Fears About Tiktok's Policy Changes Point To A Deeper Problem In The Tech Industry

(MENAFN- The Conversation) A little over a year after TikTok temporarily went dark in the United States and users were greeted with a message explaining that“a law banning TikTok has been enacted,” those same U.S. users opened the app to find a pop-up message requiring them to agree to new terms before they could continue scrolling.

The new terms of service and privacy policy went into effect on Jan. 22, 2026, following the app's sale from ByteDance to TikTok USDS Joint Venture LLC, a majority American-owned company that reportedly will control U.S. users' data and content and the app's recommendation algorithm.

People see this kind of pop-up all the time, and according to research, the“biggest lie on the internet” is that people ever read anything before clicking“agree.” But given many users' unease about the ownership change – including fears of swapping Chinese surveillance for U.S. surveillance – it is unsurprising that this time, people paid attention. Screenshots of legal language spread quickly online, accompanied by warnings about sweeping new data collection.

I'm both a TikTok content creator and a tech ethics and policy researcher who has studied website terms and conditions, especially whether people read them (they don't) and how well they understand them (they also don't). When I saw the outrage on social media, I immediately dove down a terms of service and privacy policy rabbit hole that had me tumbling into the wayback machine and also looking at similar policies on other apps and TikTok's policies in other countries.

In the end, I discovered that in the most widely shared examples, the language that sounded most alarming had either hardly changed at all or described practices that are fairly standard across social media.

Some changes aren't really changes

Consider the list of“sensitive personal information” in TikTok's new privacy policy, which includes items like sexual orientation and immigration status. Many users interpreted this list as evidence that TikTok had begun collecting more personal data. However, this exact same list appeared in the, which was last updated in August 2024. And in both cases, the language focuses on“information you disclose” – for example, in your content or in responses to user surveys.

This language is in place presumably to comply with state privacy laws such as California's Consumer Privacy Act, which includes requirements for disclosure of the collection of certain categories of information. TikTok's new policy specifically cited the California law. Meta's privacy policy lists very similar categories, and this language overall tends to signal regulatory compliance by disclosing existing data collection rather than additional surveillance.

Location tracking also prompted concerns. The new policy states that TikTok may“collect precise location data, depending on your settings.” This is a change, but it's also common practice for the major social media apps.

The change also brings the company's U.S. policy in line with TikTok policies in other countries. For example, the company's European Economic Area privacy policy has very similar language, and users in the U.K. have to grant precise location access to use a“Nearby Feed” for finding events and businesses near them.

Though apps have other ways to approximate location, such as IP address, a user will have to grant permission through their phone's location services in order for TikTok to access precise location via GPS – permission that TikTok has not yet requested from U.S. users. However, the new policy opens the door for users having the option to grant that permission in the future.

No news does not equal good news

None of this is to say that users are wrong to be cautious. Even if TikTok's legal language around data privacy is standard for the industry, who controls your data and your feed is still very relevant. Uninstalls for the app spiked 130% in the days following the change, with many users expressing concern about the ties that the new owners have to President Donald Trump – notably Oracle, the company led by Trump supporter Larry Ellison.

It also didn't help that TikTok's first week under American ownership was a complete disaster. Severe technical problems – later attributed by TikTok to a data center power failure – happened to coincide with the new ownership announcement, fueling widespread concerns about censorship of content critical of the U.S. government. Perhaps some users remembered that Trump once joked about making the platform“100% MAGA.”

But regardless of what actually happened, at this point distrusting tech companies isn't exactly irrational.

Clarity and trust

Conflating very real structural risks with unfamiliar sentences in legal documents, however, can obscure what is actually changing and what isn't. The misleading information about TikTok's policy changes that spread across social media is also evidence of a well-known design failure: Most tech policies aren't made to be read.

My own work revealed that these documents are often written at a college or even graduate school reading level. Another analysis once calculated that if every American read the privacy policy for each website they visit for just a year, it would cost US$785 billion in lost leisure and productivity time.

So the discussion about TikTok's policies is a case study in the deep mismatch between how tech companies communicate and how people interpret risk, particularly in an era of exceptionally low trust in both Big Tech and government. Right now, ambiguity doesn't feel neutral. It feels threatening.

Instead of dismissing these reactions as overblown, I believe that companies should recognize that if a huge portion of their user base assumes the worst, that's not a reading comprehension problem; it's a trust problem. So writing data privacy policies more legibly is a start, but rebuilding any kind of inherent trust in the stewardship of that data is probably the more important challenge.

MENAFN06022026000199003603ID1110705840