TikTok has your data even if you’ve never used the app: Report

A ban on TikTok in the United States or a sale of the app by its Chinese owner, ByteDance, will not resolve national security concerns or concerns that TikTok could be used to siphon off Americans’ data, according to a new report on cybersecurity obtained by ABC News.

The report, from cybersecurity firm Feroot, says the app still has your data even if you’ve never used TikTok. And it collects and transfers this data whether or not the app is deleted, according to the report.

“TikTok can be present on a website in just about any industry in the form of TikTok pixels/trackers,” the report states. “In many cases, the pixels/trackers begin executing immediately and have little or nothing to do with the website owner’s immediate activities.”

According to Feroot, webpages associated with everything from airlines and e-commerce sites to tech companies and state and federal governments are riddled with TikTok trackers called pixels, which are part of the code that loads in your browser. from various websites. They immediately connect to data collection platforms that collect users’ usernames and passwords, credit card and banking information, and personal health details.

MORE: Biden administration urges Chinese TikTok owners to divest their stake or face US ban

Sites that require logins and authentications may think they’re adding a layer of security, but TikTok’s pixels simply collect those names, passwords and passcodes along with other data, according to Feroot.

The pixels transfer data to locations around the world, including China and Russia, often before users have a chance to accept cookies or provide consent, according to the Feroot report.

TikTok isn’t the only company using its pixels on the internet. The report revealed that Google, Meta and Microsoft, among others, use these trackers.

MORE: House panel votes to advance bill allowing Biden to ban TikTok

The company told ABC News on Thursday that since June, all new US user data has been routed to the Oracle cloud, and since October, access to this secure environment is limited to TikTok US Data Security employees; Today, these employees manage all access to US user data.

A TikTok spokesperson told ABC News this week amid the Biden administration’s call for ByteDance to divest itself of the app, “The best way to address national security concerns is with the protection transparent and US-based US user data and systems, with robust third-party monitoring, control and verification, which we are already implementing.”

TikTok said it would continue to move forward with a plan called “Project Texas” to protect US user data while it assesses the administration’s position.

Elizabeth Schulze of ABC News contributed to this report.