Quite a few ways, whether through device/session fingerprinting [1], in-app browser keystroke tracking [2], frequent third-party post requests [3], individiual app usage patterns [4], geo-tracking [5], dark-patterned user onboarding [6] and continual facial recognition [7].
A canary blog series kicked off by the company itself is worth keeping an eye on to see the 'myths' they want to debunk most scrupously (such as keytracking)[8].
A canary blog series kicked off by the company itself is worth keeping an eye on to see the 'myths' they want to debunk most scrupously (such as keytracking)[8].
[1]: https://www.nullpt.rs/reverse-engineering-tiktok-vm-1
[2]: https://krausefx.com/blog/announcing-inappbrowsercom-see-wha...
[3]: https://app.urlgeni.us/blog/new-research-across-200-ios-apps...
[4]: https://www.nytimes.com/2021/12/05/business/media/tiktok-alg...
[5]: https://www.afr.com/technology/tiktok-admits-collecting-loca...
[6]: https://au.reset.tech/uploads/resettechaustralia_policymemo_...
[7]: https://www.npr.org/2021/02/25/971460327/tiktok-to-pay-92-mi...
[8]: https://newsroom.tiktok.com/en-us/tiktok-truths-a-new-series...