TikTok Controversy: How to Block TikTok & Why It Was Banned (2022)

UPDATE JUNE 2022:

  • Leaked audio from 80 internal TikTok meetings allegedly shows that US user data has been repeatedly accessed from China | Learn More
  • TikTok acknowledged in a letter to senators that its non-U.S. employees had access to data of U.S. users.
  • The company, which is owned by China’s ByteDance, told lawmakers in June 2022 that it’s working to protect that data.
  • TikTok said it’s now storing all U.S. data by default in Oracle’s cloud infrastructure. | Learn More
  • TikTok’s June 2022 letter to several US senators regarding their data governance practices

In 2020 data security and privacy concerns led the US Military, India, and other government entities to ban TikTok.

Later, the Biden government reversed former President Trump’s executive order to ban TikTok in the US in June of 2021

But for employers with privacy, security, company reputation, and productivity concerns there may be desired to prevent employees from using TikTok at work.

In this article, you will learn how to block TikTok on both mobile devices and computers, why TikTok was banned, whether or not TikTok is safe to use, and how TikTok has responded to the controversy. 

Start Blocking Websites Today
Learn More
Table of Contents

Click to Show / Collapse


What is TikTok, Anyway? How Does TikTok Work?

TikTok is a video-sharing social media app owned by ByteDance, a Chinese internet technology company. Users of the app film vertical short-form videos ranging from dances, lip-syncing, comedy skits, and other creative clips. 

According to a report from Sensor Tower, as of February 2020 TikTok had been downloaded nearly 2 billion times since its launch in 2012. ByteDance also operates a China-exclusive version of TikTok known as Douyin.

TikTok’s main feature is its For You Page, which is an algorithm-driven feed of curated content that is unique to each user of the app. The TikTok algorithm studies each users’ engagement patterns (likes, shares, watch time, comments, etc) to understand what content they are most interested in so it can serve them relevant content. 

Should I Let My Employees Use TikTok in the Workplace?

There’s no doubt that TikTok is used in the workplace by employees. Viral videos of employees performing dances and comedy skits while in uniform or sharing insights into their day-to-day work life are quite popular on the app. 

Whether or not you decide to enforce a ban of the app on company-provided devices will depend on a few factors

Should you block employees from accessing TikTok in the workplace?

  • Productivity: Employers with productivity concerns should know that while TikTok is available through web browsers, it is most commonly used as a mobile phone app. Employees using personal devices in the workplace could be using TikTok during working hours using their own data plans.
  • Privacy & Security: Every additional app on a mobile device increases the potential attack surface. On company-provided devices, there may also be cause for concern regarding the data that TikTok and other apps are able to collect and share with third parties. 
  • Company Reputation: While most TikTok videos of employees in uniform are well received, from a brand reputation perspective there may be concerns that employees will not represent their company in a professional manner.

How to Block TikTok

For employers that would like to follow suit with India and the US military, there are ways of enforcing the ban of TikTok on company-provided devices.

  • Website Blocking Software: Block access to TikTok on laptops and workstations by adding domains related to TikTok to the block list of your web filter.
  • Internet Monitoring Software: You can find out whether or not TikTok is being used on your computers with an internet usage monitor that reports the websites visited by employees. With BrowseReporter you can even set email alerts to notify designated personnel when unwanted sites are accessed.
  • Block Mobile Apps: For company-provided cell phones, a mobile device management solution can be installed to enforce the blocking of the TikTok app and monitor user activity for attempts to bypass application policies.
  • Acceptable Use Policies: An acceptable use of technology policy will set clear expectations regarding the use of TikTok in the workplace. In the policy you can include guidelines for representing the company on social media and whether or not the app is permitted for use during work hours.

These very same practices will apply when you decide to block any other potentially dangerous applications and block websites in the workplace.

Block TikTok on Computers

Need to restrict internet access in your network? In this tutorial you will learn how to block websites using a free trial of BrowseControl, CurrentWare’s web content filtering software.

