Search results for: tiktok

SeatGeek, the popular online ticketing platform, is facing a proposed class action in California federal court over allegations that it improperly shared website visitors’ personal information with TikTok and Meta through online tracking technologies. The complaint alleges that SeatGeek embedded TikTok and Meta tracking pixels on its website, enabling the companies to collect users’ personal data, including IP addresses, unique identifiers, browsing history, and device details, without user consent. According to the lawsuit, this practice violates California’s “trap and trace” law, a provision of the state’s Invasion of Privacy Act (CIPA).

The lawsuit describes how tracking pixels—snippets of code embedded in websites—function as surveillance tools for digital advertising.

  • TikTok Pixel: Allegedly collects information the moment a visitor lands on SeatGeek’s website, capturing data such as names, addresses, birthdates, IP addresses, device details, and browsing activity. The complaint claims TikTok’s “AutoAdvanced Matching” and fingerprinting technologies deanonymize users by linking their activity with data TikTok already maintains on hundreds of millions of people.
  • Meta (Facebook) Pixel: Allegedly tracks website interactions, including clicks, form submissions, purchases, and browsing behavior, and matches this activity to individual Facebook accounts through cookies and unique IDs. The data can then be used by both Meta and SeatGeek to measure conversions, build custom audiences, and target advertisements more precisely.

Torres alleges that every time a user lands on SeatGeek’s website or clicks through a page, their information is immediately transmitted to TikTok and Meta. This, he argues, constitutes the use of an unlawful “trap and trace device” under California law. Torres is seeking to represent statutory damages, interest, attorney fees, and costs for the class. Organizations that rely on digital advertising should take note: the number of lawsuits targeting pixel use continue to rise, and regulators and courts are receptive to arguments that such practices violate consumer privacy rights; until the courts or the legislature takes steps to limit these claims, your website could be a target.

We have repeatedly warned our readers about the risks associated with TikTok. We are reminding our readers that the popular Temu app raises the same concerns.

The risks have prompted almost two dozen attorneys general to file lawsuits against Temu, alleging that it is “dangerous malware” that secretly monetizes user data in an unauthorized manner.

Arkansas Attorney General Tim Griffin filed one of the first lawsuits against Temu on June 25, 2024, alleging that the app:

[I]s purposefully designed to gain unrestricted access to a user’s phone operating system, including, but not limited to, a user’s camera, specific location, contacts, text messages, documents, and other applications. Temu is designed to make this expansive access undetected, even by sophisticated users. Once installed, Temu can recompile itself and change properties, including overriding the data privacy settings users believe they have in place. Even users without the Temu app are subject to Temu’s gross overreach if any of their information is on the phone of a Temu user. Temu monetizes this unauthorized collection of data by selling it to third parties, profiting at the direct expense of Arkansans’ privacy rights.

The lawsuit claims that Temu was “the most downloaded app in the United States” in 2023, “with users spending almost twice the amount of time on its platform than on rival Amazon.” It then provides several concerns and risks associated with downloading Temu, including:

  • Apple suspending Temu from the App Store “for misrepresentations Temu made regarding the types of data Temu can access or collect from users” including how it collects and uses the data.
  • Google suspending the Pinduoduo app (another app designed by the Temu app’s owner) from its Google Play app store in March 2023 because it contained malware.
  • Security researchers concluding that the Temu app is purposefully and intentionally loaded with tools to execute virulent and dangerous malware and spyware activities on user devices that have downloaded and installed the TEMU app.
  • Temu collecting a shocking amount of sensitive user data beyond what is necessary for an online shopping app. Some examples include users’ granular location using the Global Positioning System and even biometric information such as users’ fingerprints.
  • Temu having “a complete arsenal of tools to exfiltrate virtually all the private data on a user’s device and perform nearly any malign action upon command trigger from a remote server gaining access-without permission or even notice-to ‘literally everything on [a user’s device].’”
  • The Temu app’s code, purposely designed to evade front-end security review and change once it has been downloaded to a user’s phone.
  • Great efforts taken to intentionally hide the malicious intent and intrusiveness of the software.

If these facts are not enough to deter you from downloading or removing the app from your phone, here is another chilling article to review, one of many others just like it. The bottom line is to understand the risks before you download or maintain the Temu app on your device. Take a look at the Arkansas complaint against Temu and the most recent one this week filed by the Attorney General of Kentucky to dig deeper into the facts behind the app.

In a significant win for Royal Caribbean Cruises, a federal judge dismissed a lawsuit that alleged the cruise line’s website violated a California privacy law by using a TikTok tracking tool. The case, Kishnani v. Royal Caribbean Cruises, challenged the cruise operator’s use of the tool under the California Invasion of Privacy Act (CIPA), which restricts the use of so-called “trap and trace” devices.

