The senators said the VPN apps ‘give the Chinese government access to private information of millions of Americans.’
A bipartisan group of senators has called on Apple and Google to remove China-owned virtual private networks, or VPNs, from their app stores, warning that these apps pose a threat to U.S. national security due to their ties to China’s military.
Sens. Eric Schmitt (R-Mo.) and Elizabeth Warren (D-Mass.), both serving on the Armed Services Committee, sent a letter dated July 24 to Apple CEO Tim Cook and Google CEO Sundar Pichai. The lawmakers expressed concern that some Chinese VPN apps are linked to Qihoo 360, a Chinese cybersecurity company that was added to the Commerce Department’s economic blacklist for supporting the procurement of items for use by the Chinese military.
“Despite these glaring red flags and the publication of reports highlighting the issue more than three months ago, Apple and Google continue to undermine national security by allowing apps that give the Chinese government access to private information of millions of Americans,” the lawmakers wrote, referencing a report published by research group Tech Transparency Project in April.
The research group published an updated report in June, stating that some of the Qihoo 360-linked apps had been removed since its initial report. However, the Apple and Google app stores continued to offer two apps linked to Qihoo 360—Turbo VPN and VPN Proxy Master—while the Google Play Store offered two additional Qihoo 360-connected apps—Snap VPN and Signal Secure VPN—according to the report.
In total, the research group identified 13 China-owned VPN apps in its June report.
Chinese laws, such as the National Intelligence Law of 2017 and the 2021 Data Security Law, authorize the Chinese regime to harvest data from China-based commercial entities, posing privacy risks for American users of apps operated by these companies.
The lawmakers also questioned why Apple and Google had been “profiting from these Chinese-owned apps,” pointing out that the apps included in-app purchases and subscriptions.
“As the United States works to respond to ongoing cyber intrusions by the PLA, including the Salt Typhoon hacks, it is unacceptable that your companies have allowed platforms with known links to the PLA to continue operating unimpeded across our cyberspace,” the lawmakers wrote, referring to the acronym of China’s military, the People’s Liberation Army.
By Frank Fang