With BrowseControl you can…

Block websites based on URL, category, domain, or IP address

Schedule unique internet restrictions throughout the day 

Assign custom policies for each group of computers or users,

and enforce internet usage policies, even when devices leave the network

There are 3 ways to block employee internet access with BrowseControl

1) Block access to specific websites with the Block List

2) Restrict internet access to only certain sites with the Allow List 

3) Using the Category Filtering feature you can block access to content categories such as Porn, Virus Infected, or Social Media 

For complete control over internet and application use in your network, you can combine BrowseControl with BrowseReporter, CurrentWare’s internet monitoring software.

All right, let’s get started.

To begin, sign up for a free trial of BrowseControl at CurrentWare.com/Download. After filling out the form you will be provided with the files you need to get started with BrowseControl.

To install BrowseControl, run CurrentWare.exe on the administrator’s computer and follow the installation instructions; this will install the CurrentWare Console and Server. 

After that, deploy the CurrentWare Client Setup file (cwClientSetup.exe) on all of the computers you would like to control. 

From there you can import your Active Directory organizational units or manually create your desired policy groups.

For full installation instructions, please visit our knowledge base at CurrentWare.com/Support. 

Now that you have BrowseControl installed, I’ll show you how to block specific websites based on their URL, domain, or IP address with the URL Filter.

This feature can be used to block your employees from accessing distracting websites like Facebook, TikTok, or Instagram.

First, decide whether you want to control internet access based on users or computers and select the desired mode.

Next, click on the URL Filter then select “Blocked List”

From the drop-down menu, select the group of computers or users that you want to restrict

Enter the URL, domain, or IP address of the websites you want to block to the master URL list, then press the Enter key or click “Add”. 

BrowseControl will apply a wildcard to the URL, ensuring that any paths within the domain will be blocked as well.

In the master URL list, select the websites you want to block for the chosen group, then click “Add to Blocked List”.

If you would like to add the selected websites to the block list of multiple groups, you can press the drop-down arrow and select “add to multiple groups”, select the desired groups, then click “add to blocked list”

If you have a large number of websites you would like to block, you can also use the import feature to import an existing list.

Finally, click “Apply to Clients”.

That’s it! You have now blocked your employees, students, or patrons from accessing those specific websites. 

Next, I’ll show you how to restrict internet access to only certain sites.

This feature is ideal if you want to prevent your employees, students, or patrons from accessing websites that are not explicitly allowed by your organization.

The process is identical to how you would block a website, except this time you will set the internet to “off” and add the websites you would like to allow to the Allow List.

With this method, your users will only be able to access the exact websites that have been approved by your company.

Here are the full instructions.

First, decide whether you want to control internet access based on users or computers and select the desired mode.

Next, click on the URL Filter, then ensure that “Allowed List” is selected

From the drop-down menu, select the group of computers or users that you want to restrict

Next, set the internet to “Off”. This will ensure that only the websites that are added to the allowed list can be accessed.

Enter the URL, domain, or IP address of the website you want to allow to the master URL list, then press the Enter key or click “Add”. BrowseControl will apply a wildcard to the URL, ensuring that any paths within the domain will be allowed as well.

In the master URL list, select the websites you want to allow for the chosen group, then click “Add to Allowed List”

If you would like to add the selected websites to the Allowed list of multiple groups, you can press the drop-down arrow and select “Add to Multiple Groups”, select the desired groups, then click “Add to Allowed list”

If you have a large number of websites you would like to allow, you can also use the import feature to import an existing list.

Finally, click “Apply to Clients”.

Next, I’ll show you how to block websites based on content categories such as Porn, Virus Infected, and Social Media 

With BrowseControl’s category filtering feature you can block billions of websites across over 100 URL categories. More than 10,000 new domains are added each day, making it simple to restrict internet access even as new sites emerge. 

Here’s how:

First, decide whether you want to control internet access based on users or computers, then select the desired mode.

Next, click on “Category Filtering”

From the drop-down menu, select the group of computers or users that you want to restrict

Select the web content categories you would like to block, then click “Add to Blocked List”

Finally, click “Apply to Clients”.

That’s it! 

The Allow List can also be used in tandem with the Category Filtering feature to allow websites that would otherwise be blocked based on their content category. 

For example, you could use the Category Filtering feature to block Social Media while still allowing access to LinkedIn.

