TikTok has your children’s home addresses. FaceApp has your photo and the ability to predict what you’ll look like over the course of your life. Your hotel check-in app shows your travel destinations, room preferences, and upcoming stays. This might not seem like a big deal, but all of this data could be allowing other nations to attack the security of Americans through geotargeting, facial recognition, and pattern projection. A smartphone has the potential to be a more useful weapon than a missile.
According to NPR, some foreign nations, such as Saudi Arabia, use information shared across apps to identify dissidents and potential spies or to hack into computers. Additionally, the data collected through apps can be used to create psycho-graphic models—groupings of people based on their shared psychological characteristics—that are deployed in disinformation campaigns.
Apps like the wildly popular TikTok are particularly vulnerable. Owned by a Chinese company, TikTok utilizes an algorithm that can be tuned to distribute news or content that sways public opinion—a form of information control that has proven societal impact. And China’s 2017 national intelligence law contains language that requires companies to comply with intelligence gathering operations if asked.
“China has a very different legal framework and perspective on the rule of law,” says Andrea Little Limbago, chief social scientist at Virtru, an encryption and privacy company. “TikTok claims they do not store data in China, but this is difficult to validate and does not address data privacy concerns prior to February 2019. This is especially relevant as user data could inform intelligence campaigns targeting American citizens.” (You might remember that in February 2019, TikTok was fined for its data privacy usage.)
Given China’s history of data interference and its faulty human rights record, Americans should be concerned about data weaponization.
Adira Levine, cybersecurity fellow at the public policy think tank New America, notes that you should also consider the permissions you are granting when you hit “agree” or when prompted to change your device settings. Such permissions create pathways for other entities, including companies and advertisers, to access the data. The more people who have access to your phone and your data, the less secure you are.
It’s difficult to directly attribute cyberattacks or cyber-spying operations to specific foreign nations. It’s even more difficult to make correlations between apps and nation-state attacks. However, the growing number of cyberattacks and the increasing reports of apps with potential for misuse should raise a red flag.
Ask yourself if it’s really worth giving away your personal data to a company in China just to pass the time with a mindless app. And think about apps before you download them. The only way we’ll be resilient to cyberattacks is for every individual to be more critical of their own phone, their own apps, and their own safety.
You Might Also Like