TikTok Is Banned From British Government Phones

The British government has now officially banned the TikTok app from devices across government due to national security concerns. The Minister responsible, Oliver Dowden, confirmed the decision in a statement to Parliament on 16th March. "Given the particular risk around government devices, which may contain sensitive information, it is both prudent and proportionate to restrict the use of certain apps, particularly when it comes to apps where a large amount of data can be stored and accessed," he said

The app has been under increasing scrutiny over its security and data privacy, with major concerns it could be used to promote pro-China views and steal customer data. The ban applies to government corporate devices within ministerial and non-ministerial departments, but it will not extend to personal devices for government employees or ministers or the general public.

Britain's National Cyber Security Centre (NCSC) has advised that Chinese-owned video app be banned from government phones after the home Office minister, Tom Tugendhat, had asked government cyber security experts to look at the risks posed by TikTok. The announcement comes after Prime Minister Rishi Sunak said the UK would look at what the US, the EU and Canada have done in banning TikTok on government phones. 

“The ban will not extend to personal devices for government employees, ministers or the general public. That is because as I have outlined, this is a proportionate move based on a specific risk with government devices... However, as is always the case, we do advise individuals to practice caution online and consider each social media platform’s data policies before downloading and using them." Dowden said: 

Robert Huber, Chief Security Officer at cyber security platform Tenable has said "Overall this approach aligns with action taken by allies including the United States, Canada and the EU. Our security must always come first, and today we are strengthening that security in a prudent and proportionate way.” While here is active debate in various countries about whether to ban TikTok, but the fact is that there are hundreds of software applications used in government agencies that introduce risk, and unpatched known vulnerabilities that are the source of data breaches. 

“The key is for security leaders to understand their organisation's unique risk profile, discover where vulnerabilities exist and prioritise remediation efforts to root out those that could be the most harmful first." Huber said.

Last month, the European Commission ordered its 32,000 staff to remove the TikTok app from devices as soon as possible, and no later than 15 March. In March, the White House gave US government agency staff 30 days to remove the platform from their work devices. President Donald Trump attempted to introduce an outright ban, but it was later blocked in the courts. The Indian government was more successful, managing to ban 59 Chinese-made apps in 2020, including TikTok. 

Like most other social media companies, TikTok collects huge amounts of data on its users, such as their location and what other apps they have. However, because TikTok is owned by the Chinese tech company, ByteDance,, there have been concerns it could pass information on to the Chinese government. 

Faki Saadi, Director of Sales UK&I at enterprise mobility management specialist firm SOTI commented: “Any app that harvests the data you put into it should be treated with caution... TikTok being banned from UK government devices should act as a wakeup call to other organisations - do you have full visibility over the apps your employees have on their corporate devices? If not, perhaps now is the time to take stock.”

China's National Intelligence Law says all Chinese organisations should "support, assist and co-operate" with the government's intelligence efforts. Researchers at the Georgia Institute of Technology say the law also includes protections for the rights of users, and TikTok says Chinese staff cannot access the data of non-Chinese users. 

However, in December it emerged that several ByteDance employees had access to at least two US journalists' data and a "small number" of others, to track their locations and check whether they were meeting TikTok employees suspected of leaking information to the media.

TikTok says the employees who accessed the information were later dismissed. The British Parliament’s TikTok account was shut down last year after MPs raised concerns about the firm’s links to China. TikTok first launched in China in 2016 and by October 2020 had surpassed 2 billion mobile downloads worldwide. 

Channel News Asia:      ITPro:   Tenable:    Star:   Sky:   Standard:     Republic World:    BBC:       BBC:   

You Might Also Read: 

Chinese Internet Companies Required To Disclose Algorithm Data:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 










 

« Staying Secure In A Changing World
Crypto Company Loses $200m To Hackers »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

RSA Conference

RSA Conference

RSA Conference conducts information security events around the globe that connect you to industry leaders and highly relevant information.

FireMon

FireMon

FireMon is the only agile network security policy platform for firewalls and cloud security groups providing the fastest way to streamline network security policy management.

Superscript

Superscript

Superscript (formerly Digital Risks) is an insurance broker for small businesses, sole-traders, landlords and high-growth tech firms. Our services include Cyber Liability insurance.

Cybellum

Cybellum

Cybellum brings the entire product security workflow into one dedicated platform, allowing device manufacturers to keep the connected products they build cyber-secure and cyber-compliant.

Sage Designs

Sage Designs

Sage Designs is a provider of SCADA, Security & Industrial Automation products and training programs.

Axiad IDS

Axiad IDS

Axiad IDS is a Trusted Identity solutions provider for enterprise, government and financial organizations.

Cybertech

Cybertech

Cybertech Conference & Exhibition presents commercial problem solving strategies and solutions for the global cyber threat that meet the diverse challenges for a wide range of sectors.

FTAPI Software

FTAPI Software

FTAPI SecuTransfer is a software solution for end-to-end encrypted data exchange of large and sensitive data with customers and partners.

CounterCraft

CounterCraft

The CounterCraft Cyber Deception Platform fits seamlessly into existing security strategies and delivers high-end deception for threat hunting and threat detection.

Comcast Business

Comcast Business

Comcast Business keeps businesses ready for what’s next with powerful connectivity, advanced cybersecurity solutions, and the right people at your side.

Tromzo

Tromzo

Tromzo's mission is to eliminate the friction between developers and security so you can scale your application security program.

Intaso

Intaso

Intaso are a boutique head hunting and talent solution firm with specialist Cyber and Information Security expertise.

Telindus

Telindus

Telindus is the strategic IT partner for the flexible organization of the future. We build optimal IT infrastructure with four components: networking, cloud, cybersecurity and data & AI.

Credo AI

Credo AI

Credo have pioneered a Responsible AI platform that enables context driven, comprehensive and continuous governance, oversight and accountability of AI.

CarbonHelix

CarbonHelix

CarbonHelix provides cybersecurity services from US-based security operations centers that meet the highest compliance requirements.

Mitra Informatics Integration (MII)

Mitra Informatics Integration (MII)

Mitra Informatics Integration is the information communication technology solution business of the Metrodata Group.