Q: The Google Play Store removed Baidu Search and Baidu Maps from its shelves last month after security experts found excessive collection of personal information and security vulnerabilities in the two Chinese apps. Baidu Search was restored earlier, but Baidu Maps is still offline. What did Baidu do wrong to cause Google to take such a strong action to remove Baidu Maps?
Li Jianjun: Chinese companies are notorious for their apps that haphazardly transmit personally identifiable information from their phones to track users.
In this case, Baidu is collecting SIM identifier data from users and using it to track them. The danger of this is that when the application collects the information to track the user’s SIM, even if the user changes the phone later, the program can still track the user according to the information obtained, the only way to solve the problem is to change the SIM together. This kind of practice is obviously a serious violation of user privacy, so Google took action to remove the two Baidu programs from the market. However, this incident explains why users should not use apps made by Chinese companies unless they have to, or they will regret it.
Q: Why does Baidu want to know users’ SIM information? In fact, it is already a big problem to track the phone’s IMEI, but now it is also necessary to track the SIM, so what is Baidu’s gourd selling?
Li Jianjun: In fact, the reason why Baidu wants to know the user’s SIM information is not only to make it difficult for users to get rid of Baidu’s tracking, but also because of the special consideration of China’s national conditions. Since all cell phones in China, including prepaid cards, have to adopt the real name system, it is very troublesome for users to change their SIM cards, almost only if the SIM card is damaged or if the user wants to change the SIM card. In addition, Baidu will track your IMEI at the same time, that is, if users want to get rid of Baidu completely, changing SIM card or cell phone alone cannot solve the problem, you must change both at the same time to solve the problem. These measures are ideal for authorities who want to keep tabs on the whereabouts of specific individuals, so we can’t rule out the possibility that this service could be a means for Baidu to cooperate with Chinese authorities in various surveillance operations, including monitoring the movements of overseas individuals. This also explains why Google did not explicitly prohibit the collection of SIM data by apps, but still asked Baidu Search and Baidu Maps to be removed from the service. This is because the technical functions and data collection are already far beyond what is needed for normal commercial applications.
Q: Nowadays, the cell phones of Apple and many other companies have eSIM function. If eSIM function is used, can listeners easily get rid of background monitoring even if they have installed Baidu search application?
Li Jianjun: First of all, Baidu’s two removed applications will track the user’s cell phone IMEI at the same time, so if you do not change your cell phone, it is difficult to get rid of the monitoring simply by relying on eSIM function. On the other hand, if the user is in the western countries, it is very convenient to use eSIM, because many western countries’ telecommunication companies can change the eSIM data as long as the user pays the administrative fee in order to take care of the user’s privacy; however, Chinese telecommunication companies, due to the real name system and the limitation of government regulations, cannot let the user change eSIM at will, so the eSIM data appear on Apple and Google’s new cell phones. The eSIM function only makes it less troublesome for users who use different telecommunication companies or have multiple numbers to change SIM cards.
Q: After Google removed Baidu’s app from the shelves, Baidu Search was improved and has been approved by Google again. Does this mean that Chinese software will not have similar problems in the future and can be used with confidence?
Li Jianjun: Chinese applications have a bad reputation, because Chinese companies often use hidden libraries or functions to collect information in secret. Even if Baidu’s application is allowed to be restored to the shelves, there is no guarantee that there are still a lot of hidden problems.
Recent Comments