Taiwan’s National Security Bureau (NSB) has issued a stark warning regarding several popular Chinese-developed mobile applications, citing serious data security violations and urging citizens to exercise extreme caution. A recent complete inspection revealed that these apps engage in excessive data collection and transmit sensitive user information back to servers located in mainland China, posing significant privacy and national security risks.
The NSB, in a joint investigation with the Ministry of Justice Investigation Bureau and the Criminal Investigation Bureau, scrutinized five widely used Chinese social media platforms: RedNote (Xiaohongshu), Weibo, TikTok, WeChat, and Baidu Cloud. The apps were evaluated against 15 indicators across five categories, including personal data collection, excessive permission usage, data transmission and sharing, system information extraction, and access to biometric data.
The findings were alarming. RedNote was identified as the most egregious offender, failing to meet all 15 indicators. Weibo and TikTok were found to violate 13 of the criteria, while WeChat and Baidu Cloud breached 10 and 9 indicators respectively. The violations encompassed unauthorized access to facial recognition data, screenshots, clipboard contents, contact lists, and location information. Furthermore, these apps were found to harvest lists of installed applications and device parameters, and crucially, all five transmitted data packets to servers in China.
The NSB highlighted that under China’s Cybersecurity Law and National Intelligence Law, Chinese enterprises are legally obligated to turn over user data to authorities for national security, public security, and intelligence purposes. This legal framework, the NSB stated, means that data collected from Taiwanese users could be readily accessed by Chinese intelligence agencies, significantly compromising the privacy of individuals and potentially corporate business secrets.
While Taiwan has had a ban on TikTok, Douyin, and RedNote on government devices since 2019 due to national security concerns, private use has remained unrestricted. The latest findings serve as a renewed and intensified call for public vigilance. The NSB strongly advised Taiwanese citizens to “remain vigilant regarding mobile device security and avoid downloading China-made apps that pose cybersecurity risks, to protect personal data privacy and corporate business secrets.”
This warning from Taipei comes amidst growing global concerns over Chinese-owned apps and their data practices, with several Western nations, including the US, UK, Canada, and the EU, having imposed bans or launched investigations into similar platforms. The latest revelations from Taiwan underscore the ongoing geopolitical complexities surrounding digital sovereignty and data protection in the region.
