This report lack a lot of technical information. What counts as "personal information"? What did they send exactly? Is sending app analytics count as personal information? Why don't you hold American software companies to the same level of rigor?
Case in point, almost all apps on my Android phone snoops on my "personal information"; Google literally knows where I am all the time; Facebook SDK snoops on the apps I use, and justify the collection of the data with "better personalization of services"; WhatsApp (owned by Facebook) vacuuming contacts off my phone; LinkedIn snoops on my clipboard etc.
Made a (very) brief scan of the filing. The notable personal information mentioned: phone/social network contacts, MAC, IMEI, IMSI, device serial #, browsing history, cookies, "metadata", location. Pretty par for the course. (I'm not sure "browsing history" and "cookies" is correct, at least on Android versions after KitKat.) I believe you'd need to give permission for most (all?) of these before you download the app, or when you run it the first time.
The filing also makes these claims regarding video uploads:
>Once TikTok users click the “next” button, but before they click either the “save” or “post” buttons, their videos are transferred from their devices to the following domain owned and controlled by Defendants: [...]
Not very damning.
---
In the end, the concern is solely that the Chinese government may have access to the data, or may be able to upload exploits to users. This may be a reasonable fear. But people need to stop pretending TikTok's data collection is somehow worse than that of any other data-hoarding apps (Snapchat, Facebook, etc).
Case in point, almost all apps on my Android phone snoops on my "personal information"; Google literally knows where I am all the time; Facebook SDK snoops on the apps I use, and justify the collection of the data with "better personalization of services"; WhatsApp (owned by Facebook) vacuuming contacts off my phone; LinkedIn snoops on my clipboard etc.