Privacy and security risks with social media apps


Tiktok has attracted significant media and government attention due to privacy and information security concerns related to the breadth of personal information collected about users, along with TikTok’s information sharing practices with its China-based parent company ByteDance. Both federal and provincial governments have issued bans on the use of TikTok on government-issued devices, and provincial and federal Privacy Commissioners have initiated an investigation into TikTok.  

Pending the outcome of the Commissioners’ investigation, UVic is monitoring the situation. In the meantime, we strongly encourage the UVic community to take the following precautions. Note that these precautions are not only relevant to TikTok; they should be employed when using any social media platform.

Tips to stay safe on social media

  1. Stay informed – Before deciding to use a social media app or service, carefully review its Terms of Use and privacy and data policies. Apple’s App Privacy Report provides insight into how apps access your data and Google Play has a similar feature for Android devices.
  2. Use a web browser – Use a web browser to access content instead of using social media apps. Using a browser helps to limit the scope of information collected by social media platforms.
  3. Adjust your privacy settings – Pay close attention to the privacy settings on your social media accounts. Make sure you know what data third party applications are accessing and how they are using it.
  4. Limit your online “footprint” – Avoid oversharing personal information on social media, as this can be used by cyber criminals to steal your identity or provide tailored phishing messages.
  5. Remove permissions for unused apps – Some devices support automatically removing permissions for unused apps (Android / Apple). If your device doesn’t support this, periodically review app permissions and uninstall unused apps.
  6. Use anti-virus/malware protection – Scan your devices periodically for malware, viruses and adware.
  7. Use strong passphrases – Secure your accounts by using strong passphrase. Learn how to properly create and maintain passphrase for your Netlink ID and other accounts.  Ensure passphrases are unique for each app or service.
  8. Use Multi-Factor Authentication (MFA) – Multi-factor authentication is easy to setup and easy to use. Learn more about it here.  Most social media apps also have MFA features that should be enabled.
  9. Stay up to date – Routinely review apps, social media accounts, and their respective security and privacy settings.
  10. Do a Privacy Impact Assessment – If your use of a social media platform is part of a new or updated initiative involving the collection of personal information, contact the Privacy and Access to Information Office to complete a Privacy Impact Assessment before the launch of your initiative.

To learn more, please visit the University Systems Information Security help and support page and the Privacy Office Training website.

The Government of Canada also offers helpful resources on its Canadian Cyber Security website: Protect how you connect and Protect your information and data when using applications.