This article is part of a series on corporate surveillance, highlighting civil liberty, privacy, cybersecurity, safety, and tech-product user exploitation threats associated with connected products that are supported by the Android (Google) OS, Apple iOS, and Microsoft Windows OS.
In part 1 of this article, Business Users of Smartphones May be Breaking the Law, I addressed the use of smartphones within a confidential and protected environment such as the defense industry, critical infrastructure, government, and legal and medical profession.
My findings, coupled with admissions made by T-Mobile and Verizon, led to the conclusion that smartphones, tablet PCs, voice-automated assistants, connected products, and PCs supported by surveillance and data-mining business practices should not be used within a confidential and protected environment.
All products concerned are supported by intrusive pre-installed content that will leak confidential and protected telecommunications, information, and data to numerous unauthorized third-parties such as AT&T, T-Mobile, Verizon, Sprint, Google, Apple, Microsoft, Samsung, Facebook, Amazon, Baidu, and other telecom and tech giants.
The article concluded that it may, in fact, be illegal to use any smartphone or connected technology supported by surveillance and data-mining content, such as apps, within a confidential and protected environment governed by confidentiality agreements, non-disclosure agreements (NDAs), industry and federal cyber security standards, federal information processing standards (FIPS), and confidentiality laws that govern medical information, client–attorney privilege, and classified information.
China Has Access to Your Data
As a result of uncontrollable pre-installed content, such as intrusive apps, smartphone and connected technology users are unaware that many multinational companies, including nation-state companies from China, are enabled by companies such as Google to simultaneously monitor, track, and data mine the user for financial gain.
This means that at any given time, a smartphone or connected-product user is being simultaneously surveilled and data mined by as many as 15 or more multinational companies, including nation-state companies from China such as Baidu.
It does not matter to companies such as Google if the smartphone and connected-product user is an adult, teen, child, business professional, doctor, attorney, CEO, member of law enforcement/military, judge, journalist, or a government employee, official, or even a law maker.
It does not matter to companies such as Google if the pre-installed content developers, including developers such as Baidu, are collecting personal and professional information known as the product-user’s digital DNA.
Companies such as Baidu are not restricted by companies such as Google in regards to how much of a product-user’s digital DNA they can collect to exploit for financial gain.
For example, companies such as Baidu are enabled to indiscriminately collect information such as the user’s ID, location data, messaging (text, instant, email, etc.), email attachments, motion data, health and fitness data, contacts, calendar events, account information (medical, banking, etc.), auto telematics (a car’s speed), plus other highly confidential information.
Companies such as Google do not restrict the surveillance and data mining conducted by companies that purchase access to the Google-product user.
This means that companies such as Google are enabling content developers, including nation-state companies from China, to indiscriminately collect, use, share, sell, purchase, and aggregate a product-user’s digital DNA for financial gain, including telecom-related confidential and protected digital DNA.
Note, I’m not suggesting Google is the only company guilty of selling access to the smartphone and connected-technology user.
Apple and Microsoft also sell access to their operating system (OS)-driven product users. Selling access to smartphone and connected-technology users is a privacy and cyber security threat that is systemic to OS developers in general.
Smartphones and connected technology supported by the Android OS, Apple iOS, and Microsoft Windows OS are designed for consumerism and entertainment, which means that all products concerned are not designed to support private, secure, and safe telecommunications and computing, as admitted by Verizon and T-Mobile.
Companies such as Baidu pay companies such as Google, Apple, and Microsoft large sums of money to gain access to telecommunication subscribers (individuals and businesses) and authorized device users (spouse, child, employee, etc.) from around the world, including here in the United States.
Companies such as Google, Apple, and Microsoft state that each company does not sell their product users’ identifiable personal information, which is highly misleading, because each company sells access to their product users, creating privacy and cyber security threats to the product user.
This means that the Google, Apple, and Microsoft product user is sold to the highest bidders, who can pay for access to the user by way of uncontrollable pre-installed content, such as intrusive apps that are designed to enable the content developer with the ability to indiscriminately surveil and data mine the product user for financial gain.
However, Google sells access to the Android OS-supported technology user to companies such as Baidu.
Baidu in turn develops intrusive and exploitative content such as a web browser, app, or a widget that is programmed to enable Baidu with the ability to exploit the user for financial gain.
Companies such as Google and Baidu program their content to take full control of the host device, such as a smartphone or tablet PC, so that the content developer can indiscriminately surveil and data mine the host device user.
This means that Google enables content developers such as Baidu to identify the Google-product user while enabling Baidu to share the Android app user’s identifiable information with others.
In other words, Google puts the liability onto companies such as Baidu concerning what information Google allows content developers to collect, including the user’s identifiable personal information, such as the user’s personal ID and profile information, including contact information.
Don’t take my word for these claims: The Google application legalese explains Google’s Android app policy better than I can.
