It was not for show. It acknowledged its success and was to limit its success. Then limit it as a "potential" vector for intrusion. Kaspersky was removed from the US on the same basis.
Tiktok has access to photos and videos on the device, and user data on interactions. This was seen as a vector for compromising the individual's integrity via embarrassment and blackmail.
I just installed tiktok for the first time on my Android device and it asked for no permissions and even let me use it without creating an account. How is it getting photos and videos on my device?
Normal practice is a prompt-on-first-attempt: when you click on various things, it'll ask; I've never given it access to anything, and so I get a prompt asking for permission to see my contacts about once a week.
