When news emerged last July that residents in Xinjiang, located in the northwestern frontiers of China, were required to install a surveillance app on their mobile phones, it drew the attention of the Open Technology Fund (OTF), a U.S. government-funded program that researches and develops internet freedom technology.
On April 9, the OTF published an analysis of the app’s tech capabilities, revealing the great breadth with which the app can track and monitor a phone user’s activities.
In July 2017, Radio Free Asia (RFA) first reported that authorities in the Tianshan district of Urumqi City, the capital of Xinjiang, had issued a notice to residents requesting that all Android phone users in Urumqi download an app called Jingwang Weishi, which translates to “defender of a clean internet” in Chinese.
The app was developed in conjunction with Urumqi police and a Chinese tech company, according to a copy of the notice obtained by RFA.
The app is able to detect “harmful audio, video, photos, ebooks, and other electronic files” related to “violence, terror, and illegal religions,” it said. The app then prompts the user to delete the files. If the user does not delete them promptly, “the user will be held responsible by law.”
The region of Xinjiang has long been the subject of iron-fisted suppression by the Chinese regime. In recent years, violence between the Uyghur ethnic minority and Han Chinese, who are the ethnic majority in China, has been met with harsh police tactics.
Xinjiang residents are subject to surveillance in their everyday lives—from constant security presence in public areas, to requirements to register their ID information for store purchases. In recent months, residents have been detained in “political education centers,” where they are forced to view propaganda content promoting the regime’s version of Chinese identity, according to Human Rights Watch.
The new app is the regime’s latest form of surveillance using high-tech innovation. The mention of “terror” in the notice could be a reference to the Chinese regime’s labeling of Uyghurs—a majority of whom are Muslim—as a terror threat, which has been the regime’s justification for persecuting the ethnic group and suppressing their faith.
In July, RFA had reported that 10 women of Kazakh ethnicity were arrested after downloading the app. The police said their crime was posting content the authorities deemed inappropriate on WeChat, a popular Chinese social media platform.
The OTF conducted a security audit of the app and found that it could extract information about the phone’s model, subscriber ID, filenames, and other specs. This allows a third party to easily track the mobile device and its contents.
When the app is installed, every file stored on the mobile device is sent to a government server for monitoring.
The app scans the device’s external storage for files, recording the names, sizes, pathways, and other specs, then compares them to a list of identifiers from the server. If the app identifies a “suspect” file, it will prompt the user to delete it.
The OTF also found that the information sent to the government server was in plain text, which meant “someone with a trivial amount of technical knowledge” could easily intercept and manipulate the data.
“Such techniques could be easily extended across the Chinese population or to other repressive environments,” the OTF warned.
The organization published the list of the app’s targeted identifiers in the hope that tech experts could help determine what types of content the app has deemed “dangerous.”