Ban called 'precautionary approach' to protect staff
Several government agencies across New Zealand have issued orders to remove the video-sharing platform TikTok on work devices, according to local media.
Stuff reported that the organisations include:
- Defence Force
- Ministry of Education
- Ministry of Foreign Affairs and Trade
- Department of Prime Minister and Cabinet
- Corrections
- Police
- Treasury
- Ministry of Justice
- Ministry of Primary Industries
The Defence Force's ban on the application has been imposed since November 2022, following a "risk assessment" on the application, Stuff reported.
The move was a "precautionary approach to protect the safety and security of our Defence Force personnel," a spokesperson told Stuff.
In the Ministry of Education's case, TikTok is not authorised on work devices except for an "isolated phone that is not connected to the ministry system," corporate leader Zoe Griffiths told Stuff.
The isolated phone is used to operate a TikTok account aimed at reaching the ministry's younger audience, according to the report.
The Ministry of Foreign Affairs and Trade also "prevented" the use of TikTok on ministry devices, Stuff reported, while the Police does not approve the use of all social media platforms on work devices.
Corrections has all social media blocked on network except for LinkedIn, according to Stuff, while an external agency operates the agency's TikTok account for recruitment purposes.
New Zealand Intelligence Agencies Minister Andrew Little previously stated that the government does not have the "legal mandate" to ban applications on government phones, according to another Stuff report.
Digital Economy and Communications Minister Ginny Andersen, however, noted that various departments could use discretion when authorising what apps can be used on government devices.
TikTok ban across the world
Conversations on regulations surrounding TikTok recently emerged as the United States and Canada declared a ban on the application on government workers' devices.
Canada attributed the prohibition to "concerns about the legal regime that governs the information collected from mobile devices."
TikTok's privacy policy claims that it only collects profile information, user content and behavioural information, information from third parties, technical information, location, in-app purchases, proof of identity or age.
"We are committed to protecting and respecting your privacy," the company said in its policy.
However, non-profit Centre for Internet Security (CIS) said TikTok's data collection is "more intrusive than other apps."
"TikTok gained an edge through its ability to collect sensitive data about users, even when those users neither saved nor shared their content," it said on its website.
According to CIS, the company collects the following data:
- Device brand and model, operating system version, mobile carrier, browsing history, app and file names and types, keystroke patterns or rhythms, wireless connections, and geolocation
- Personally identifiable information as well as user data collected from other sources
- The content of messages and information about when messages are sent, received, and/or read
The regulation on TikTok's use on work devices comes as more employers grow concerned about potential cybersecurity breaches.
A survey by EisnerAmper's Outsourced IT Services previously revealed that 71% of executives believe that their company's next cybersecurity breach would likely be caused by an "internal staff error."
Another 15% claimed it would be because of "unreliable software," while 13% said it would be because of a lack of protocols or policy.