CONFERENCE Cyber AI & Automation Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Compliance

Xinjiang Surveillance App Targets Legal, Everyday Behaviour: Rights Group

Chinese authorities are using a mobile app designed for mass surveillance to profile, investigate and detain Muslims in Xinjiang by labelling “completely lawful” behaviour as suspicious, a Human Rights Watch report said Thursday.

Chinese authorities are using a mobile app designed for mass surveillance to profile, investigate and detain Muslims in Xinjiang by labelling “completely lawful” behaviour as suspicious, a Human Rights Watch report said Thursday.

Beijing has come under international criticism over its policies in the northwest region of Xinjiang, where as many as one million Uighurs and other mostly Muslim minorities are being held in internment camps, according to a group of experts cited by the UN.

Human Rights Watch has previously reported that Xinjiang authorities use a mass surveillance system called the Integrated Joint Operations Platform (IJOP) to gather information from multiple sources, such as facial-recognition cameras, wifi sniffers, police checkpoints, banking records and home visits.

But the new study, entitled “China’s Algorithms of Repression”, worked with a Berlin-based security company to analyse an app connected to the IJOP, showing specific acts targeted by the system.

Xinjiang authorities closely watch 36 categories of behaviour, including those who do not socialise with neighbours, often avoid using the front door, don’t use a smartphone, donate to mosques “enthusiastically”, and use an “abnormal” amount of electricity, the group found.

The app also instructs officers to investigate those related to someone who got a new phone number, or related to others who left the country and have not returned after 30 days.

“Our research shows, for the first time, that Xinjiang police are using illegally gathered information about people’s completely lawful behavior -– and using it against them,” said Maya Wang, senior China researcher at Human Rights Watch.

“The Chinese government is monitoring every aspect of people’s lives in Xinjiang, picking out those it mistrusts, and subjecting them to extra scrutiny.”

Advertisement. Scroll to continue reading.

– “Moving red-line” –

The rights group obtained a copy of the app and enlisted cybersecurity firm Cure53 to “reverse-engineer” it — to disassemble it and look at its design and data — and examined its source code.

Along with collecting personal information the app prompts officials to file reports about people, vehicles and events they find suspect — and sends out “investigative missions” for police to follow up.

Officers are also asked to check whether suspects use any of the 51 internet tools that are deemed suspicious, including foreign messaging platforms popular outside China like WhatsApp, LINE and Telegram.

A number of people said they or their family members have been detained for having software such as WhatsApp or a Virtual Private Network (VPN) installed on their phones during checks by authorities, according to the report.

The rights group said its findings suggest the IJOP system tracks data of everyone in Xinjiang by monitoring location data from their phones, ID cards and vehicles, plus electricity and gas station usage.

“Psychologically, the more people are sure that their actions are monitored and that they, at anytime, can be judged for moving outside of a safe grey-space, the more likely they are to do everything to avoid coming close to crossing a moving red- line,” Samantha Hoffman, an analyst at the Australian Strategic Policy Institute’s International Cyber Policy Centre, told AFP.

“There is no rule of law in China, the Party ultimately decides what is legal and illegal behaviour, and it doesn’t have to be written down.”

The IJOP app was developed by Hebei Far East Communication System Engineering Company (HBFEC), which at the time of the app’s development was fully-owned by China Electronics Technology Group Corporation, a state-owned technology giant (CETC), said Human Rights Watch.

CETC could not be reached and HBFEC did not respond to requests for comment.

Washington last year imposed export controls on key Chinese companies including HBFEC and other institutions under CETC, citing risks to US national security and foreign policy interests.

Greg Walton, an independent cybersecurity expert who advised on the report, said while the system is a “blunt instrument that may be directly contributing to the massive numbers of people in internment camps”, the data if stored could be used in the future for more advanced policing algorithms.

“This means that data collected through the app today may well be analysed in a few years’ time by far more sophisticated logic,” he said.

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

Shanta Kohli has been named CMO at Sysdig.

Cloud security firm Sysdig has appointed Sergej Epp as CISO.

F5 has appointed John Maddison as Chief Product Marketing and Technology Alliances Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.