Now that you’ve seen the 3 key ways you can block a website with BrowseControl, I’d like to show you how to restrict internet access at certain times.

With BrowseControl’s Internet Scheduler you can schedule custom block or allow lists throughout the day. 

This feature will bring some flexibility to your internet restriction policies; in this example, we will allow our employees to browse the internet during lunchtime.

Here’s how to use the internet scheduler

First, decide whether you want to control internet access based on users or computers and select the desired mode.

Next, click on “internet scheduler”

From the drop-down menu, select the group of computers or users that you want to restrict

Next, click “New Schedule”

Set the start and end time of the schedule. Then, select the schedule type.

Internet On will allow internet access to all websites that are not on the URL Block List

Custom allowed list will only allow access to specific websites.

Custom blocked list will block access to a specific list of websites and allow access to the rest of the internet.

Custom Category blocked list will block specific categories and allow access to the rest of the internet.

Next, set your desired schedule frequency.

Daily will enable the schedule every day during the specified time period.

Weekly will enable the schedule only on specific days of the week.

Monthly will enable the schedule only on specific months.

Next, click “Add Schedule”.

If you selected one of the custom block or allow list options, you can click the link provided under the “schedule type” column to set the websites or categories that you would like on the list.

And finally, click “Enable Scheduler” if it is not already enabled

That’s it for today. If you’re ready to start blocking websites you can get a free trial of BrowseControl at CurrentWare.com/Download. 

If you have any questions during your evaluation our support team is available to help you over a phone call, live chat, or email.

See you next time!

If you don’t have a web filter installed on your company computers, your users will have unrestricted access to TikTok at work. With BrowseControl you can block TikTok in the workplace to prevent employees from browsing the social media platform on company computers.

Get My Free Trial
Learn More

Instructions for Blocking TikTok With BrowseControl Web Filter:

  1. Download your free trial of BrowseControl
  2. Install the CurrentWare Console on the administrator’s computer
  3. Install the CurrentWare Client on your users’ computers
  4. In the CurrentWare Console, select BrowseControl > URL Filter, then select the users or computers that you want to prevent from accessing TikTok
  5. Add the URLs/IP Addresses used by TikTok to your Blocked List to block TikTok on your computers

Examples of domains used by TikTok:

  • tiktokv.com
  • tiktok.com
  • tiktokcdn.com
  • tiktok.org
  • TikTokcdn-com.akamaized.net
  1. To block all websites that mention TikTok in their URL you can add “TikTok” to BrowseControl’s Blocked List. BrowseControl will apply a wildcard, allowing you to simultaneously block the TikTok homepage along and TikTok’s CDNs. For more granular restrictions you can add the exact domains used by TikTok manually. BrowseControl web filtering software blocking TikTok with URL filter
  2. When your employees try to browse to TikTok on their computer, they will encounter a custom blocked message; this can be customized with your own message or automatically redirected to a different page.

Get My Free Trial
Learn More

How to Block the TikTok App on iPhones & Other Mobile Devices

Four teenagers on their smart phones texting.

While there is a browser-based version of TikTok, it is primarily a social media app. 

Any company that wants to prevent their employees from using TikTok on company devices needs to have a Mobile Device Management (MDM) solution in place.

Apple devices (iPhone/iPad) use enrollment profiles, configuration profiles, and payloads for MDM purposes. Users can enroll their own devices in MDM, and organization-owned devices can be enrolled in MDM automatically using Apple School Manager or Apple Business Manager.

Companies with Android users will also require an MDM solution to control what apps can and cannot be used on company devices.

Individual consumers can use mobile app blockers found in the app store for their respective manufacturers.

Further Reading:

Where Has TikTok Been Banned?

Bans of the popular social media platform amid privacy and security concerns were on the rise, with India’s banning being a high-profile example. 

