This means that Google is enabling Baidu to monitor, track, and data-mine any person who uses a smartphone, tablet PC, connected product, or personal computer (PC) supported by the Android operating system (OS).
Another hugely popular app is WeChat, which is developed by Tencent, a Chinese company that, like Baidu, operates under the close watch of the ruling Chinese Communist Party and must obey its authoritarian monitoring and censorship laws.
The WeChat app is also being actively distributed by Google, Apple, and Microsoft through Google Play, the Apple App Store, and Microsoft’s App Store, respectively. The app is now installed by over a billion people worldwide, including by U.S. citizens.
This means that the Federal Communications Commission (FCC), Federal Trade Commission (FTC), Department of Justice (DOJ), lawmakers, state attorneys general, telecommunications companies, and OS developers are enabling adversarial nation-state companies to indiscriminately surveil and data-mine U.S. citizens by way of protected telecommunications products such as smartphones.
Civil Liberty, Privacy, Cybersecurity, Safety Threats
Per my previous articles, a smartphone is an integrated cellular phone and PC that is supported by protected (due process/Fourth Amendment) telecom infrastructure governed by the FCC.
This means that a smartphone is no less significant than a home or office phone and PC, which are protected by existing consumer, telecom privacy, and confidentiality laws that shield telecom-product users from unwarranted and unauthorized telecom-related surveillance and data-mining.
Thus, any state actor (foreign or domestic) should need to obtain a warrant from a domestic judge or a foreign intelligence surveillance court in order to conduct lawful surveillance and data-mining on a telecom, PC, or connected-product user.
In addition, a company or individual can’t surveil and data-mine a telecom, PC, or connected-product user without express (lawful) consent from the product user.
How many people read all the copious terms and conditions or take the time to find out what an app is asking for access to when they click on “I agree” after installing an app or purchasing a smartphone? Virtually no one. That is what the app and OS developers rely on, and what I believe is a violation of current consumer laws—the user is not knowingly giving express permission to be data-mined.
This is important to note with regard to the level of surveillance and data-mining that is being allowed by multinational companies, including from China, plus other adversarial nations or any other potential bad actor.
Legal Hacking and Malware
The U.S. government, state and local governments, defense contractors, and enterprise corporations protect their telecom and computer networks with state-of-the-art cybersecurity solutions, even as smartphones, tablet PCs, and connected products supported by intrusive apps, such as WeChat, remain unaddressed by cybersecurity professionals.
No network can be secured unless the devices on the network are secure, which they can’t be, because of the predatory nature of apps that employ data-mining technology.
The amount of data that these intrusive apps enable tech giants such as Google, Apple, Microsoft, Tencent, Baidu, Facebook, and Amazon to collect is astonishing and terrifying, to say the least.
The ability for adversarial companies from countries such as China to surveil and data-mine U.S. citizens by way of protected telecom-related products and PCs poses a bigger threat to citizens’ civil liberties, privacy, security, and safety than any threats posed by Huawei and ZTE combined.
Companies such as Baidu and Tencent are being enabled to collect and aggregate highly confidential and protected telecom-related personal and professional information, including surveillance data (e.g. location data), sensitive user data, voice conversations, video of the user, photographs, and even biometric data, such as voice prints, fingerprints, and facial recognition data.
These companies can create a database on every adult, teen, or child who uses a smartphone, tablet PC, connected product, or PC with the apps installed.
Let’s look at the kinds of app permissions granted to Tencent by the WeChat user:
App Permissions Granted to WeChat (Tencent)
Below is a list of surveillance capabilities, coupled with personal and professional information (digital DNA), that Google, Apple, and Microsoft are enabling Tencent to collect, use, share, sell, purchase, and aggregate for financial gain.
Keep in mind that the application permissions below are systemic to most apps.
The following is an example from Microsoft Windows 10. On the Windows Store, the WeChat app is listed as: “This app can access all of your files, peripheral devices, apps, and programs: Permissions info.”
The following is the list of permissions that Microsoft Windows grants to apps, including WeChat:
1. All system resources: Use any and all system resources (such as camera, microphone, or location) without further notification. You can’t control app permissions for individual system resources via the privacy page.
2. Account Info: Access any of your account info.
3. Bluetooth: Activate and use any Bluetooth connections between your device and other devices.
4. Contacts: Access your contacts, people, or address book apps.
5. Calendar: Access your calendars.
6. Call History: Access history of phone calls you made on the device, in Skype or other telephony apps.
7. Email: Access your email and account info for your email accounts.
8. Facial recognition: Activate and use any facial recognition hardware.
9. Fingerprint reader: Activate and use any fingerprint reader hardware.
10. Location: Activate and use the GPS or other location-finding features on your device. Access location data in Maps and other location apps.
11. Messaging: Access your instant messages and account info.
12. Microphone: Activate and use the microphone on your device.
13. Motion: Activate and use the accelerometer or other motion-sensing feature on your device.
14. Music library: Access any music files from the Music library on your device.
15. Near field communications: Activate and use any near field communications connections between your device and other devices.
16. Notifications: Access your notifications, found in action center.
17. Pictures library: Access any picture files from the pictures library on your device.
18. Tasks: Access your task list in Outlook and other task-tracking apps.
19 Video library: Access any video files from the video library on your device.
20. Voice recognition: Activate and use any voice recognition hardware.
21. Webcam: Activate and use the camera on your device.
22. WiFi: Activate and use WiFi connections between your device, the internet, and other devices.
23. Wired connections: Activate and use any wired connections, including Ethernet, USB, and Serial communications between your device, the internet, and other devices.
Microsoft allows WeChat to conduct surveillance on the Microsoft Windows’ user while data-mining an enormous amount of personal and professional surveillance data and sensitive user data in the process.
Microsoft is also enabling Tencent to take full control over the smartphone, tablet PC, and PC’s sensors, such as the accelerometer, and hardware such as the camera and microphone, enabling Tencent to conduct surveillance on the Microsoft product user 24/7, 365 days per year.
This means that Tencent will know when the Microsoft product user is sleeping, sitting, walking, cycling, traveling by car or traveling by air, as long as the user has the smartphone, tablet PC, or laptop with them.
Additionally, Tencent can access the camera and microphone without the user’s consent to conduct audio and video surveillance on the user’s personal and professional activities all day, every day.
The Microsoft app permissions granted to apps such as the WeChat app are similar when it comes to app permissions Google and Apple are granting to Tencent by way of the WeChat app.
I believe that many existing consumer, telecom privacy, and confidentiality laws are being broken by smartphone users, OS developers, and predatory content (app) developers.
For example, when a doctor, lawyer, business professional within the defense industry, or government employee uses their smartphone for official business, these users may be violating existing medical laws, such as HIPAA, client–attorney privilege, or illegally exposing protected business and classified information to numerous unauthorized parties such as Google, Apple, Microsoft, Tencent, Baidu, Amazon, and Facebook.
This issue and further violations of existing laws are discussed in “The Need For an Electronic Bill of Rights: Part 2.”
Rex M. Lee is a privacy and data security consultant and Blackops Partners senior analyst and researcher. Visit him at MySmartPrivacy.com
Views expressed in this article are the opinions of the author and do not necessarily reflect the views of The Epoch Times.