Does ITC block Tik Tok | The short answer is – yes.
I was asked by a fellow employee if our IT network blocked TikTok because she had read a recent article about the Federal/State governments and university bans. The underlying issue is data collection and the lack of privacy safeguards, lack of media regulation, lack of consumer protection, and lack of fundamental data policies. Unfortunately, banning TikTok is security theater as it doesn’t address the underlying issues. But wow do tons of sites use analytics.tiktok.com. ITC IT is seeing a ton of blocked messages (likely you are, too!).
From the Government perspective, TikTok is a foreign national-owned company collecting data on US persons and with wide-open service terms that include access to any device on the network the user is attached to. This is actually pretty scary. The actual underlying problem is that TikTok isn’t alone in how they collect data and the government doesn’t have policies around consumer protection of the data. Blocking Tik Tok does not prevent them from getting the data, they just buy it from any one of the hundreds of other applications that do the same thing.
Historically, the United States prioritized profits over the protection of personal data. We lightly reprimand companies for data breaches (T-Mobile alone has been breached eight times in five years not to mention the hundreds of other consumer breaches). Congress has not provided meaningful data privacy regulation for telecom and other media companies. Currently, the FCC and the FTC are not in a position to regulate – for example, FCC has been stuck waiting on an approved appointee to block a political deadlock for the past two years.
Where do we go from here | We need constituent and congressional support for meaningful privacy laws.
How can ITC help | What are we doing as a tech-focused company absent privacy laws
- We are faithful and trustworthy stewards of data.
- We build our own privacy frameworks.
- We protect data better through good design, consistent security practices, and use of encryption.
- We set internal data policies that examine our collection and use of PII (or even whether we even need the data).
- We support responsible and ethical AI models, and investigate biases in the models we create and in the sources of data.
- We build our networks and APIs with zero trust in mind.
- We build security and risk frameworks that are consistently examined and probed for improvement.
- We are rigorous and transparent in our failings and hold ourselves accountable when we make mistakes.
We set the example