UK bans TikTok on government devices over data security fears

Social media app TikTok has been banned on UK government electronic devices, the Cabinet Office has announced. The ban, announced by the chancellor of the Duchy of Lancaster, Oliver Dowden, comes in the wake of a security review into the risks posed to government data by social media apps on devices along with the potential for sensitive information to be accessed and used by some platforms. The move follows other Western countries who have barred the Chinese-owned video app over security concerns and increasing fear that user data from the app (owned by Beijing-based company ByteDance) could end up in the hands of the Chinese government.

Security of sensitive government information “must come first”

Given the potentially sensitive nature of information stored on government devices, government policy on the management of third-party applications will be strengthened and a precautionary ban on TikTok on government devices is being introduced, according to a statement published on the UK government’s website. “Currently, there is limited use of TikTok within government and limited need for government staff to use the app on work devices. This decision is in line with similar restrictions brought in by key international partners, including the US and Canadian governments, and the European Commission.”

UK concerned over how data may be used by TikTok

“The security of sensitive government information must come first, so today we are banning this app on government devices,” Dowden said. “The use of other data-extracting apps will be kept under review. Restricting the use of TikTok on government devices is a prudent and proportionate step following advice from our cybersecurity experts.”

TikTok requires users to give permission for the app to access data stored on the device, which is then collected and stored by the company. Allowing such permissions gives the company access to a range of data on the device, including contacts, user content, and geolocation data, the government stated. “The government, along with our international partners, is concerned about the way in which this data may be used.”

Ban does not extend to personal devices, exemptions may apply

The ban does not extend to personal devices for government employees, ministers, or the general public, although the government urged all individuals to be aware of each social media platform’s data policy when considering downloading and using them.

“The ban on government devices applies to government corporate devices within all government departments. Specific exemptions for the use of TikTok on government devices are being put in place where required for work purposes. Exemptions will only be granted by security teams on a case-by-case basis, with ministerial clearance as appropriate, and with security mitigations put in place.” These exemptions will cover areas such as individuals working in relevant enforcement roles, or for example, for the purposes of work on online harms, according to the government.

Commenting on the ban, cybersecurity expert and partner at Red Goat Cyber Security, Lisa Forte, wrote: “I agree with the ban of Tik Tok — but why is it not applying to all the platforms? It’s a basic security principle of MDM. All social media apps are aggressive in their collection and really none of them should be on official government phones, full stop.”