Korea Communications Commission on Monday said that the Korean government launched an investigation into the Chinese video platform TikTok, after allegations that the popular social media app sent its users’ personal information to the Chinese government.
A KCC official, who supervises media regulations, stated, “The KCC launched an investigation into TikTok for claims of a personal information leak.” The official added, “After discussing with TikTok, we will soon also conduct an on-site investigation.”
The China-based app enjoys its global popularity, allowing users to share their stories in 15 to 60-second videos. The platform has been downloaded 1.5 billion times since its release in 2016, becoming one of the most popular social media apps internationally.
In other parts of the world, however, the video-sharing app has been criticized for poor management of user’s information. The U.S. Federal Trade, in February, slapped Bytedance, operator of the app, a fine of $5.7 million (6.6 billion won). TikTok failed to acquire parental agreement before obtaining personal information of children, violating children’s privacy laws.
The U.S. Navy treated the media platform as a “cybersecurity threat.” The naval warfare service branch of the U.S. Armed Forces banned TikTok from mobile devices issued by the government.
The KCC official said, “The KCC decided to launch the investigation after Rep. Song Hee-kyeoung of the Liberty Korea Party pointed out the potential cybersecurity matters of TikTok.”
Representative Song raised questions in October during a National Assembly hearing over the app’s proper handling of personal information. The company initially shares user’s information, such as location data to the Chinese government. Smartphone SIM cards store users’ data.
The Chinese owned app accumulated 4 million users in Korea, generally teens. According to Song, while other countries are placing measures to discipline TikTok or moving to ban it altogether, Korea has not taken action to ensure the security of the users.
Korea’s Personal Information Protection Acts states that internet service providers must secure consent from legal representatives if the providers want to collect email addresses, names, and other personal data of children.