An analysis of one of the previous versions of TikTok showed that the app had been collecting user data for at least 15 months, but this stopped in November 2019. This policy is against the rules of the Google Play store, which banned the collection of MAC addresses in 2015. Security experts told the WSJ that the TikTok developers used “an atypical extra layer of encryption” to hide their tracks.

Talking to Business Insider, a TikTok spokesperson said the company is committed to keeping users safe and therefore recommends downloading the latest version of the app. He noted that the current version does not collect MAC addresses. Google announced plans to conduct an audit of the incident.

Concerns stem from the fact that MAC addresses are a permanent feature of devices that cannot be replaced. Presumably, with their help, ByteDance (which owns TikTok) can track users’ actions, even if they have changed their privacy settings. The scope of the information collected is not disclosed. According to Google Play, the TikTok app has been downloaded over a billion times. Sensor Tower claims the share of US users was around 89 million.

The WSJ has published an investigation against the backdrop of Donald Trump’s order to ban TikTok and WeChat in the United States. He said that the work of Chinese services threatens the country’s national security.