CIPA prohibits tracking devices that capture identifying information about a communication’s origin, such as telephone numbers, without a court order. CIPA was first intended to restrict and prohibit wiretaps. However, the U.S. District Court for the Northern District of California held that the statute does not apply to the collection of message content, such as names, addresses, and other biographical details.

Plaintiff Kieren Kishnani claimed the TikTok tool collected metadata, including browser type, device details, location, and URL tracking in violation of CIPA. However, Judge Noël Wise found that Kishnani failed to allege a concrete injury and offered only conclusory statements. Even if metadata had been collected, the court ruled that basic contact and tracking information does not meet the threshold of a legally recognized harm under CIPA.

Judge Wise also emphasized that to the extent the tool may collect biographical content voluntarily submitted by users, such data falls outside CIPA’s scope. Crucially, the court also ruled that Kishnani has no reasonable expectation of privacy over metadata, and that the TikTok tool does not qualify as a “trap and trace” device as defined under the law.

The court dismissed the case with prejudice, meaning Kishnani cannot amend and refile the complaint.

The decision underscores the challenges of using CIPA to target modern web tracking technologies—particularly when plaintiffs cannot demonstrate personal harm or link data collection practices to prohibited activities under the statute. This is a win for businesses across the country.

New York Attorney General Letitia James and 13 other Attorneys General filed suit in October 2024 against TikTok “for misleading the public about the safety of its platform and harming young people’s mental health.” TikTok moved to dismiss the case and, on May 28, 2025, New York Supreme Court Judge Anar Rathod Patel denied the motion.

The denial of TikTok’s motion to dismiss allows the New York case to move forward and serves as precedent for TikTok’s other efforts to dismiss the cases filed by over a dozen Attorneys General nationwide.

Despite bipartisan support for banning TikTok – essentially spyware presenting a national security threat from the People’s Republic of China (PRC) – in the United States (as done by India) and the Supreme Court’s upholding of the law as constitutional and requiring the app to go dark, President Trump signed an Executive Order (EO) during his first day in office giving TikTok 75 days to “pursue a resolution.”

TikTok already had several months to “pursue a resolution,” which was to divest itself from the PRC so it could not collect and use Americans’ sensitive data. TikTok does not want to pursue this resolution because it wants to keep collecting, using, manipulating, and spying on U.S. citizens.

This is a disappointing development, and hopefully, Trump, who originally supported the ban, will come to his senses to protect national security and keep the PRC from spying on unwary citizens.

TikTok users are seeking alternate platforms to share and view content as the U.S. is set to ban the popular social media app on January 19, 2025. Instead of turning to U.S.-based companies like Facebook or Instagram, users are flocking to another Chinese app called Xiaohongshu, also known as RedNote. The app, which previously had little presence in the U.S. market, shot up to the most downloaded app in Apple’s app store this week. RedNote shares similarities to Yelp, where users share recommendations, but it also allows users to post short clips, similar to the soon-to-be-banned TikTok.

While some of these TikTok users choose to switch to RedNote because of the similar short-form video format, other users appear to be purposefully choosing another Chinese-owned app as a form of protest. Either way, ordinary American and Chinese citizens can easily interact in new ways on the internet through RedNote.

However, RedNote includes many of the same privacy and national security issues that the U.S. government raised concerning TikTok. Although many users ordinarily ignore privacy policies, RedNote’s privacy policy is written in Mandarin, making it even more difficult (and in some cases impossible) for users to understand. A translation of the privacy policy indicates that RedNote collects sensitive data like a user’s IP address and browsing habits. As a Chinese-based app, RedNote is also similarly subject to the Chinese data laws that led U.S. lawmakers to ban TikTok. The TikTok ban could eventually be extended to include RedNote and other Chinese (and other foreign country) apps national security and privacy concerns exist. With other short-form video services (e.g., Instagram Reels and YouTube Shorts) provided by U.S. companies, users do not need to expose their personal data to Chinese-based companies. Additionally, using RedNote to circumvent the TikTok ban could be problematic, particularly for government workers with security clearances. RedNote is not worth these risks, and Americans should avoid downloading it.

The United States Supreme Court announced on December 18, 2024, that it will hear the TikTok ban case and has scheduled oral arguments for January 10, 2025, before the ban’s January 19, 2025 effective date.

The case stems from a bipartisan law signed by President Biden that required ByteDance, the Chinese-based parent of the app TikTok, to divest from the app or face a ban in the U.S. because it poses a threat to national security. In addition to being a threat to national security, numerous states have filed suit against TikTok alleging that the app has caused a mental health crisis for youth in the U.S. Forbes has reported on “numerous concerns involving the company, including Tiktok spying on journalists, promoting Chinese propaganda criticizing U.S. politicians, mishandling user data, and tracking ‘sensitive words.’”

