Generally speaking, I’m in agreement with you, but if the app is accessing a user’s contacts, message threads, photos, calendar events, etcetera that may contain personal data of other people then I see that as a problem because my information could be harvested and I’m not even a TikTok user.
BreakingKayFabe makes a point that should always be considered: the slippery slope. As the powerful make decisions based on ‘for your protection’, there really is nothing off limits thst can’t be done in the name of ‘for your protection’.
But there is one thing that can be done that balances both concerns. It is something that caused Facebook and a number of others to blow a gasket. Make most data sharing a secondary opt in versus completely ensconced in an initial, long, legalistic EULA. While what you do in app is and likely always will be fair game for recording, the secondary Opt in pops up with radio buttons or check boxes that give users the choice to block critical personal info: do you want to allow TikTok to access your location, access your unique smartphone identifier, access your contacts, access your photos, access your browser etc.
One important thing to consider: what TikTok and Chinese government want to do is something invented by and propagated by US companies, specifically Facebook and Google. And while the government interfacing of this massacre data was not originally welcomed by these two companies — vocally not appreciated— both companies now have significant government interfacing. The reason for this is simple, the weight of the US government was placed on them and left them no choice.