And TikTok says other companies, including two of Australia’s big four banks, also share data with China.

TikTok’s local arm commissioned Australian academic Nigel Phair to conduct an analysis of its data collection and privacy practices compared with its rivals.

Professor Phair’s study found that Facebook, Google, Twitter and TikTok all collect user phone contacts, privacy settings, in-app browsing history and location.

According to Professor Phair, who spent 21 years with the Australian Federal Police and now serves as a professor at Monash University, Google was found to collect the largest number of data points (39 of 40), followed by Facebook/Meta (33 of 40), TikTok (31 of 40) and Twitter (29 of 40).

He said it was no surprise Google collected the most data given its wide variety of services such as Google Maps and Gmail.

Regulators and governments have feared that TikTok would be forced to give data to China under a 2017 law that compels companies to turn over personal data relevant to China’s national security.

Many Australian organisations share data with overseas jurisdictions – including the United States and China – Professor Phair said, while the report found that at least two of Australia’s so-called big four banks, a large telecommunications provider, and a number of high-profile tech companies each allowed customer data to be shared with China.

“All the apps are pretty much exactly same. I don’t know if I was expecting that or not, but it is what it is,” Professor Phair said.

“From an e-safety perspective, it’s important for younger people in particular, and for all people, to check your settings for all apps and to be comfortable with what you’re sharing online.”

The report can be seen as a rebuttal to analysis by cybersecurity and intelligence firm Internet 2.0, which alleged TikTok collected “excessive” amounts of data, including access to contacts and regular device location checks.

The datapoints that have been presented do not offer a comprehensive representation of the entire spectrum of data access as evaluated by Internet 2.0,” the firm’s co-founder Robert Potter told The Australian.

“Certain data access points, such as clipboard access, advertisement ID, and biometric data, have been omitted in Professor Phair’s work. One could argue that the selection of datapoints appears to have been intentionally crafted to portray TikTok in a positive light, without necessarily providing a complete and accurate picture of the app‘s data access practices.

“In light of these concerns, it is important to exercise caution when interpreting the data and to conduct a more in-depth analysis of TikTok’s data access practices to ensure the security and privacy of user data

“It is important to note that this analysis solely focuses on data access and does not provide a comprehensive review of TikTok‘s overall privacy policy. Therefore, it would be premature to draw conclusions solely based on this analysis.

“During our investigation TikTok repeatedly insisted to journalists that they did not track items such as GPS in their application. We want to be sure that we hold TikTok accountable for the public statements. We specifically contrasted technical information and their privacy policy, against their public claims and found significant gaps. It is good to see their own findings here, while significant in the incompleteness, more closely align with the facts about their application.

“We continue to be confident in our assessment that the application harvests data excessively and that TikTok has lacked transparency in this process.”

TikTok general manager for Australia and New Zealand Lee Hunter welcomed the report’s findings.

“We have always said that our data collection practices are in line with our peers,” he said in a statement.

“We hope it will help contribute to a fact-based conversation around this important topic. Data privacy and security is our top priority at TikTok and will continue to work hard to protect the data of our millions of users.”

Earlier this month Australia followed other Western countries by banning the use of TikTok on government devices.

Federal Attorney-General Mark Dreyfus declared the ban was based on advice from intelligence and security agencies.

Mr Hunter had said he was “extremely disappointed by this decision, which, in our view, is driven by politics”.

“Our millions of Australian users deserve a government which makes decisions based upon facts and who treats all businesses fairly, regardless of country of origin,” he said at the time.

TikTok is a wholly owned subsidiary of Chinese parent company ByteDance, though the company says 60 per cent of its shares are owned by non-Chinese investors.

Amid the government bans and heightened scrutiny the company is now pushing a new youth-focused photo sharing app, called Lemon8, in countries including the Australia and the US.

ByteDance’s net worth has slumped thanks to the bans and an overall tech downturn, losing $US100bn in total valuation in recent months.

More related stories

Politics

Big ‘tech tax’ to hold giants to account

A social media inquiry has recommended a new digital affairs portfolio be established and big tech charged to operate platforms in Australia, with some proceeds given to public-­interest journalism.

Read more

Business

Lack of investment holding back innovation – and green solutions

Government regulation to make big business adopt a recycling mindset will ensure Australia becomes a truly circular economy.

Read more