- Users tend to use the same passwords across apps. It would be trivial for TikTok to provide an email + password combo to CCP.
- Until 2020, the tiktok iOS app was accessing the system clipboard at all times that TikTok was running (even in the background) https://www.theverge.com/2020/6/26/21304228/tiktok-security-...
- A sort of vague concern that because CCP can easily compel Chinese companies, it could easily compel TikTok to show / not-show various content to American users. (this could stir political tensions, misinformation etc).
- TikTok (and by extension CPP) could access any content/messages that the app has access to. E.g. Phone contacts (if permission given), private messages sent on TikTok app (possibly even if just typed but not sent).
What else?