U.S.-based researcher Christopher Balding says he found evidence that the Chinese Communist Party (CCP) is obtaining data via smart coffee machines that are made in China, warning that such tactics may be employed against U.S. consumers.
Balding, who released a report via New Kite Data Labs, said issues with the Chinese internet-connected coffee machines are allowing CCP officials to collect data on Americans.
“China is really collecting data on really just anything and everything,” he said in the report, which was released this week. “As a manufacturing hub of the world, they can put this capability in all kinds of devices that go out all over the world.”
Some of the insecure coffee machines are made by the Kalerm firm based in Jiangsu, China, which obtains product information, payment data, and other consumer information such as time, location, and other data, according to the report. Within a commercial setting, such as a hotel, those machines could collect routing information and payment types.
In the report, Balding said he won’t disclose how he obtained that information because he doesn’t want the Chinese regime to stop him from learning more about the CCP’s data-collection efforts targeting Americans and others. The report states that the data is collected from consumers inside mainland China, but noted that such Chinese-made smart coffee machines are sold widely in the United States and Europe.
“While we cannot say this company is collecting data on non-Chinese users, all evidence indicates their machines can and do collect data on users outside of Mainland China and store the data in China,” the report reads, according to The Washington Times. “The data is collected at the point of operation from software embedded in the coffee maker.”
The CCP has long pursued policies that force businesses to adhere to its draconian policies and forces them to cooperate with the ruling communist party. Notably, cybersecurity experts have said TikTok users are likely feeding data to the CCP by way of ByteDance, a Beijing-based internet company.
“We must assume that every one of these applications coming from China, Russia, and other declared adversaries of the United States—we have to assume that these applications are weaponized against us,” Casey Fleming, a cyber security expert and CEO of strategic advisory firm BlackOps Partners, told EpochTV in February.
“The Communist Party of China is collecting vast amounts of data. It may not be used against you today. But this information might be used against you, your company, or your country in the future.”
In February, a research fellow with the Atlantic Council think tank said the CCP is using a whole-of-society approach to carry out information operations against the United States.
“The Chinese Communist Party wants China to become a ‘cyber superpower’ and is well on its way to achieving that goal,” research fellow Winnona DeSombre said. “China is a major peer adversary in cyberspace. Its offensive cyber capabilities rival the United States, its operations demonstrate clear development of asymmetric capabilities that enable it to achieve strategic goals, and its cyber defensive capabilities are robust.”