Chinese tech giants have seen numerous allegations regarding how they store users’ data they collect. This week the Indian Government banned 59 Chinese smartphone applications, including social media platforms TikTok, WeChat and Helo. According to the government, experts reported that data of Indian users are transferred abroad without authorization.
The Indian Government’s decision of banning 59 Chinese apps came against the skirmish occurred between Indian and Chinese soldiers at Line of Actual Control (LAC) in Ladakh, causing casualties on both sides. There was immense pressure in New Delhi from media and citizens for a stern and immediate action against the cunning Chinese political ideologies and propaganda.
Nevertheless, the decision to ban Chinese apps is not exclusively linked to the recent skirmish in LAC and a simultaneous military-tension built up in Uttarakhand and Sikkim-Arunachal Pradesh sectors.
The government said the Chinese applications are engaged in activities “prejudicial to sovereignty and integrity of India, defence of India, the security of the state and public order.” The ban has been imposed under Section 69A of the Information Technology Actread with relevant provisions of the Information Technology (Procedure and Safeguards for Blocking of Access of Information by Public) Rules 2009, it said.
These Chinese apps were present for a long time and experts considered threats of privacy and security of users’ data. According to the statement from the Ministry of Electronics and IT (MeitY), various sources and experts suspected the misuse of the Chinese application to steal users’ data and transfer to servers outside India without authorisation.
India is the first country to ban a bouquet of Chinese applications, but not the first country to raise concerns about the threats the smartphone applications pose. Recently, the US national security advisor Robert O’Brien stated that the Chinese apps work under the Communist Party of China to annex its ideological and geopolitical propaganda.
Furthermore, this act from the India Government will encourage other nations to take recognize the threats the Chinese applications pose.
Allegations on Chinese Applications
According to security firm experts, Chinese apps are collecting the most intimate information of users. They use backdoors to obtain data. Robert O’Brien stated this campaign as “micro-targeting”.
The queer Chinese law
In 2017, the CPC passed a law which makes it “obligatory for all Chinese companies operating anywhere in the world to share information it gathers and which can be considered as ‘intelligence’”.
According to a study, experts found at least six black-listed Chinese apps, including Helo, ShareIt, UC Browser, Xender, ask for permissions which have nothing to do with the “proper functioning” of the application.
“This is 45% more than the number of permissions requested by the top 50 global apps,” said Sandeep Rao, co-founder of Pune-based Arrka Consulting.
For instance, UC Browser and Xender ask for location access. It is logical to grant location access to apps like Swiggy or Uber, but what is the significance of gaining location info for a search or to share files. Even a beauty app asks for permission to read SMS!
Transfer Data without authorisation
The study found that on average, these Chinese applications transfer data to around seven outside agencies, with 69% of the data being transferred to the US. TikTok sends data to China Telecom; Vigo Video to Tencent; BeautyPlus to Meitu; and QQ and UC Browser to its parent owned by Alibaba.
TikTok is spyware says Anonymous
Spying on clipboard on iOS devices is too less to talk about the malice activities TikTok is playing with its users. Recently, Anonymous Hackers claim TikTok is spyware working under the Chinese government. An engineer “reverse-engineered” TikTok and found that the app was abusing the privacy of users.
How to remain safe?
It not the case with Chinese applications only. The credibility of an application cannot be solely judged based on the company’s nationality. There are instances of non-Chinese mobile apps posing as notorious malware.
India needs to have a strict privacy law to counter as such unauthorised transfer of users’ data.
“There is no privacy law in India today whereas in the US, there is some legal requirement and in Europe, (there) is the stringent GDPR regime,” said Nadkarni. “Right now, it is like the wild west in India. China has a security law, we don’t have one”.
Users needlessly grant access to permissions. If an app asks absurd permission and you grant access to it. You are voluntarily letting the app to collect sensitive data from your mobile. Always read the permissions and the Agreement policy of an application when installing.
Keep yourself updated about the threats the Govt. releases regarding malicious applications.
Ayush Dubey is an engineering student from IIIT Jabalpur. He has a comprehensive background in technology. Cybersecurity being his primary field of interest. He loves to meet people who are always in a hustle to learn new things.
BlARROW is a unilingual, electronic, free-content site which composes write-ups on issues concerning online security and architecture technology. It is run helpfully by content scholars who write on a broad scope of subjects. Anyone with access to the internet connection and an ache to gain some new useful knowledge can get to these articles. Aside from this, they additionally give Udemy coupons, Appstore Games, and applications, all for free.
So, in case one is curious to learn something new, gain widespread knowledge without drawing a hole in the pocket.