Here’s the Android application legalese for “Your Personal Information” from pre-installed Android content on a Samsung Galaxy Note smartphone running the Android OS: “Allows apps to read personal profile information stored on your device, such as your name and contact information. This means apps can identify you and may share your profile information with others.”
The Google–Baidu relationship is only one example of many Google, Apple, and Microsoft relationships that pose an existential threat to a smartphone and connected-technology users’ civil liberties, privacy, cyber security, and safety.
The threat is also relevant to the national security of the United States in general.
For example, the Google–Baidu relationship poses an existential threat to all telecommunications and computing associated with IT networks that are supported by protected (due process/Fourth Amendment) telecom infrastructure governed by the FCC.
The Google–Baidu relationship also poses a threat to the economy of the United States, because companies such as Google and Baidu compete in many industries worldwide against U.S. companies.
Why is the Google–Baidu relationship a threat to all U.S. citizens? Because Google is enabling Baidu to indiscriminately monitor, track, and data mine U.S. telecommunication subscribers and authorized device users by way of the telecom-product user’s smartphone, tablet PC, or connected product that is supported by protected telecom infrastructure governed by the FCC.
Exposing confidential and protected telecom-related information to Google plus Google’s affiliates and content developers such as Baidu poses threats to fair business competition, intellectual property (IP), innovation, trade secrets, sensitive information, data, and privacy.
To put the threats into perspective, allowing a foreign company to surveil and data mine telecom-product users would have been the equivalent of a U.S telecom company selling access to U.S. telecom subscribers (individuals, business, and government) and authorized home phone users to a German telecom provider pre-World War II.
Relevant to Google, Apple, and Microsoft’s business practices today, a deal between U.S. and German telecom providers pre-World War II would have enabled the German telecom provider to indiscriminately monitor, track, and data mine content from home and office telephones to use, share, sell, and aggregate for financial gain, of which the German telecom provider could have used the profits and telecom information to wage economic war as well as war in general against the United States.
That a nation-state company from China can deploy intrusive apps on telecom-related devices such as smartphones and PCs that are supported by protected telecom infrastructure governed by the FCC is beyond my comprehension in terms of civil liberties, privacy, cyber security, and safety.
The DOD, DHS, law makers, and the FCC need to investigate relationships between telecom providers, tech providers, and nation-state companies from Russia, China, North Korea or any other country that can conduct economic war as well as war against the United States.
Google, Apple, and Microsoft Killed Privacy and Cyber Security
The FTC, FCC, DHS, DOJ, and law makers were asleep at the wheel when Apple first launched the iPhone 10 years ago, enabling Apple and their business partners to indiscriminately surveil and data mine U.S. telecom subscribers and authorized device users for financial gain.
That decision to allow Apple to surveil and data mine U.S. citizens by way of smartphones, tablet PCs, and PCs killed privacy and cyber security associated with any IT network supported by protected telecom infrastructure governed by the FCC.
Unfortunately, Google and Microsoft wanted to compete, so each company developed a smartphone OS that is also supported by intrusive content that is programmed to enable the content developer with the ability to surveil and data mine the telecom-product user for financial gain.
Google, Apple, and Microsoft control the OS market pertaining to smartphones, table PCs, connected products, and PCs in general. This means that the OS developers control what content is pre-installed into all products, plus what content is distributed through online app stores owned by all three OS developers.
I do not think that Google, Apple, and Microsoft have intentionally set out to kill privacy and cyber security, but due to the profits made by cultivating smartphone, tablet PC, and connected-product users’ personal and professional surveillance data (e.g. location data) and sensitive user data, they have opened Pandora’s Box in regards to unsecure telecommunications and computing nationwide.
Senior executives at Google, Apple, and Microsoft need to realize that all three companies have killed privacy and cyber security associated with smartphones, tablet PCs, connected products, and PCs that are supported by surveillance and data-mining business practices.
Likewise, law makers and government officials at the FTC, FCC, DHS, DOJ, DOD, National Security Agency (NSA) plus other relevant agencies need to understand the civil liberty, privacy, cyber security, safety, and tech-product user exploitation threats posed by telecom-related surveillance and data-mining business practices rooted in surveillance capitalism.
Telecom providers such as AT&T, Verizon, T-Mobile, and Sprint, also need to understand all threats concerned as they are the conduit to the telecom subscriber and authorized device user.
Telecom providers, law makers, and all agencies concerned need to take action now to address the numerous violations of laws plus all threats that are associated with indiscriminate telecom-related surveillance and data-mining business practices.
Another negative impact has been the impact on IT network security nationwide. Government entities and companies are spending billions on privacy and cyber security solutions that protect their IT networks from domestic and foreign threats posed by individuals, corporations (espionage), and state actors.
