Why foreign users are still staying away from Chinese apps
Concerns over censorship and data privacy overshadow the global ambitions of Chinese tech companies
Chinese technology companies with global ambitions still share one common hurdle: to guarantee they can protect users’ private data, despite Beijing’s notorious internet controls.
From cellphone makers to social media platforms to photo-editing apps, Chinese internet products frequently stir up privacy controversies when they tap overseas markets.
The latest to come under the spotlight is an app that applies virtual makeup on selfies.
Meitu has been popular in China for years with its parent company launching a US$630 million initial public offering in Hong Kong last year.
Its recent rise to fame in the west, however, was followed by media reports suggesting the beauty app could be selling people’s personal and phone information.
The company has strongly refuted the claims, but knowing their data was being sent to China was enough to scare off some security-nervous consumers abroad.
“They may have prejudices against mainland China,” Meitu’s chairman Cai Wensheng said at a media briefing earlier this month. “Our company is in China. Of course most of our servers are based there.”
Meitu’s experience highlights a continued deep distrust in Chinese IT products among foreign consumers, especially as Chinese government continues to tighten its grips in the cyberspace.
To get past this global perception of the country’s strict internet censorship, analysts say mainland tech companies must commit themselves to more transparency, to win over the hearts and minds of overseas users.
Security concerns are not new to China’s tech sector, of course.
Telecom gears made by Huawei and ZTE were labelled national security threats by the US government in 2012, while phonemaker Xiaomi faced data privacy investigations in Taiwan and Singapore.
New internet regulations issued by Beijing only added to the worries that mainland products pose privacy threats
A controversial cyber security law passed in November requires internet operators to store internet logs for at least six months and provide “technical support” to any investigations involving potential crime or national security.
During the Meitu controversy, technology bloggers and security commenters based their suspicions on a regulation issued in June last year requiring China’s app developers to verify users’ identities and save their activity logs for 60 days.
Both rules state they apply to those that provide internet services within China, without specifying how data from foreign users of Chinese companies is handled.
But foreign businesses have raised their concerns that such laws will be used to force tech firms to hand over data.
Joel Snyder, senior partner at US IT consulting firm Opus One, said many western consumers remain worried that Chinese companies do not follow the moral code in protecting users’ privacy.
“Most US and European consumers believe that the Chinese government has its hands in every software and hardware company and that there are numerous ways in which private information might be compromised in favour of the government and the Communist Party,” Snyder said in an email to the South China Morning Post.
Heavy online censorship by Beijing has also hurt the image of Chinese tech companies.
The country’s most popular instant-messaging app WeChat was found to be blocking keywords that Beijing deemed harmful, according to a November study by the University of Toronto’s Citizen Lab.
Its parent company Tencent has insisted it complies with the local laws and regulations in which is operates.
Although the study also shows censors do not act on accounts registered with overseas phone numbers, many outside of the mainland are still concerned what they say to their friends on WeChat can be filtered out or even monitored.
Queenie Wong, 22, who works for an accounting firm in Hong Kong, said she uses Whatsapp and Facebook’s Messenger instead of WeChat to avoid censorship.
“Overall I’m not too confident about mainland apps,” Wong said. “The government controls the internet. I don’t want my private information to be sent there.”
Wong’s concerns are shared by many of her family and friends.
In Hong Kong, Tencent used to give out freebies and have local celebrities star in advertisements to boost the popularity of WeChat.
But it has so far failed to beat Whatsapp, which promises that messages cannot be read by third-parties with its end-to-end encryption.
Some have taken action to address such concerns. Xiaomi in 2014 shifted some of its data on non-Chinese customers from servers in Beijing to those in the US and Singapore.
Its vice president Hugo Barra at the time said on his blog that the data migration “better equips us to maintain high privacy standards and comply with local data protection regulations”.
“This is a very high priority for Xiaomi as we expand into new markets over the next few years.”
Following the most recent accusations against Meitu, it issued a statement explaining how it uses customer phone data to track app performances and customise in-app advertisements. Its chairman said the company is also considering setting up servers in Hong Kong and the US.
“We pay great attention to privacy,” Cai said. “If a company fails in this area, it will not be able to develop, especially when targeting overseas users.”
Internet experts say security risks are not unique to Chinese products, and mainland tech companies can change the negative perception with stronger and more transparent security practices.
Lam Kwok-yan, cyber security researcher at the Nanyang Technological University in Singapore, says apps or mobile phones will put their users at risk if they contain malware or fail to ensure secure data transmission – regardless of the country in which they are developed.
“Tight control of the internet does not necessarily lead to insecure products,” Lam said.
“You see hacking and cyber security news almost every day. Cyber security is a problem faced by all countries.”
Lam said to convince overseas users their products are safe, Chinese firms should adopt international security standards in developing the apps, testing them and handling user’s information.
Snyder also said mainland internet companies should exercise transparent security measures to gain the trust of western consumers.
“The key factor here is reputation,” he said.
“Chinese companies have made no great effort in building their reputation as developers and as trusted sources in US and European markets.”