A Tech Transparency Project (TTP) investigation conducted in April revealed the presence on the Apple and Google stores of around twenty VPNs with links to Chinese companies, including Qihoo 360, which was sanctioned in June 2020 by the United States for its connections with the Chinese military.
Suspicious VPNs thrive under the eyes of Apple and Google
Six weeks after the report was published, TTP is sounding the alarm again. More than a dozen of these apps are still among the most downloaded in the United States. These services, which are supposed to protect users' privacy, pose serious national security concerns: Chinese companies can be legally compelled to share data with the Beijing government.
Some apps like Turbo VPN or VPN Proxy Master never mention their ties to China; instead, they use shell companies based in Singapore or elsewhere. Among them, Snap VPN and Signal Secure VPN are developed by Autumn Breeze, a company that is officially independent but… formerly owned by Qihoo 360. Despite this history, Apple and Google continue to host apps linked to this group, including their free versions.
These VPN apps present themselves as free, but they generate significant revenue through in-app purchases and advertising. Apple and Google take a cut of every in-app purchase—up to 30%—which means both giants can directly profit from these shady apps.
Apple's policy stipulates that VPNs must not sell or share user data. However, in practice, nothing prevents a Chinese developer from being subject to the demands of their country's government. On Google's side, the rules are less clear: the company simply asks for transparency on data usage without imposing specific restrictions on VPNs.
Despite the TTP alerts, which nevertheless led to the discreet removal of some of the reported applications, the App Store and the Play Store continue to host several suspect VPNs.
Source: TTP
0 Comments