February 22, 2024


Delighting finance buffs

Are Indians exporting data via Chinese software?

Ever wondered how many permissions you grant when you install a Chinese app on your mobile handsets?

When data is regarded as the vital fuel for digital economy, data-access requests that most Chinese mobile applications make outnumber their non-Chinese alternatives. Either available on the Google Play Store or Apple’s App Store, these applications usually list permissions they require for installation.

A comparative analysis of Play Store information reveals startling facts about the volume of data Chinese applications seek from their users.

Source: Google Play Store

TikTok, owned by Chinese tech company ByteDance, requests around 30 permissions compared to its German counterpart Dubsmash seeking 19 and Scandinavian counterpart Funimate asking for only 13 permissions.

Among the three, TikTok, is the only app that also requests location data via network and GPS coordinates. Location details, in fact, are not paramount to the app whose working is similar to Dubsmash.

Helo, a fast-growing Chinese content-sharing and social-networking application, asks for as many as 39 permissions compared to its main Indian rival ShareChat, which requests 26, Play Store data shows. Here too, Helo seeks location details, which its Indian counterpart does not.

Another popular aspect among the Chinese apps are the games. Games like PUBG (Tencent Games) and Clash of Kings (Elex Wireless) are top of the charts in mobile-game applications in India.

A closer look at their list of permissions show that both request far more number of permissions when compared to their closest rivals/counterparts.

Besides, Clash of Kings also requests location data, which most other games do not.

Chinese video-editing apps like VivaVideo requests location data, which most of its competitors don’t.

Virtual private network applications like TurboVPN are used by many to bypass access to websites banned in India and also use services like Netflix from a different country for additional movie titles.

The site VPN Mentor talks about the privacy issues of this application, where even though the official site of Turbo VPN advertises its product as a “no-log” service. A closer look at the privacy policy of the application shows a long list of data it collects.

When it comes to collaborative tools, especially during this pandemic, Zoom has been one of the most preferred platforms for video conferencing.

But recent concerns in terms of privacy and safety of the application — developed by a Chinese-American billionaire in the United States — has resulted in the UK’s NHS, SpaceX, Google, NASA, schools in USA, Singapore and governments of Germany and India restricting its use for official purposes.

The platform has been accused of lacking high-end encryption, especially for calls made by free users, and privacy breaches.

Back in 2017, the Indian home ministry warned that as many as 40 Chinese applications could be part of a cyber-attack in the near future. The advisory came in the wake of intelligence inputs.

The advisory said, “as per reliable inputs, a number of android/IOS apps developed by Chinese developers or having Chinese links are reportedly either spyware or other malicious ware. Use of these apps by our force personnel can be detrimental to data security having implications on the force and national security.”

India does not have strong privacy laws like the US or Europe. It is high time the Indian government enacted stricter data protection statues.

China’s India Investment Landscape

Chinese companies have made modest investments across different sectors and firms in India.

Over the last 20 years, around 70 percent of India’s FDI has come from countries like Mauritius, Singapore, Japan, the Netherlands and the USA. China’s share stands at 0.52 percent of these FDIs.

But Chinese funds over the last five years or so have been invested in key areas of hardware manufacturing, the Internet and data-based organisations.

Here’s a peek at the famous Indian firms that Chinese investors have a stake in:

Right from e-commerce, online tutorials, education, communication apps, finance, share trading and so forth, Chinese bigwigs like Alibaba, Tencent Holdings and Shunwei Capital (Xiaomi) have made key investments into nascent start-ups, unicorns and established firms based out of India.

Chinese investors may not have direct access to Indian data, but the Chinese inroads into these key sectors render the digital wealth vulnerable.

The Indian smartphone market a decade or so ago was, for example, purely about Nokia (Finland), Samsung (South Korea) and Apple (the USA).

With Nokia exiting the race, the gap was immediately filled by the emergence of Chinese players.

Now, they have become market leaders, with the likes of Xiaomi, OnePlus, OPPO, Vivo, Huawei and Realme greatly succeeding in offering cheaper but feature-filled smartphones.

Some of these firms have also ventured into TV manufacturing, fitness gears, portable chargers and other electronic add-ons.

Many of the Indian Internet routers and modems are Chinese made.

Companies like Tenda, TP-Link, Huawei and ZTE are Chinese firms that are leaders in this region when it comes to supplying routers and modems.

Again, there is an infinite amount of data involved in all of this.

Many Chinese mobile manufacturers have often been accused of sharing data from phones back to China.

In 2018, a Huawei phone spying scandal came to light when the Huawei phones were banned by networks like Verizon and AT&T in the United States.

Later, many other countries have banned Huawei from providing equipment for their 5G network rollouts.

In the UK, the company BT has even removed Huawei equipment from key parts of their 4G network. Cyber-espionage is seen as a real concern with it comes to Chinese manufactures.

“Mitron” not an ideal alternative

Prime Minister Narendra Modi’s call for an “Atmanirbhar Bharat” gave rise to a lot of discussion on how India as a nation can cut down on imports, especially when it comes to reliance on the Chinese market.

This became ever more pertinent with the Ladakh stand-offs.

The recent event of China’s central bank raising its stake in HDFC to 1.01 percent made agencies focus on the small but definitive nature of investments by Chinese firms into Indian companies.

The ideal situation for India will be to have the choice to install home-grown applications that store data in Indian servers.

An application named “Mitron” topped the popularity charts recently where it was seen as a popular Indian alternative for TikTok.

It was suddenly removed from the Google Play store primarily over security and firewall-related loopholes.

On digging further, it has emerged that the company behind the “Mitron” app was a mysterious entity and that the source code of the same was bought from a Pakistan-based application development firm called “Qboxus”.

Given the similarity of the app to TikTok and that it was named after a very popular term often used by Prime Minister Modi, the application became an overnight hit, notching more than 5 million downloads. The same was shared as a success story on Qboxus’s website.

Ever since the news of the stand-off between India and China surfaced, many Indians have called for a boycott of Chinese products.

A Jaipur-based firm called OneTouchAppLabs came up with a very light and simple application that claimed to be help identify and uninstall applications that have their origins in China.

It was called as the “Remove China Apps” application. The app had over 50 lakh downloads before being removed by Google.

The Google policies for removing an application, in general, lists the below point as a major influence:

“Deceptive Device Settings Changes: We do not allow:

  • Apps that mislead users into removing or disabling third-party apps or modifying device settings or features.
  • Apps that encourage or incentivize users into removing or disabling third-party apps or modifying device settings or features unless it is part of a verifiable security service.”

Developing efficient and safe mobile applications is not a difficult goal to accomplish.

India is expected to make greater strides in digital space, with greater safety and accountability around data consumption. And that’s doable, given the country itself has always been one of the leading exporters of software around the world.

(The writer is a Singapore-based Open-Source Intelligence analyst)

Source Article