However, devices such as smartphones that are used for day-to-day telecommunications and computing are bleeding confidential and protected telecommunications, information, and data to numerous unauthorized third-parties that include multinational companies and nation-state companies from China.
Intelligence, privacy, and cyber security experts worldwide have identified the same threats that I’ve exposed, plus many more threats associated with leaky telecom hardware, software, applications, infrastructure, and technology.
In light of the collective threats that privacy and cyber security experts have identified worldwide, telecom providers plus the U.S. government are turning a blind eye to relationships between U.S. tech developers such as Google and nation-state companies such as Baidu, which is a mistake that could have already cost the U.S. economy billions in lost opportunity to nation-state Chinese companies.
This issue is being raised by other intelligence, privacy, and cyber security experts worldwide, such as T. Casey Fleming, CEO of BlackOps Partners.
“One strategic goal of the Chinese Communist Party (CCP) is ‘technological sovereignty’ where the CCP is moving to internalize all technology innovation and distribute it for the purpose of ‘espionage and command and control’ of technology in all Western countries,” Fleming, a top intelligence and cyber strategy adviser, said.
“On the path to 100 percent technological sovereignty, the CCP employs an interim strategy to embed spyware in one of many layers of technology in manufactured items. This is accomplished by embedding spyware in firmware, microcode, or software in technology products that are manufactured in China. If the CCP doesn’t manufacture it, they employ malware methods to facilitate espionage while they complete technological sovereignty.”
BlackOps Partners advises Fortune 500 companies, government, and other think tanks on these matters and is 100 percent correct. Fleming just described how nation-state companies from China use malware to facilitate espionage.
I suggest that the FTC, FCC, DHS, law makers, and senior executives that work for telecom providers and data-driven technology providers such as Google reach out to the intelligence, privacy, and cyber security community to work together regarding the development of private, secure, and safe smartphones and connected technology that can be used within a confidential and protected environment.
Tough questions need to be asked.
Companies such as Google are enabling nation-state companies from China such as Baidu with the ability to indiscriminately monitor, track, and data mine the U.S. telecom-product user for financial gain at the expense of the telecom-product user’s civil liberties, privacy, cyber security, and safety. Why?
The public needs to be asking the following questions:
- Who at AT&T, Verizon, T-Mobile, and Sprint is auditing the pre-installed content that supports the smartphones, tablet PCs, and connected products that the telecom providers sell to the general public, enterprise business, and the U.S. government?
- Who at AT&T, Verizon, T-Mobile, Sprint, Google, Apple, and Microsoft is auditing the third-party content that companies such as Baidu distribute though their app stores on the internet?
- Who within our government is keeping an eye on Google, Apple, and Microsoft?
- As I’ve asked in previous articles, who is protecting us?
Failure to Protect U.S. Citizens
Companies such as Baidu have been paying Google to gain access to Google-product users for years now without being challenged by the FTC, FCC, DHS, DOJ, DOD, state attorneys general, telecom providers, or any other relevant agency within the United States.
In regards to ZTE and Huawei, the U.S. government has taken action to stop ZTE and Huawei from selling leaky telecom-related equipment that is supported by surveillance and data-mining technology.
Just recently, Huawei’s CFO, Meng Wanzhou, was arrested for allegedly violating sanctions set against Iran.
What about Google and Baidu? The U.S. government should investigate if Google and/or Baidu are distributing content developed by Baidu to Iran, or any other technology both companies are responsible for developing.
As it stands now, it looks like the U.S. government is just focused on Chinese telecom and tech companies such as ZTE and Huawei, while companies such as Baidu freely gain access to telecom and tech users worldwide by way of data-driven technology providers such as Google.
The U.S. government needs to realize that Baidu develops telecom-related surveillance and data-mining content, which in turn supports Android-driven smartphones, tablet PCs, and connected products that are being used by telecom-product users worldwide, including in the United States.
It is time that U.S. citizens, including business leaders, demand changes that include protection from predatory surveillance and data-mining business practices that can bring harm to the telecom-product user.
According to the admissions made by T-Mobile and Verizon, telecom providers such as AT&T, Verizon, T-Mobile, and Sprint are selling unsecure and unsafe telecommunication products that are supported by predatory surveillance and data-mining business practices to U.S. citizens, businesses, and government entities at all levels, including the military.
Telecom providers, government officials, and law makers need to address predatory surveillance and data-mining business practices associated with smartphones, tablet PCs, voice-automated assistants, connected products, and PCs in general.
In part 3 of this article, I will be addressing a conflict of interest between telecom providers and data-driven OS and content developers who compete in multiple industries worldwide, such as Google.
Rex M. Lee is a privacy and data security consultant and Blackops Partners senior analyst and researcher: www.MySmartPrivacy.com
Views expressed in this article are the opinions of the author and do not necessarily reflect the views of The Epoch Times.