What does the TikTok government ban in Australia mean for my small business?
Doctor Digital Says
TikTok will be banned on all Australian Commonwealth government devices, including phones and computers, following an order from Prime Minister Anthony Albanese. Other State governments have followed suit, including Tasmania, Victoria and the ACT. NSW is currently considering its options.
If you aren't across TikTok, it's a popular social media platform that allows users to create and share short videos. It has become a widely used tool for businesses, particularly small businesses, to reach new customers and build their brand, and has moved from being mainly used by a younger audience to a broad demographic globally. With its large and engaged user base, TikTok is a powerful tool for promoting products or services, and for building a community around a brand for many small businesses and influencers.
Global efforts to ban TikTok—owned by the Chinese firm ByteDance—have ramped up in recent months, as the app faces increased scrutiny amid fears the Chinese government could access users’ data. Similar decisions have recently been made by governments in the United States, Canada, the United Kingdom and New Zealand and the app is already banned in India and other nations.
While most of the Government focus has been on TikTok alone, the Australian Government Department of Home Affairs is undertaking a review of the security risks of all social media platforms and the correct government settings for using them, which could have a far more significant impact given the widespread use of social platforms now to reach people and advise of a range of Government programs and actions. Any kind of restriction may have some of the impacts discussed here when Facebook news was temporarily banned during a dispute with the Australian Government in 2021. But back to TikTok.
Governments around the world, including the Australian government, have expressed concerns about the data that TikTok is collecting, how that data is being used and who by. TikTok collects a wide range of data on its users, including information about their location, device information, browsing history, and content preferences. This data is used to personalize the user experience and to deliver targeted advertising. It’s no secret that social media platforms are collecting our personal data and using it to generate targeted advertising toward the end user. When you sign up for any social platform, you typically read and accept a data-collection policy that allows that platform to collect your data. However, TikTok’s data collection seems to be going above and beyond what one should expect when they accept these policies.
There is concern by Government that TikTok's data collection practices could be used to compromise national security or infringe on individual privacy rights, driven by concerns that TikTok's parent company, ByteDance, could be compelled by the Chinese government to share user data. Because the app can track location (and even keystrokes), stored information like login credentials and credit card data can also be vulnerable to hackers. Some of the additional data collected by TikTok that has red-flagged security concerns include:
- Collection of sim card manufacturer and provider information
- Collection of fine-grain GPS location
- Remotely enable-able higher-grained detail data monitoring
- Collection of cell-network information
- Potential ability to detected rooted/jailbroken devices
It's in response to these concerns that the bans and restrictions on TikTok have occurred. The United States government has sought to outright ban TikTok over national security concerns. Australia has largely taken a more cautious approach, calling for greater transparency and oversight of TikTok's data collection practices while acknowledging its national popularity, only banning the app from being used on Government devices for now.
How will the ban impact you if you use your TikTok account for business? Government employees aren't being banned from using TikTok on their personal devices, so it's mainly going to impact businesses that are B2G where TikTok is a primary means of communication and marketing. It's fair to say this would be a pretty narrow market in Tasmania. Where the Government is using push marketing to connect with people, sectors and communities via TikTok, their channels will have to switch back to less controversial social platforms and Government websites.
Now the government is acting on its cybersecurity concerns, do you need to ban TikTok in your business? Not necessarily. But you do need a solid cybersecurity plan in place. Once you know you have covered off on the main risks (see our handy checklist) the next step is to understand how TikTok factors into your digital marketing strategy and what solid mitigations are in place for your business, including knowing the risks and impacts to your business as usual if TikTok did get banned more broadly. Like any social media platform, if it is your primary channel to connect with customers, there is an inherent vulnerability to your business which is helpful to consider when managing how to spread your risk across a diverse set of platforms.
Overall, the concerns about TikTok's data collection practices highlight the need for companies to be transparent about how they collect and use data, and for governments to have the tools and resources to regulate and oversee these practices. Australian companies, including banks and telcos, openly state in their privacy policies that they share Australian user information with employees and third parties around the world, including China. Companies collect sensitive data like financial information, medical records, legal information and far more than is collected by TikTok. As recent significant data hacks in Australia have shown, corporations, governments and consumers all need to be alert to cyber risks and the data they are sharing.
While the focus from the Australian Government remains on limiting the app exposure in Government, small businesses need to remain aware of any risks posed by the concentration of their marketing focus into a single platform and losing access to their audience if further bans happen.
While as stated there is no wider ban on TikTok for businesses or citizens in Tasmania or nationally, it is suggested that TikTok users consider the way they manage their security and content when using the platform. The following advice was provided to the Tasmanian Government public service staff from the Australian Signals Directorate (ASD) when using TikTok as below and can be used as a guide for some basic security protocols for your business:
- do not use it on a phone that can access any official information (email clients, MS Teams, passwords, personal identifying data),
- if a phone does have TikTok installed, keep the phone away from any sensitive conversations,
- remove metadata (such as location information) from photos and videos before uploading them to TikTok.
(Current at 12 April 2023.)
Need to get your cybersecurity for socials sorted? Why not start with our Digital Ready Fundamentals course, designed to give you all you need to get on track in a quick, easy, actionable video format. Then go deep with some one on one Digital Ready coaching experiences and you will be safe and sound across all your business arenas.