Jonathan Brady / AP

The United States government has opposed the foreign ownership of a social media company for what appears to be the very first time. 

Late last week, Reuters reported that the Trump administration was pushing Beijing Kunlun Tech Co. Ltd to sell Grindr—the California-based dating app for gay, bisexual, and queer men with over 3 million users—because its current ownership “constitutes a national security risk.” Beijing Kunlun, a Chinese gaming firm worth billions, bought a majority stake in Grindr for $53 million in 2016 and acquired it in full in 2018. 

The push is being led by the Committee on Foreign Investment in the United States (CFIUS), a little-known interagency panel that reviews US companies with foreign investors for potential threats to national security. Though the agency could not comment on the investigation—”[b]y law, information filed with CFIUS may not be disclosed by CFIUS to the public,” a Treasury spokesperson wrote to Mother Jones via email—the potential concerns are fairly obvious. Grindr users share some of their most personal information with the app: HIV status, location, sexual identity. That data, per Grindr’s privacy policy, can be shared with its parent company. Meaning, as a researcher wrote after the full acquisition, “it may be possible for Grindr users’ personal data to be transferred to [the government of] China.”

Christopher Parsons, a research associate at the University of Toronto’s Citizen Lab focusing on cybersecurity, notes that “while Grindr is at the hands of a private Chinese company, there is the prospect that the Chinese government could compel Grindr to provide information on some of its users.”  In the wrong hands, he said, “this data could be weaponized.”

READ  Microsoft Security: Password Problem Affecting 44 Million Users Revealed - Forbes

Grindr operates in some countries that consider homosexuality a criminal offense; China even bans the use of the app. The information Grindr collects in such countries could be used for espionage or blackmail right away, Parsons said. HIV information or location data could also be used to “build out profiles and biographies of US government personnel or agents” for the future, Parsons said. The potential implications reach beyond the US—the Chinese government could use Grindr data to apply pressure in economic negotiations with a foreign leader who used the app or to “lead smear campaigns” against a pro-democracy protestor, Parsons said. 

Even so, the original sale didn’t seem to raise much alarm. In a 2016 blog post, CEO Joel Simkhai promised “business as usual” after Beijing Kunlun purchased its majority stake in Grindr. But by January 2018, Kunlun had acquired Grindr in full and Simkhai stepped down, making room for executives from the new Chinese parent company in high positions who, according to an NBC News investigation, implemented harmful practices. Scott Chen, now the CEO of Grindr, switched the some of the company’s communications over to the Chinese messaging app WeChat which “meant they were unable to ensure that the app’s data remained secure,” according to the report. Chen, in an email obtained by NBC, also put forward an HIV research proposal directly connected to the Chinese government’s equivalent of the Center for Disease Control which included placing an “intern” in Grindr’s office. Chen has not seemed to be the best culture fit at Grindr, either; he said in a public Facebook post that he doesn’t support gay marriage, though he added that he does not believe the government should interfere with such unions.

READ  South Australia's new big battery unveiled in bid to improve power security - ABC News

“[I]f you are thinking about blackmailing individuals or compelling people to act in a certain way, [Grindr’s] information is incredibly valuable,” Shanthi Kalathil, director of the International Forum for Democratic Studies at the National Endowment for Democracy, told the Washington Post after the merger. Soon after Senators Edward J. Markey (D-Massachusetts) and Richard Blumenthal (D-Connecticut), both members of the Senate Commerce, Science, and Transportation Committee, sent a letter to the company seeking clarification about its data privacy practices. 

Certainly much less sensitive information has already proven harmful to national security. In 2018, the fitness app Strava published “heat maps” of common running paths across the world and accidentally revealed the location of secret bases in Syria and Afghanistan where troops were regularly jogging. Experts also warn that given Grindr’s ownership, the company’s privacy policy won’t mean much in China. As Guido Noto La Diega, a lecturer on technology at Northumbria University has warned, “where the Chinese law is concerned, user privacy is trumped by security;” for example, a 2017 Chinese law requires companies to “assist and cooperate with the state intelligence work.” Given China’s history of hacking into US systems, like the security breach in 2015 that left millions’ of federal workers’ data exposed, it’s not a stretch to assume that intelligence work could involve collecting data stored by a social media company like Grindr.

Concerns about China’s ability have to gather information via private technologies in the global marketplace are growing in the United States. A long-anticipated 5G expansion from the Chinese firm Huawei has been a Trump administration target; American officials even warned that Trump was considering signing an executive order to bar firms like Huawei from American telecommunication networks. Though that hasn’t yet happened, security experts continue to be vocal about their concerns. Sue Gordon, the deputy to the director of the U.S. intelligence community, said at a conference recently that there are concerns about Americans potentially working on “dirty network” with “technology that we can’t trust.” Six former Pentagon officials wrote in a statement Wednesday they have “grave concerns about a future where a Chinese-developed 5G network is widely adopted.”

READ  Govt to pledge $156m to bolster cyber security - iTWire

The suspicions cut both ways— the Chinese have been saying the same thing about U.S. and Western infrastructure for years. Chinese officials removed American tech giants Cisco and Microsoft from approved lists of technologies after Edward Snowden leaked documents from the NSA that were acquired from Cisco equipment.



READ SOURCE

WHAT YOUR THOUGHTS

Please enter your comment!
Please enter your name here