Over the past few years, several Chinese apps have become popular among Indian users, from social media apps such as Helo, Tik Tok to shopping apps such as Club Factory and Shein. However, an independent study by an information security firm based out of Pune has raised concerns over the amount of personal data being collected by these Chinese apps, and in many cases, possibly data which serve no immediate purpose.
In its detailed report, the firm has flagged many aspects that need to be pursued so that the personal data collected by these Chinese companies in no way put the Indian public in any kind of jeopardy in future.
The study conducted by Arrka Consulting, which was commissioned by the Economic Times, took up for review apps such as Helo, Shareit, Tiktok, UC Browser, Vigo Video, Beauty Plus, ClubFactory Everything, NewsDog, UC News and VMate.
A majority of these apps, when downloaded and used by Indians, ask for a lot of information many times not relevant to the app’s functionality. As an example, the study report points out that the UC Browser, which is used by over 130 million Indians, asks for permission to determine precise location of the user. This is completely unnecessary for a browser. Many such apps ask for permission to access the users’ camera and messages and so on.
To put this practice of asking access permissions in perspective the Pune company’s representative points out that the top 50 global apps do not even demand 50% of what the Chinese apps are requesting.
In reality, some of these permissions are even categorized as ‘dangerous’ and what is more critical is with whom are these data shared by these companies. It has been found that they do transfer the data to other entities, largely in the US and some to their parent organisations like the UC Browser sends user data in India to Alibaba, its owner organization. And the recipients of the information are mostly advertisers, who may be paying for this information, and some are analytics companies
Experts point out that it is that lack of a privacy law in the country that these companies are taking advantage of. The only step that has been initiated is to retain all the personal data that the foreign entities capture from Indian citizens on severs within the Indian territory. Some companies like Xiaomi say they have already started working in this direction.