  • India: On June 29, 2020, India banned over 59 apps with connections to China, including TikTok. These bans were stated to be related to national security issues. Many thought the TikTok ban was heavily motivated by deaths caused by the ongoing stand-off along the Line of Actual Control (LAC) in Ladakh between the Chinese PLA (People Liberation Army) and the Indian Army.
  • United States
    • January 2020: Branches of the US military enforce the banning of TikTok from all government-issued devices, strongly encouraging its members to refrain from using the app on personal devices.
    • February 2020: The Transportation Security Administration has banned employees from representing the company on TikTok when taking part in the agency’s social media engagement efforts.
    • August 2020: US federal employees are banned from downloading and using the app on government-issued devices—The TSA, Department of Homeland Security (DHS), and other entities follow suit over time.
    • August 2020: Then US President Donald Trump issues an executive order to ban TikTok, claiming that the Chinese government was using TikTok to collect data and private information from Americans. The order is later struck down by US courts.
    • June 2021: Biden reverses Trump’s executive order banning TikTok in the United States, opting to shift to a broader US government review of all apps with ties to “a foreign adversary,”
  • Australian Military: In January 2020 the Australian Defence Force (ADF) followed suit alongside the USA in banning TikTok from use on government-supplied devices.

While a ban was not considered in Europe, in June 2020, the European Data Protection Board (EDPB) announced that it would assembling a task force to examine TikTok’s user privacy and security practices; this came to be named the “TikTok Task Force”. 

This is the goal of the task force, according to a letter released by the EDPB in February 2021:
“…to enable its members to exchange information regarding any enforcement proceedings relating to TikTok’s compliance with the GDPR undertaken by the participating authorities. The EDPB is not conducting on its own any enforcement action, as this does not fall within its remit.”

Learn More: 

Is TikTok Getting Deleted in 2022?

The short answer is no, TikTok is not getting deleted in 2022. While there have been some rumours (or, rather, pranks) alluding to TikTok being shut down in 2022, the app is still going strong and has no plans to go offline. That said, TikTok has been legitimately banned in several countries over the years. The biggest market where TikTok is still banned in 2022 is India, with the ban taking place in 2020.

Despite the bans, TikTok has seen a meteoritic rise in popularity—it has toppled Google as the #1 most popular website of the year, according to a report by Cloudflare.

Why Did the United States Try to Ban TikTok?

There were growing concerns about data collection through TikTok such as facial recognition, location data, and A.I. based image scanning can be used for nefarious purposes should Bytedance be compelled to share that data with the Chinese government.

These concerns led some to wonder if TikTok is less of a social media app and more of a remote spying software to surveil foreign citizens.

US senators and data privacy advocates alike were concerned that the quantity of data collected by TikTok could potentially be shared with the Chinese government due to China’s history of data collection, monitoring the online activity of their citizens, and internet censorship (the “Great Firewall of China”). 

Due to the National Intelligence Law of the People’s Republic of China there were concerns that TikTok could be compelled to share user data with the Chinese government.

At the Social 2030 conference, it was revealed that Reddit’s CEO Steve Huffman considers the app to be remote spy software, with him stating “I actively tell people, ‘Don’t install that spyware on your phone’” and that he thinks that the app is “fundamentally parasitic”.

“I look at that app as so fundamentally parasitic, that it’s always listening, the fingerprinting technology they use is truly terrifying, and I could not bring myself to install an app like that on my phone”

Steve Huffman, Reddit CEO

Is TikTok Safe to Use?

Should TikTok be Banned?

After the attempted bannings called the security and privacy practices of TikTok into question, there have been several cybersecurity research projects dedicated to reverse engineering and studying the app.

In Summary:

  • At the time of testing, some of the researchers raised concerns regarding potential vulnerabilities of the app
  • From a data privacy perspective, some are concerned with the potential for TikTok to send user data to China
  • There were concerns regarding the data that TikTok is able to collect and share with third parties.
  • TikTok and Douyin do not appear to exhibit overtly malicious behavior; Citizen Lab did not observe either app collecting contact lists, recording and sending photos, audio, videos, or geolocation coordinates without user permission.
  • While TikTok collected many data items, overall they still fall within general industry norms for user data collection.

At the start of the controversy, TikTok released a statement clarifying their user data collection and sharing practices.

Where TikTok stores it’s US user data & it’s stance on Chinese law:

“We store all TikTok US user data in the United States, with backup redundancy in Singapore. Our data centers are located entirely outside of China, and none of our data is subject to Chinese law. Further, we have a dedicated technical team focused on adhering to robust cybersecurity policies, and data privacy and security practices.

