Navigating the Digital Minefield: A Guide for Financial Advisors on TikTok and Temu
In an era where digital convenience intersects with unparalleled risks, financial advisors and wealth managers are tasked with safeguarding more than just financial assets; the protection of personal and client data stands paramount. Amidst this backdrop, two applications, TikTok and Temu, emerge as subjects of increasing concern over privacy practices.
The Privacy Conundrum of TikTok and Temu
TikTok: Beyond Entertainment
TikTok, a powerhouse of viral content, has raised eyebrows not just for its addictive algorithms but for its voracious appetite for user data. The platform’s data collection practices extend beyond the conventional bounds, encompassing a range of information from device identifiers and location data to browsing and search histories. It can collect information from your device when not using the application, such as keystroke patterns, faceprints, and voiceprints. This extensive data harvest carries implications beyond mere privacy invasion; it poses a palpable threat to data security.
Temu: A New Challenger
Temu is an ecommerce application which is owned by the Chinese online retailer PDD Holdings. The application has successfully replicated the meteoric growth of its sister application Pinduoduo. Pinduoduo grew very rapidly in overseas markets through effective marketing campaigns, gamification features, and personalized purchase recommendations to make shopping on mobile platforms more fun.
The popularity of ecommerce platform Temu has been surging since its debut in the fall of 2022. The application surpassed 100 million active users in the United States in April 2023 and had 250 million worldwide cumulative downloads in November 2023 with 53 percent of active users in the United States. The application had a successful Superbowl commercial that resulted in over 29.6 million downloads worldwide in February.
The application’s convenience and diverse marketplace offerings are overshadowed by its aggressive data harvesting tactics, mirroring concerns parallel to those of TikTok.
Data Collection Concerns
In 2023, Pinduoduo was removed from the Google Play Store for containing malware. According to experts, Pinduoduo was able to gain access to data from other apps, prevent users from uninstalling it, and bypass Google Play’s update-verification process. The company denies these allegations. However, company insiders reported to CNN that the exploits were utilized to spy on users and competitors, allegedly to boost sales. Pinduoduo requested as many as 83 permissions, including access to biometrics, Bluetooth, and Wi-Fi network information.
Temu is not as aggressive in its data requests as Pinduoduo and requests 24 permissions, including access to Bluetooth and Wi-Fi network information. Temu requests access to your phone’s camera, microphone, contacts, and GPS information. This provides PDD with the ability to reverse engineer biometric information, such as your voice print and facial recognition.
A Common Thread: Ties with the CCP
China’s Cybersecurity Law obligates Critical Information Infrastructure (CII) operators to provide unobstructed access to their data to the government and mandates that such data be stored exclusively within mainland China. Both companies deny that Chinese Communist Party (CCP) has access to user data but Chinese law supports CCP access to any company’s data.
Both applications have faced allegations of potentially compromising user privacy at the behest of state interests by sharing collected information with the CCP, a claim that exacerbates the unease surrounding their operation.
TikTok was banned on government devices for federal employees in June 2023 and is currently banned from state issued devices in 34 states. Temu has several pending class action lawsuits in the United States based on allegations that they collect user information for the purpose of spying on its users.
The Compounded Risks for Financial Professionals
For financial advisors and wealth managers, the stakes are undeniably higher. The intersection of personal device usage with professional responsibilities—such as accessing client data or company email—magnifies the risks associated with these applications. The potential for sensitive financial information to fall into the wrong hands necessitates a reevaluation of these platforms’ presence on personal and professional devices.
The platforms have the potential to access any information stored within your email and contact list. This information can include sensitive information on your clients.
A Course of Action
Recognizing the gravity of these concerns, the recommended course of action is clear and unequivocal: Remove TikTok and Temu from devices that interact with client data or access company communications. This protective measure extends beyond individual privacy preservation; it serves as a safeguard for the fiduciary responsibilities financial professionals hold towards their clients.
Moving Forward
Education on the cybersecurity risks of applications, informed decision-making, and constant vigilance are our greatest tools in navigating the digital terrain. The allure of popular applications should not blind us to the inherent risks they pose, especially in roles bound by the ethical management of sensitive information. Our industry serves clients best by prioritizing the security of our and our client’s data.
In conclusion, I implore my colleagues in the financial sector to reconsider the presence of TikTok and Temu on their professional and personal devices. The onus is on us to protect the integrity of our client data and uphold the trust that defines our client relationships. Remember, in the world of finance, as in all aspects of life, forewarned is forearmed.
Subscribe to The Vantage Point Newsletter.
Join our newsletter to get topics like this delivered straight to your inbox every month!
Subscribe Now