ByteDance sought emergency relief from the U.S. Supreme Court following a lower federal court’s decision that the ban does not violate TikTok’s First Amendment rights. The district court judge held that if Chinese-owned ByteDance divests from TikTok, the app will be available to users in the U.S.  ByteDance sought emergency relief from the federal circuit court but was denied on December 13, 2024.

The Supreme Court will consider whether the law banning TikTok from the U.S. violates the First Amendment. It is mind-boggling that the Chinese government (which backs ByteDance and is one of the U.S.’s primary cyber adversaries actively engaged in cyber warfare against us) can actually allege it has First Amendment rights in the U.S. Since when can a cyber enemy use our court system to advocate for using spyware against our children? We will be watching the case carefully.

Last week, we outlined the lawsuits against TikTok by New York, California, and North Carolina, that followed in the footsteps of Nebraska, Nevada (which filed suit against TikTok in February of 2024), and Indiana, which filed suit against TikTok in 2022. Since last week, at least 11 more states have joined the fray, including Illinois, Kentucky, Louisiana, Massachusetts, Mississippi, New Jersey, Oregon, South Carolina, Vermont, Washington, and the District of Columbia.

The coalition of Attorneys General have each filed a suit against TikTok in their own state jurisdictions, alleging that TikTok mislead the public about the safety of the platform, that the platform knowingly uses addictive features, and that it harms young people’s mental health.

Separately, the Texas Attorney General has filed suit against TikTok alleging that it is violating Texas’ “The Security Children Online Through Parental Empowerment Act,” which went into effect on September 1, 2024. The law “bans social media companies from selling or even sharing a minor’s information unless it has the approval of a guardian of the minor.” We anticipate that more states will join the cause piling on top of TikTok’s current legal woes.

On October 11, 2024, following the filing of a lawsuit against TikTok by the Kentucky Attorney General, Senators Richard Blumenthal (D-CT) and Marsha Blackburn (R-TN), who authored the bipartisan “Kids Online Safety Act,” requested that TikTok CEO Shou Chew provide all “documents, communications, and research held by TikTok regarding the safety of minors on its platform.” The request is “in response to shocking revelations of TikTok’s awareness of, and indifference to, its platform’s substantial harm to children and teens.” The letter specifically requests that TikTok provide the Senators with the “documents and information  previously produced to the Kentucky Attorney General’s Office and other states Attorneys General.” TikTok is required to produce the documents by October 25, 2024. 

Following in the footsteps of Nebraska, the Attorneys General of North Carolina, California, and New Jersey filed complaints against TikTok and its owner, ByteDance, Ltd., on October 8, 2024.

The suits are lengthy and full of allegations against TikTok and how it is responsible for a “profound mental health crisis” of American teenagers. The suits allege that TikTok designed its social media platform to target youth and “manipulates them into habitual use, and mines the data produced by their excessive and compulsive use for more and more profit.”

The New Jersey complaint alleges that, for American youth, there are no limits on its use and that it is designed to promote excessive use. On the other hand, the Chinese equivalent of TikTok, known as Douyin, “limits which hours in the day young users can access it and for how long. Chinese youth are required to wait through a five-second pause between videos when they spend too much time on Douyin. Some are limited to 40 minutes of use per day.” This revelation is telling—the Chinese version of TikTok requires limitations on use by young users but does not restrict and, in fact, encourages unhealthy levels of use for American youth.

The complaints each outline in detail how TikTok lured Americans between 13 and 17 to become users and how TikTok designed its platform “to promote excessive, compulsive, and addictive use” and achieved young users’ usage to “almost constantly.” The complaints all outline how the use of TikTok by young users has been harmful to them. California alleges that “TikTok designs and provides beauty filters that it knows harm its young users” and that “encourage unhealthy, negative social comparison-which, in turn, can cause body image issues and related mental and physical disorders.” In addition, it alleges that “the platform’s addictive qualities, and the resulting excessive use by minors, harms those minors’ mental and physical health. Among the harms suffered by TikTok’s younger users are abnormal neurological changes, insufficient sleep, inadequate socialization with others, and increased risk of mood disorders such as depression and anxiety.”  If that isn’t enough to get off TikTok, I don’t know what is. The federal government and some state governments prohibit employees from using TikTok. Montana attempted to prohibit its use and was sued by TikTok. In a rare bipartisan move, Congress passed—and President Biden signed—legislation prohibiting TikTok from use in the U.S. That law is being challenged in litigation by TikTok, a Chinese-based platform, on First Amendment grounds. Now, four state Attorneys General are sounding the alarm about the harmful effects on youth in our country when using TikTok. How much is enough for people to understand the national security threat that TikTok poses and the threat it poses to our children?