Why TikTok Pixel Spyware is deceitful and just plain wrong

TikTok Pixel Spyware is wrong for oh, so many reasons. First, it is deceitful – you did not knowingly consent to it spying on you. Second, it has far wider ramifications for data harvesting and possibly ending up in the hands of a foreign government.

So much so that the Australian Privacy Commissioner has launched an inquiry into the TikTok Pixel Spyware and harvesting of Australians’ personal data without their consent. An inquiry is to determine the need for a formal investigation.

Here is what we know about the TikTok Pixel Spyware scandal

TikTok places a transparent pixel (also called an HTML code snippet or tag) on your screen that you cannot see. It is one of about a million, and it is forced on you regardless of whether you have the App, look at a TikTok video or visit its website. If you:

  • View the video; it hides in a temporary folder on your device and remains active.
  • Visit the website using default browser security settings; the page is cached on your Android/iOS smartphone, tablet or Mac/PC. It remains active.
  • Visit other websites – it tracks you all over the web.
  • Have the App – you are fair game for TikTok

TikTok readily acknowledges that it is a ‘secret weapon’ for its advertisers. But all data collected is stored on its servers – wherever they may be.

The Pixel is a container for code. It tracks all website visits and transmits data like user, email address, location, who you call, access the device’s metadata and more. The problem is there is no stopping nefarious actors from developing more harmful Pixels.

In short, it is like someone placing a listening bug at home, tracking you with a GPS tag and more – all without your knowledge or consent. TikTok argues that it can do so as you accept its terms of use and privacy policy. The problem is that 99.99% of you never read that.

TikTok’s response – predictable

A TikTok spokesperson denied the pixel breaches Australia’s privacy laws.

The accusations are an attempt to mislead or scare companies without regard to current law or the information available. Pixel usage, which is voluntary for our advertising clients to adopt, is an industry-wide tool used to improve the effectiveness of advertising services. Our use of this tool is compliant with all current Australian privacy laws and regulations, and we dismiss any suggestion otherwise.

We say there is no independent way for consumers or privacy researchers to verify such statements.

Scandal or Legitimate?

Unfortunately, this practice is widespread with Facebook, Amazon, Kogan and millions more local and global e-commerce sites now using Pixels. It circumvents Google Chrome phasing out third-party cookies from 4 January 2024. But it is more insidious and not as easy to remove as a cookie. You did not think advertisers, et al., would give up hoovering your data that easily, did you?

The Australian Government has concerns about data harvesting by TikTok’s parent company, ByteDance, and its ties to the Chinese Communist Party. It banned the app from government devices and asked users to find alternative short video outlets. The Australian Government must act to reinforce its privacy legislation.

There is an interesting read here.

What can you do to stop this devious TikTok Pixel Spyware?

Dump any browser based on Chrome – Microsoft Edge and Google Chrome

The default settings allow all forms of Pixels, trackers and Cookies. We strongly recommend using Firefox (Windows, Android, macOS and iOS) and installing the free Ghostery – a pixel/cookie/tracker blocker. Some websites refuse to load when tracking is stopped, and Ghostery is very easy to pause. Other extensions you can try are AdBlocker or Disconnect.

TikTok home page has four TikTok Byteoverse.com (Chinese parent company trackers), six TikTok.com trackers, and 13 TikTokV.com trackers.

Tighten your browser security settings.

Regardless of which browser you use, change your browser’s privacy settings. A lot of browsers have built-in controls you can use to block trackers, including cookies, pixels, and other technologies. Open your browser’s preferences or settings, and you’ll usually find the controls in the privacy section. 

Pixels are also in emails

If you use Firefox and Webmail (view your email via the browser) install Webmail Ad Blocker.

If you use Outlook 365 client, you can set it to block any images from download. That is a pain, as you may want to see the images. Ditto for Apple’s email client.

A good read here.

Clean your device regularly

If you use Windows, the free Wise Disk Cleaner and Wise Registry Cleaner can remove Internet histories, cache files, and cookies of Internet Explorer, MS Edge, Chrome, Firefox, Opera, Safari and other browsers. CyberShack has used these products for over a decade, and they are free from spyware and work extremely well. There are different levels of cleaning – we use the most extreme settings, but you may want to start at lower levels.

CCleaner – clean, optimise and tune your PC, Android and more is a paid product and offers more features. Using the extreme settings can cause issues with sites that rely on cookies to recognise you – at worst, it may require site authentication.

CyberShack TikTok news