A recent investigation has unveiled an app being used to check foreigners' phones in Xinjiang. Concerns about such tools being used elsewhere in China have also led to a new tool to undermine these surveillance efforts. So how much do you need to fear for your digital privacy in China?
The latest reports -- the result of
The investigation uncovered that Chinese border police have been using a forensics app, called Fengcai or BXAQ, to check the phones of foreign travellers. The app reportedly uses a list of more than 73,000 items to scour devices for various documents, videos, photos and audio. The list includes files related to religion, especially Islam, and some pretty bizarre things like music from Japanese metal band Unholy Grave, according to reports.
The news is the first one to confirm that tools like this have been used against foreigners in addition to Chinese citizens, but rumors and reports about similar apps have been swirling around for a while. In fact, some netizens are already fighting back by building their own tools to counter China’s intrusion into people’s digital privacy.
One app said to be similar to Fengcai is called MFSocket, and an anonymous developer has already created an anti-hack tool to try to thwart it.
The developer told us that a person in China discovered MFSocket after being checked by the police in a subway station.
“I asked him to send it to me,” the person said. “Then I spent an hour writing this thingy.”
The result was
Abacus was unable to verify whether the phone check cited by the developer actually happened. However, in late June, many people in China were alarmed by a
The grainy video showed policemen standing at one of the exits of a Beijing subway station and checking passengers one by one. Beijing police
Harlo Holmes, director of digital security at Freedom of the Press Foundation, noted that run-of-the-mill beat cops usually don't have the forensic know-how to deeply analyze a phone. They could be checking photos of IDs or screening for certain apps and suspicious images, she added. The
“Ultimately, it doesn't matter -- any surveillance, no matter how brief or incomplete, is surveillance,” said Holmes. “And it's an affront to privacy everywhere.”
Even before this incident, MFSocket has been popping up in
The tool is ostensibly being used to combat extremism in China’s Xinjiang province, where the country’s Muslim Uygur minority is heavily monitored and believed to be subjected to
It’s not surprising that there might be multiple apps with this functionality. China is home to quite a few companies that create mobile forensics software.
There is Meiya Pico, the company believed to be behind MFSocket (Abacus has reached out to Meiya Pico and will update if we receive a reply) and
Proponents argue that the tools help find evidence of crimes, such as child pornography. However,
Much of the concern stems from how incredibly invasive it is to search through someone’s personal phone these days. According to the investigation, the Fengcai app collects a phone's calendar entries, phone contacts, call logs and text messages, then uploads it all to a server. MFSocket was found to
But there are ways to protect yourself, which for regular travelers may simply mean limiting the type of content on your phone.
“People who need to take extra precaution gathering media (like photos and video) might want to look for apps that strongly encrypt content, upload them to the cloud immediately, and do not save originals in their unencrypted form directly on the device (i.e. to your media gallery or camera roll),” Holmes said.
As for defending yourself with an anti-police tool, experts warn it’s a solution with its own dangers.