Advisor Perspectives welcomes guest contributions. The views presented here do not necessarily represent those of Advisor Perspectives.
In an era where digital convenience intersects with unparalleled risks, financial advisors and wealth managers are tasked with safeguarding more than just clients’ assets; the protection of personal and client data stands paramount. Amidst this backdrop, two applications, TikTok and Temu, are subjects of increasing concern over privacy practices.
The privacy conundrum of TikTok and Temu
TikTok: Beyond entertainment
TikTok, a powerhouse of viral content, has raised eyebrows not just for its addictive algorithms but for its voracious appetite for user data. The platform's data collection practices extend beyond the conventional bounds, encompassing a range of information from device identifiers and location data to browsing and search histories. It can collect information from your device when not using the application, such as keystroke patterns, faceprints, and voiceprints. This extensive data harvest carries implications beyond mere privacy invasion; it poses a palpable threat to data security.
Temu: A new challenger
Temu is an ecommerce application which is owned by the Chinese online retailer PDD Holdings. The application has successfully replicated the meteoric growth of its sister application Pinduoduo. Pinduoduo grew very rapidly in overseas markets through effective marketing campaigns, gamification features, and personalized purchase recommendations to make shopping on mobile platforms more fun.
The popularity of ecommerce platform Temu has been surging since its debut in the fall of 2022. The application surpassed 100 million active users in the United States in April 2023 and had 250 million worldwide cumulative downloads in November 2023 with 53%of active users in the United States. The application had a successful Superbowl commercial that resulted in over 29.6 million downloads worldwide in February.
The application’s convenience and diverse marketplace offerings are overshadowed by its aggressive data harvesting tactics, mirroring concerns parallel to those of TikTok.
Data collection concerns
In 2023, Pinduoduo was removed from the Google Play Store for containing malware. According to experts, Pinduoduo was able to gain access to data from other apps, prevent users from uninstalling it, and bypass Google Play’s update-verification process. The company denies these allegations. But company insiders reported to CNN that the exploits were utilized to spy on users and competitors, allegedly to boost sales. Pinduoduo requested as many as 83 permissions, including access to biometrics, Bluetooth, and Wi-Fi network information.
Temu is not as aggressive in its data requests as Pinduoduo and requests 24 permissions, including access to Bluetooth and Wi-Fi network information. Temu requests access to your phone’s camera, microphone, contacts, and GPS information. This provides PDD with the ability to reverse engineer biometric information, such as your voice print and facial recognition.
A common thread: Ties with the CCP
China's cybersecurity law obligates critical information infrastructure (CII) operators to provide unobstructed access to their data to the government and mandates that such data be stored exclusively within mainland China. Both companies deny that Chinese Communist Party (CCP) has access to user data, but Chinese law supports CCP access to any company’s data.
Both applications have faced allegations of potentially compromising user privacy at the behest of state interests by sharing collected information with the CCP, a claim that exacerbates the unease surrounding their operation.
TikTok was banned on government devices for federal employees in June 2023 and is currently banned from state-issued devices in 34 states. Temu has several pending class action lawsuits in the United States based on allegations that they collect user information for the purpose of spying on its users.
The compounded risks for financial professionals
For financial advisors and wealth managers, the stakes are undeniably higher. The intersection of personal device usage with professional responsibilities – such as accessing client data or company email – magnifies the risks associated with these applications. The potential for sensitive financial information to fall into the wrong hands necessitates a reevaluation of these platforms' presence on personal and professional devices.
The platforms have the potential to access any information stored within your email and contact list. This information can include sensitive information on your clients.
A course of action
Recognizing the gravity of these concerns, the recommended course of action is clear and unequivocal: Remove TikTok and Temu from devices that interact with client data or access company communications. This protective measure extends beyond individual privacy preservation; it serves as a safeguard for the fiduciary responsibilities financial professionals hold towards their clients.
Moving forward
Education on the cybersecurity risks of applications, informed decision-making, and constant vigilance are our greatest tools in navigating the digital terrain. The allure of popular applications should not blind us to the inherent risks they pose, especially in roles bound by the ethical management of sensitive information. Our industry serves clients best by prioritizing the security of our and our client’s data.
Reconsider the presence of TikTok and Temu on your professional and personal devices. The onus is on us to protect the integrity of our client data and uphold the trust that defines our client relationships. Remember, in the world of finance, as in all aspects of life, forewarned is forearmed.
John O’Connell, founder and chief executive officer for The Oasis Group, specializes in helping wealth management and technology firms solve their most complex challenges. His newest online training courses serve as a leading source of education for financial professionals at all levels in their careers. With modules ranging from cybersecurity to custodian markets and more, The Oasis Group enables firms and enterprises to upskill, learn at their own pace and rewatch lessons to reinforce specific learning objectives. Get an additional 20% off any course with coupon code ADVISORPERSPECTIVES.
A message from Advisor Perspectives and VettaFi: As fixed income dynamics shift, how will you guide your clients through 2024? Discover strategies at the Fixed Income Symposium on April 18th. Click here to register
Read more articles by John O’Connell