TikTok’s stance on censorship and providing information to the Chinese government:

TikTok does not remove content based on sensitivities related to China. We have never been asked by the Chinese government to remove any content and we would not do so if asked. Period. Our US moderation team, which is led out of California, reviews content for adherence to our US policies – just like other US companies in our space. We are not influenced by any foreign government, including the Chinese government; TikTok does not operate in China, nor do we have any intention of doing so in the future.”

What Kind of Data Does TikTok Collect?

Based on the data that TikTok claims to collect, it is in par with other social media apps in terms of the data it collects about its users, their usage habits, and their devices.

“TikTok is essentially malware that is targeting children”

Statement by Reddit user bangorlol after reverse-engineering TikTok to see the data it collects from its users

Officially speaking, highlights from TikTok’s Privacy Policy states the app collects the following:

  • Your IP address
  • Your browsing history in the app (i.e. the content you have viewed on the Platform)
  • Your mobile carrier
  • Your time zone settings
  • An identifier for advertising purposes
  • The version of the app you are using
  • The model of your device
  • Your device system
  • The network type you are using
  • Your device ID
  • Your screen resolution and operating system
  • The messages you send to other users on the app

However, a crowd-sourced team of software engineers and cybersecurity community members have been actively reverse engineering the app to learn more about what the app is collecting. Much of the findings have come from a Reddit user by the name of bangorlol. Here are the highlights of his reddit comment:

Comment from discussion bangorlol’s comment from discussion "Not new news, but tbh if you have tiktiok, just get rid of it".

“TikTok is a data collection service that is thinly-veiled as a social network. If there is an API to get information on you, your contacts, or your device… well, they’re using it.

  • They set up a local proxy server on your device for “transcoding media”, but that can be abused very easily as it has zero authentication
  • There’s also a few snippets of code on the Android version that allows for the downloading of a remote zip file, unzipping it, and executing said binary. There is zero reason a mobile app would need this functionality legitimately.
  • They also made it so you cannot use the app at all if you block communication to their analytics host off at the DNS-level.
  • For what it’s worth I’ve reversed the Instagram, Facebook, Reddit, and Twitter apps. They don’t collect anywhere near the same amount of data that TikTok does, and they sure as hell aren’t outright trying to hide exactly what’s being sent like TikTok is.” – /u/bangorlol

What Has TikTok Done to Improve Privacy and Security?

Since the initial controversies, TikTok has made an active effort to demonstrate its commitment to the security and privacy of its users.

  • Independent Review: TikTok is working to launch a Transparency Center that invites policy, content safety, and security experts to independently review the platform.
  • Security Certifications: As of April 2021 TikTok is officially ISO 27001 certified in the US and UK, with Singapore, Ireland, and India soon to follow
  • Transparency Reports: TikTok releases biannual reports showcasing their moderation efforts and their responses to data access requests from government entities. 
  • TikTok US Info: TikTok launched https://www.tiktokus.info/ to showcase its privacy, security, and transparency efforts. The site collects expert opinions from third-party sources, statements from TikTok, and sample headlines from major news outlets. 

Conclusion

The sheer amount of data collected by TikTok and the potential for them to be forced to share user data with the Chinese government has caused privacy and security concerns among federal governments. 

The recent bans from India and the US military may only be the start of such policy changes, with other governments potentially following suit. 

If you are concerned about the use of TikTok in the workplace you can block employee access to TikTok on company-provided devices using web filtering software for computers and a mobile device manager for smartphones.

Start Blocking Websites Today
Learn More
Sai Kit Chu
Sai Kit Chu
Sai Kit Chu is a Product Manager with CurrentWare. He enjoys helping businesses improve their employee productivity & data loss prevention efforts through the deployment of the CurrentWare solutions.

Related posts

Employee monitoring statistics that companies need to know
October 21, 2022

70+ Employee Monitoring Statistics Companies Need to Know

Read more
CurrentWare for NIST 800-171 & 800-53 compliance
September 9, 2022

CurrentWare for NIST 800-171 & 800-53 Compliance

Read more