Relations between the United States and China have been tense for quite some time now, and 2020 is no exception. There have been numerous tense moments between the countries this year, including Trump’s coronavirus finger-pointing, as well the US condemnation of China’s oppressive control over the people of Hong Kong and Xinjiang. These tense relations are centered not only around geopolitics but on the two countries’ fierce tech war around products and services like semiconductors and 5G networks. The most recent stage of this tech race has its spotlights on the popular video-sharing app TikTok, owned by the massive Chinese company ByteDance. Trump has threatened to ban the app unless it’s bought by a US company, a very diplomatically risky move. However, the Trump administration’s rationale for their fear of Chinese apps isn’t entirely unfounded. Given the nation’s complex system of “authoritarian capitalism,” Chinese companies produce apps in ways that may not be safe for Americans. With this in mind, Americans should be cautious of the potential dangers that come with using Chinese software.
Privacy, or the Lack of It
Despite shifting from a planned economic system to a more capitalist market in the 1980s, the Chinese Communist Party still holds control of the country’s politics and, to a large extent, its economy. Given this interesting combination, private companies can be established but only according to party rules. This hasn’t stopped numerous Chinese tech companies, such as Baidu, Tencent, Huawei and others from becoming incredibly profitable. However, this success comes with several caveats.
The CCP’s respect for individuals’ privacy is paltry, especially with regards to cybersecurity. A 2017 cybersecurity law was written deliberately vaguely, allowing the CCP carte blanche to control information. Companies now have to comply with these guidelines, compromising millions of users’ private data. For example, WeChat, Tencent’s highly popular social app, is notorious for surveillance issues — and not only among Chinese users. Messages sent in WeChat outside of China are monitored, and its surveillance capabilities are frighteningly sophisticated.
This phenomenon isn’t limited to huge apps like WeChat. In an article earlier this year, the South China Morning Post reported that 468 million pieces of personal info were siphoned by small financial institutions and sold to customers. TikTok, the most recent app under fire in the US-China tech war, has been scrutinized by US lawmakers and the Department of Defense for nearly a year under national security concerns. These concerns aren’t completely without cause. In 2019, TikTok had to pay a $5.7 million fine to the FTC after violating privacy guidelines for children.
Aside from privacy concerns, Chinese software developers have also garnered a dubious reputation for having many apps containing viruses like malware and ransomware.
In 2017, a malware dubbed “Firewall” was reported to have infected 250 million computers around the world. Firewall, created by Beijing digital marketing firm Rafotech, gives the appearance of being a legitimate piece of software, but it actually manipulates the hosts’ web traffic to generate revenue.
Another example happened during the early stages of the COVID-19 pandemic. Files named “coronavirus.exe” and “novel coronavirus pneumonia.exe” were found circulating through email and WeChat, capitalizing on the fear that has stemmed from the pandemic. Clicking on these files can infect the hardware and allow the virus to siphon information or remote-control the device. These are just two notable examples, but software virus circulation and data breaches are commonplace on a small scale. Notable Chinese apps have security flaws that make it easy for hackers to insert malware. WeChat’s messaging encryption, for example, is programmed in a way that allows vulnerabilities to be exploited. Since WeChat is so widely used outside of China, other popular Chinese apps should be scrutinized before usage as well.
How to Stay Safe
Whether you approve of or oppose bans on apps like TikTok, the choice to stay on Chinese apps — or any app — depends on personal responsibility. Even popular social media sites do not protect users’ privacy perfectly. For those averse to the idea of having their information circulated, especially in the hands of a foreign government like China’s, simply not downloading the app is the best course of action. If downloading the app is absolutely necessary, first do the necessary research. Consult reviews and articles to find out whether the application is safe.
And if you already have these apps installed on your devices, make sure you clearly understand the privacy policies and settings laid out and adjust accordingly.
While the drama surrounding TikTok’s potential ban has more to do with bizarre diplomacy moves than data security, we need to be aware of the tremendous risks inherent in many Chinese apps, including and especially the most popular. It doesn’t take a nationwide ban to maintain our individual cybersecurity — it just takes a little responsibility.