- The policy only vaguely promises to ask users for their consent, TechCrunch reported.
- In February, TikTok paid $92 million to settle claims it violated Illinois’ biometric data privacy law.
- See more stories on Insider’s business page.
“We may collect biometric identifiers and biometric information as defined under US laws, such as faceprints and voiceprints, from your User Content. Where required by law, we will seek any required permissions from you prior to any such collection,” the new policy reads.
As noted by TechCrunch, which earlier reported on the changes, that language could allow TikTok the ability to collect most US users’ biometric data without explicitly asking them, due to the fact that only a few states have laws restricting companies from collecting such data.
TikTok didn’t respond to Insider’s questions about whether it had already begun collecting users’ biometric data. However, the new language is found within a section titled “information we collect automatically,” meaning TikTok could potentially be collecting it already.
TechCrunch also noted that the policy doesn’t define “faceprints” or “voiceprints,” or explain why TikTok needs this data in the first place.
In February, TikTok paid $92 million to settle a class-action lawsuit in Illinois over allegations that it violated the state’s biometric data privacy law.
Last year, the Trump administration unsuccessfully attempted to ban TikTok from the US entirely, claiming its ownership by Beijing-based ByteDance posed a national security threat.
While President Joe Biden on Thursday issued an executive order banning Americans from investing in Chinese firms linked to surveillance of religious and ethnic minorities, his administration hasn’t taken an explicit position on TikTok.
Most cybersecurity experts say that TikTok poses no more security risk to average Americans than any other social media app, though some US government agencies and politicians have banned employees from using the app.