TL;DR

TikTok’s January 2026 privacy policy update explicitly confirms the collection of sensitive user data, including mental health diagnoses, citizenship status, and precise GPS location, while significantly weakening the promise to notify users of government data requests. This shift exposes users to greater surveillance risks, particularly regarding immigration enforcement and political dissent, as the platform removes safeguards that previously alerted users to legal inquiries. Although much of this language is a forced transparency measure to comply with new state laws like the Texas TDPSA, it formalizes the tracking of deeply personal traits that were previously only inferred. To protect themselves, users must aggressively opt out of targeted advertising, revoke location and contact permissions, and exercise their legal right to limit sensitive data use through direct privacy requests

January 2026 brought more than just a new year; it ushered in a new era of explicit data vulnerability for TikTok users across the U.S.

While headlines focused on the geopolitical restructuring of the new “TikTok U.S. Data Security” (USDS) entity, the fine print of the platform’s updated privacy policy tells a deeper, more concerning story. It is a story with implications for your citizenship data, sexual orientation, mental health, and physical location.

Why TikTok’s New Privacy Policy Matters More Than Ever

TikTok’s January 22, 2026 Privacy Policy update does more than signal compliance with U.S. laws, it introduces broader permissions to collect and share user data with government entities.

The “Mental Health Diagnosis” Clause

Perhaps the most shocking addition is the explicit collection of “mental or physical health diagnosis” data. Previously, health data was a vague category. Now, the policy clarifies that if you discuss depression, anxiety, or other conditions in your content, captions, or even private messages, TikTok can categorize this as “sensitive personal information.”

• The Risk: This isn’t just about ads. In an era where data brokers sell mental health profiles, having your “diagnosis” formally logged by a social media giant creates a permanent digital record of your medical history, one that isn’t protected by HIPAA.

Broadened Government Sharing

A particularly troubling clause now reads:

“We may disclose any of the Information We Collect to respond to subpoenas, court orders, legal process, law enforcement requests, legal claims, or government inquiries...”

What changed? Previously, TikTok’s policy generally committed to notifying users of legal data requests unless prohibited by law. That safeguard has been significantly weakened. The new language suggests data disclosures may happen without your knowledge, provided it isn’t explicitly forbidden by law to do so.

With immigration enforcement and political dissent remaining hot-button issues, this removal of “standard notice” opens the door for agencies to access user data for civil or administrative matters (like deportation hearings) without the user ever getting a chance to challenge the request.

The prior concern with TikTok was that data was being shared with the Chinese government. Now the concern shifts to how easily the U.S. government can obtain this data. This echoes the Snowden revelations. In the current climate, the concern shifts from foreign espionage to domestic surveillance: how easily can U.S. agencies now access this data for civil or administrative use?

The Geolocation Update: “Precise” vs. “Approximate”

A major technical shift in the 2026 update is how TikTok handles where you are.

What They Were Doing Before:

Previously, TikTok collected “approximate” location data. Even if you denied GPS permissions, they inferred your general location (city/district level) using your IP address and SIM card information. This is why you still saw local ads even with GPS off.

What Changed in 2026:

The new policy explicitly allows for the collection of “Precise Location” data.

• This uses GPS signals to pinpoint your exact coordinates (within a few meters).

• The Good News: This is technically an “opt-in” feature for U.S. users. It is off by default, but you may see pop-ups aggressively asking you to turn it on for “better local content.”

• The Bad News: The policy language is vague on whether they can cross-reference this new, precise data with older historical data to build a retrospective map of your movements.

Reality Check: Transparency vs. New Surveillance

It is important to read this update with nuance. Is TikTok suddenly becoming “evil” in 2026, or were they always doing this?

The “Transparency” Defense

Much of this scary new language—specifically the lists of “immigration status,” “sexual orientation,” and “biometric data”, is likely a response to strict new U.S. state privacy laws (like the Texas TDPSA and California CPRA).

• These laws force companies to explicitly list every category of data they might collect.

• In Reality: TikTok was almost certainly already analyzing your content for these traits (via algorithms that tag you as “LGBTQ+ interested” or “Immigration content interested”).

• The Difference: They are now admitting it in writing. While the practice isn’t new, the admission confirms our long-held suspicions: the algorithm watches what you watch to determine who you are.

Possibility of Censorship

Some concerns exist that the U.S. government could use censorship to prevent certain content on TikTok, as a means to control information and frame narratives. Some users have reported seeing fewer protest videos and information concerning the unprecedented events in Minnesota. While this could likely be due to algorithmic changes, it leaves the door open to 'shadowbanning' inconvenient narratives during times of unrest. While the mechanism for such control is currently unproven, it is now possible.

