Services Industry news UK data regulator warns that data breaches put abuse victims’ lives at risk The UK Information Commissioner’s Office has reprimanded seven organizations in the past 14 months for data breaches affecting victims of domestic abuse. By Michael Hill Sep 28, 2023 3 mins Electronic Health Records Data Breach Government news EchoMark releases watermarking solution to secure private communications, detect insider threats Enterprise-grade software embeds AI-driven, forensic watermarking in emails and documents to pinpoint potential insider risks By Michael Hill Sep 28, 2023 4 mins Communications Security Threat and Vulnerability Management Security Software Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe