The U.K. is banning the use of TikTok on government devices. The ban comes after cabinet office ministers ordered a security review. This looked at the potential vulnerability of government data from social media apps on devices and risks around how sensitive information could be accessed and used by some platforms.
Given the potentially sensitive nature of information which is stored on government devices, government policy on the management of third party applications will be strengthened and a precautionary ban on TikTok on government devices is being introduced.
Currently there is limited use of TikTok within government and limited need for government staff to use the app on work devices. The decision is in line with similar restrictions made internationally, including the US and Canadian governments and the European Commission.
TikTok requires users to give permission for the app to access data stored on the device, which is then collected and stored by the company. Allowing such permissions gives the company access to a range of data on the device, including contacts, user content and geolocation data. The U.K. government is concerned about the way in which this data may be used.
The ban does not extend to personal devices for government employees, ministers or the general public. The ban on government devices applies to government corporate devices within all government departments. Specific exemptions for the use of TikTok on government devices are being put in place where required for work purposes.
Exemptions will only be granted by security teams on a case-by-case basis, with ministerial clearance as appropriate, and with security mitigations put in place. These exemptions will cover areas such as individuals working in relevant enforcement roles, or for example for the purposes of work on online harms.