How to Regain Control: Step-by-Step Opt-Out Guide

Here’s how you can limit what TikTok collects and uses, based on its latest settings.

Turn Off Personalized/Targeted Ads

This limits TikTok’s ability to use your off-app activity (what you buy or search for elsewhere) to target you.

• Steps (iOS/Android):

  1. Open TikTok → Tap Profile (bottom-right).

  2. Tap Menu ☰ → Settings and privacy.

  3. Select Ads (sometimes labeled Ads and data).

  4. Targeted ads (and targeted ads outside of TikTok) → Toggle OFF.

• Deep Clean:

  • Still in the Ads menu, tap Clear off Tik-Tok data & also Disconnect advertisers. This wipes the data they have already collected from third parties and stops targeted ads with your off Tik-Tok data

Download Your Data

TikTok allows you to request a full export of your activity, including “inferred interests”—what the algorithm thinks you like.

• Steps:

  1. Profile → Menu ☰ → Settings and privacy.

  2. Tap Account → Download your data.

  3. Choose format (TXT or JSON are best for readability) → Tap Request data.

• Note: It may take a few days to process. When it arrives, look for the “Ads Interests” file to see exactly how you are being categorized.

Share

Use Your Privacy Rights

If you are in Texas, California, Colorado, or other states with comprehensive privacy laws, you can submit a formal request to delete or limit sensitive data use by contacting TikTok. Although it remains to be seen how effective this will be. I am reminded of what the late comedian George Carlin said about rights being, in reality, privileges that can be taken away, because if they were rights, you couldn’t take them away. He had a lot more to say, but most of it would not be appropriate for this substack.

Additional Quick Privacy Wins

• Contacts Sync: Go to Settings and privacy → Privacy → Sync contacts and Facebook friends. Toggle Off, then crucially, tap “Remove previously synced contacts” to delete the data they already have.

• Location: Go to Settings and privacy → Privacy → Location Services. This will usually direct you to your phone’s OS settings. Ensure it is set to “Never”.

• Permissions: Go to your phone’s main Settings → Apps → TikTok → Revoke access to Camera/Microphone when not in use.

Beyond TikTok: The Privacy Risks of Big Social Media

TikTok isn’t unique in its data practices. Meta (Facebook, Instagram, Threads) has long monetized deeply personal user data through behavioral profiling and targeted advertising. In early 2025, the Electronic Frontier Foundation launched its “Mad at Meta” article to draw attention to how Meta tracks users across the web, even beyond its platforms, using embedded tracking pixels and app integrations.

EFF’s concern is not just that Meta gathers huge volumes of personal data, but that it monetizes this information across a surveillance advertising ecosystem, including data from non-users. Meta’s behavior has included collecting information on health topics, offline purchases, and sensitive interests through third-party sites.

EFF encourages users to Minimize what data Meta collects (by changing settings and using privacy tools), Ask for transparency and better protections (including stronger laws), and Delete any unnecessary data or accounts. While these steps are a stopgap, EFF argues that lasting protection requires robust U.S. privacy legislation.

Protecting Your Privacy Beyond Social Media: Start With Your Browser

The web browser you use plays a central role in how your data is collected. If you’re using Google Chrome, you are likely handing over enormous amounts of behavioral data by default.

Why Brave Browser Is a Better Choice

• Built-In Blocking: Brave automatically blocks third-party trackers, fingerprinting scripts, and invasive ads.

• No Data Collection: Unlike Chrome, Brave doesn’t track your browsing history or sell your data.

• Tor Integration: It offers a “Private Window with Tor” for true anonymity when needed.

• Speed: By blocking heavy tracking scripts, pages typically load 2-3x faster.

Other Privacy Tools You Should Consider

• Search Engines: Use DuckDuckGo or Startpage instead of Google to avoid search profiling.

• VPNs: Use a reputable VPN (ProtonVPN is my favorite) to mask your IP address.

• Password Managers: 1Password is what I now use and recommend. (Full review coming soon)

• Encrypted Email: Protonmail or similar types of services

• Messaging: Use Signal for end-to-end encrypted chats that collect virtually no metadata.

Take Your Privacy Seriously

This has long been a topic of interest to me, and I look forward to sharing more information on how to maintain privacy online. The new TikTok policy is a wake-up call, but it’s also a symptom of a larger problem. The internet is structured around surveillance, and platforms from Meta to Google thrive on our unexamined digital behavior.

You can fight back. Opt out of behavioral tracking. Switch to privacy-first tools. Exercise your legal rights under state laws. And most importantly, talk about it. Privacy isn’t just a technical setting; it’s a personal act of setting boundaries.

Try it, test it, and tell someone.

Questions? Ask below.

Leave a comment