TikTok Is Banned From British Government Phones

The British government has now officially banned the TikTok app from devices across government due to national security concerns. The Minister responsible, Oliver Dowden, confirmed the decision in a statement to Parliament on 16th March. "Given the particular risk around government devices, which may contain sensitive information, it is both prudent and proportionate to restrict the use of certain apps, particularly when it comes to apps where a large amount of data can be stored and accessed," he said

The app has been under increasing scrutiny over its security and data privacy, with major concerns it could be used to promote pro-China views and steal customer data. The ban applies to government corporate devices within ministerial and non-ministerial departments, but it will not extend to personal devices for government employees or ministers or the general public.

Britain's National Cyber Security Centre (NCSC) has advised that Chinese-owned video app be banned from government phones after the home Office minister, Tom Tugendhat, had asked government cyber security experts to look at the risks posed by TikTok. The announcement comes after Prime Minister Rishi Sunak said the UK would look at what the US, the EU and Canada have done in banning TikTok on government phones. 

“The ban will not extend to personal devices for government employees, ministers or the general public. That is because as I have outlined, this is a proportionate move based on a specific risk with government devices... However, as is always the case, we do advise individuals to practice caution online and consider each social media platform’s data policies before downloading and using them." Dowden said: 

Robert Huber, Chief Security Officer at cyber security platform Tenable has said "Overall this approach aligns with action taken by allies including the United States, Canada and the EU. Our security must always come first, and today we are strengthening that security in a prudent and proportionate way.” While here is active debate in various countries about whether to ban TikTok, but the fact is that there are hundreds of software applications used in government agencies that introduce risk, and unpatched known vulnerabilities that are the source of data breaches. 

“The key is for security leaders to understand their organisation's unique risk profile, discover where vulnerabilities exist and prioritise remediation efforts to root out those that could be the most harmful first." Huber said.

Last month, the European Commission ordered its 32,000 staff to remove the TikTok app from devices as soon as possible, and no later than 15 March. In March, the White House gave US government agency staff 30 days to remove the platform from their work devices. President Donald Trump attempted to introduce an outright ban, but it was later blocked in the courts. The Indian government was more successful, managing to ban 59 Chinese-made apps in 2020, including TikTok. 

Like most other social media companies, TikTok collects huge amounts of data on its users, such as their location and what other apps they have. However, because TikTok is owned by the Chinese tech company, ByteDance,, there have been concerns it could pass information on to the Chinese government. 

Faki Saadi, Director of Sales UK&I at enterprise mobility management specialist firm SOTI commented: “Any app that harvests the data you put into it should be treated with caution... TikTok being banned from UK government devices should act as a wakeup call to other organisations - do you have full visibility over the apps your employees have on their corporate devices? If not, perhaps now is the time to take stock.”

China's National Intelligence Law says all Chinese organisations should "support, assist and co-operate" with the government's intelligence efforts. Researchers at the Georgia Institute of Technology say the law also includes protections for the rights of users, and TikTok says Chinese staff cannot access the data of non-Chinese users. 

However, in December it emerged that several ByteDance employees had access to at least two US journalists' data and a "small number" of others, to track their locations and check whether they were meeting TikTok employees suspected of leaking information to the media.

TikTok says the employees who accessed the information were later dismissed. The British Parliament’s TikTok account was shut down last year after MPs raised concerns about the firm’s links to China. TikTok first launched in China in 2016 and by October 2020 had surpassed 2 billion mobile downloads worldwide. 

Channel News Asia:      ITPro:   Tenable:    Star:   Sky:   Standard:     Republic World:    BBC:       BBC:   

You Might Also Read: 

Chinese Internet Companies Required To Disclose Algorithm Data:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 










 

« Staying Secure In A Changing World
Crypto Company Loses $200m To Hackers »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

La Playa

La Playa

La Playa is an award-winning independent insurance broker offering specialist cover in areas including cyber and privacy.

Cifas

Cifas

Cifas are leaders in fraud prevention, working closely with UK law enforcement partners.

Italian Association of Critical Infrastructure Experts (AIIC)

Italian Association of Critical Infrastructure Experts (AIIC)

AIIC acts as a focal point in Italy for expertise on the protection of Critical Infrastructure including ICT networks and cybersecurity.

Repository of Industrial Security Incidents (RISI)

Repository of Industrial Security Incidents (RISI)

RISI is a database of cyber security incidents that have (or could have) affected process control, industrial automation or SCADA systems.

IT Security House

IT Security House

IT Security House is a leading European supplier of Cyber Security Intelligence and eCrime services.

Arctic Wolf Networks

Arctic Wolf Networks

Arctic Wolf Networks delivers the industry-leading security operations center (SOC)-as-a-service that redefines the economics of cybersecurity.

PeckShield

PeckShield

PeckShield is a blockchain security company which aims to elevate the security, privacy, and usability of entire blockchain ecosystem by offering top-notch, industry-leading services and products.

Liberty Mutual

Liberty Mutual

Liberty Specialty Markets offers specialty and commercial insurance and reinsurance products, including Cyber, across the USA, Europe, Middle East and other international locations.

Brace168

Brace168

Specialising in Cyber Security incident identification and response, Brace168 is uniquely positioned to provide a vast experience in managed security services to meet the needs of all business types.

Epiphany Systems

Epiphany Systems

Epiphany enhances your defensive security controls by providing you with an offensive perspective. We expose the most likely attack paths to your most critical IT assets and users.

KT Secure

KT Secure

KTSecure’s mission is to provide proven and productive cyber security solutions and managed services, backed by our highly qualified and passionate team of experts.

Identity Management Institute (IMI)

Identity Management Institute (IMI)

Identity Management Institute (IMI) provides professional training and certification in cyber security with a focus on identity and access management, identity theft, and data protection.

Topsec Cloud Solutions

Topsec Cloud Solutions

The Topsec Managed Email Security Platform eliminates Spam, Viruses, Malware, and Phishing.

Quartz Network

Quartz Network

Quartz Network is a curated community for change-makers, up-and-comers, and professionals who are ready to grow, adapt, and thrive.

VMware

VMware

VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control.

TriCIS

TriCIS

TriCIS design and engineer highly secure integrated solutions that meet the highest government and military security standards, providing information assurance to organisations across the globe.