In the wake of a global data privacy crisis, the Senate has asked the Standing Committee on Information and Technology to look into strategies that will protect Kenyans from the security “loopholes” of Tik Tok.

“Standing committee on information and technology to work with other government agencies to come up with policies and legal framework to ensure safe usage of such applications and safeguard the metadata of Kenyans that is being collected by the TikTok application,” said Nominated senator Iman Falhada Dikow.

In a statement presented by Senator Dikow, the application has question marks over the safety of user data, an issue that is facing TikTok in many parts of the world.

“There has been a serious allegation against the application on the issue of data privacy. The application gathers information on the user’s country location, internet address and type of device if allowed. It will also ascertain the user’s exact location, contacts and other social media network connections as well as age and phone number,” said senator Dikow.

The senator alleges that the user’s information collected by TikTok is used to create a profile of the user and not target advertisement as users presume. It is the same idea of user profiling and behavioural prediction that a new Netflix documentary, The Social Dilemma explores. In the documentary, users are the product and their attention and data are sold to advertisers so that manipulative and persuasive messages can be tailored based on their interests.
Senator Mwaura Isaac Maigua also argued that the policies suggested on social media privacy should not be limited to TikTok but apply to all other social media applications.

“The same issue also includes other applications such as Facebook, Twitter and others… But let’s not let this be another way of seeing a trade war like that witnessed between iPhone and Huawei in the United States,” said Mwaura.

The senator also asked that the move to investigate TikTok shouldn’t be motivated by the fact that China has become an economic power that has taken over major markets once controlled by the united states.

“It’s not right to say that only one app from one specific country has issues with the privacy of data. Let us remember very well that it’s in this country that a company called Cambridge Analytica that was used to influence the elections,” argued senator Mwaura.

However, TikTok has engendered its own problems after Check Point Research, one of the leading cyber-threat intelligence found vulnerabilities with the applications that were later resolved last month.

“The application is also alleged to understand the user’s area, what they like, find funny and what they say to their friends.  Hackers who could cause all kinds of harm to an individual can also access this data easily,” said Senator Dikow.

According to the Check Point website, some of the vulnerabilities could allow attackers to; Get hold of TikTok accounts and manipulate their content, delete videos, upload unauthorized videos, make private “hidden” videos public, reveal personal information saved on the account such as private email addresses.

The research also established it was possible to send an SMS message to any phone number on behalf of TikTok. This means that attackers can easily send messages to the user.

Available in over 150 markets and used in 75 languages, TikTok has come become an app that even the word “popular” can’t contain. Used mostly by teenagers and people in their 20s to create short videos, the App has also been one that has attracted a lot of attention to security issues.

In August US President Donald Trump gave an executive order to ban the company in 45 days all in an effort to coerce the sale of the app to an American country. 

Currently, TikTok is under investigation by the British Information Commissioner’s Officer to ascertain whether its in line with European privacy laws. In the United States, the Trump administration is also meant to review a proposed deal that will see the headquarter of TikTok be located in the U.S while Oracle (American multinational computer technology corporation) hosts the companies user-data and code for security. The company has also been banned in India.