.webp?w=696&resize=696,0&ssl=1 "Cybersecurity Threats Chinese Apps")
The National Security Bureau (NSB) of Taiwan has issued a critical warning about the cybersecurity risks associated with five widely used Chinese-developed mobile applications: Rednote, Weibo, TikTok, WeChat, and Baidu Cloud.
This announcement follows a comprehensive inspection by the Ministry of Justice Investigation Bureau (MJIB) and the Criminal Investigation Bureau (CIB), revealing serious privacy and security violations across all apps.
Extensive Violations Uncovered Through Rigorous Testing
Employing the Basic Information Security Testing Standard for Mobile Applications v4.0, the MJIB and CIB evaluated each app across 15 indicators, grouped into five critical categories: personal data collection, excessive permission usage, data transmission and sharing, system information extraction, and biometric data access.
The results were alarming:
- Rednote failed all 15 security indicators.
- Weibo and TikTok each violated 13 indicators.
- WeChat and Baidu Cloud breached 10 and 9 indicators, respectively.
The violations included unauthorized access to sensitive data such as facial recognition features, screenshots, clipboard contents, contact lists, and users’ location information.
All five apps were found to engage in excessive collection of system information, including device parameters and lists of installed applications, which can be exploited for surveillance or user profiling.
Particularly concerning was the discovery that these apps can harvest and transmit biometric data, including users’ facial features, without explicit consent.
This access greatly exceeds what is necessary for standard app operation and exposes users to significant privacy risks.
Data Transmission to Chinese Servers Raises Geopolitical Concerns
Another critical finding was the routine transmission of user data packets to servers located in mainland China.
Under China’s Cybersecurity Law and National Intelligence Law, local enterprises, by extension, app operators, are legally required to provide user data to state authorities upon request.
This regulatory structure poses a serious threat to Taiwanese users’ privacy, as data intercepted could potentially be used for intelligence or political purposes.
Countries such as the US, Canada, the UK, and India have already issued bans or strong warnings against these and similar Chinese-developed apps.
The European Union has also launched investigations under its stringent General Data Protection Regulation (GDPR) framework, resulting in substantial fines for data protection violations.
Government Response and Public Advisory
In direct response, the Taiwanese government prohibits the use of Chinese-brand information and communication technology products, both hardware and software, in all official institutions.
The NSB urges the public, especially businesses and individuals handling sensitive information, to exercise caution, avoid downloading these high-risk apps, and remain vigilant regarding mobile device security.
The complete inspection reports and violation tables are available for review through the Ministry of Justice Investigation Bureau and the Criminal Investigation Bureau websites.
.webp?resize=1600,900&ssl=1&description=Cybersecurity Threats Chinese Apps - The National Security Bureau (NSB) of Taiwan has issued a critical warning about the cybersecurity risks.){kind=link}