{"id":24131,"date":"2025-06-29T09:21:11","date_gmt":"2025-06-29T09:21:11","guid":{"rendered":"https:\/\/www.europesays.com\/us\/24131\/"},"modified":"2025-06-29T09:21:11","modified_gmt":"2025-06-29T09:21:11","slug":"delete-every-app-thats-on-this-list-risks-are-too-great-2","status":"publish","type":"post","link":"https:\/\/www.europesays.com\/us\/24131\/","title":{"rendered":"Delete Every App That\u2019s On This List\u2014\u2018Risks Are Too Great\u2019"},"content":{"rendered":"

\"Young<\/p>\n

You should never use these apps on your phone.<\/p>\n

getty<\/p>\n

Republished on June 29 with additional analysis on the national security threat. <\/p>\n

Tens of millions of Android and iPhone users are being warned they have installed free apps that leave them at serious risk. Those users could now be sending their sensitive data to companies under the control of the Chinese government.<\/p>\n

Earlier this week, I reported on the list of iPhone and Android apps<\/a> issued by the Tech Transparency Project<\/a> (TTP). These are all VPNs \u2014 virtual private networks. Apps which are meant to make users safer and more secure but are doing the very opposite.<\/p>\n

\u201cMillions of Americans have downloaded apps that secretly route their internet traffic through Chinese companies,\u201d TTP says. It last reported on this threat in April<\/a>, and now says \u201cApple and Google app stores continue to offer private browsing apps that are surreptitiously owned by Chinese companies\u2026 six weeks after they were identified.\u201d<\/p>\n

ForbesSamsung\u2019s Next Android Upgrade\u2014\u2018Even Better\u2019 Than PixelBy Zak Doffman<\/a><\/p>\n

A raft of warnings now have followed that report, urging users to delete the apps. \u201cThe risks are too great\u201d to keep them on your phone, warns Top10VPNs Simon Migliano. \u201cIn light of these findings, I strongly urge users to avoid Chinese-owned VPNs altogether.”<\/p>\n

For its part, Google says it is “committed to compliance with applicable sanctions and trade compliance laws. When we locate accounts that may violate these laws, our related policies or Terms of Service, we take appropriate action.\u201d<\/p>\n

While Apple makes similar assurances, and says it enforces App Store rules but does not differentiate its handling of apps by the location of their developers. It does say where VPNs are concerned that data sharing with third parties is prohibited.<\/p>\n

vpnMentor\u2019s Lisa Taylor says this is \u201cno surprise,\u201d that “China usually uses different methods to gain other countries\u2019 citizen\u2019s personal information, most of which are often covered behind a legal front.\u201d And that \u201cfree VPNs are perfect cover up to these kind of operations,\u201d often recording user activity even when they say they don\u2019t.<\/p>\n

BeyondTrust\u2019s James Maude agrees. \u201cIf you aren\u2019t paying for a product, you are the product. These VPN services are a perfect example of the hidden costs of free apps where users seeking more privacy online are potentially unknowingly feeding data to a foreign nation state out of fear their local coffee shop Wi-Fi is spying on them.\u201d<\/p>\n

While Black Duck\u2019s Vijay Dilwale calls TTP\u2019s report \u201ca sobering wake-up call that VPNs, which claim to protect privacy, can pose very serious security risks, especially when their true ownership is hidden. These apps have access to all user traffic, and when handled by Chinese-based entities, the implications are well beyond individual privacy.\u201d<\/p>\n

TTP reports that all of the VPNs it has identified “are listed as free in the app stores. But during TTP\u2019s May spot check, researchers observed that some of the VPNs offered in-app purchases on top of whatever users get with the ‘free\u2019 app.\u201d<\/p>\n

This lack of transparency, Taylor told me, \u201cis one of the main reasons why we do not recommend free VPNs and we are concerned that with all the content restrictions throughout the world, people are flocking to free VPNs.\u201d<\/p>\n

Migliano says “true internet freedom and privacy depend on transparency and trust. Yet despite being made aware of glaring privacy failures and opaque corporate structures, Google and Apple continue to permit these high-risk apps on their platforms.\u201d<\/p>\n

There are also some more serious national security concerns that have been raised. The nature of these apps on devices with obscure geographical locations and ownership is a major issue when it comes to those handling sensitive data or making their locations.<\/p>\n

ForbesTikTok Removes \u2018Watch For 9 Seconds\u2019 Scam AccountsBy Zak Doffman<\/a><\/p>\n

\u201cRegardless of if the VPN is free,\u201d Maude says, \u201cpaid or linked to a nation state there are always risks involved in trusting a VPN service to truly protect your privacy and much of the demand for these services is driven by fear and a misunderstanding of the security offered by modern web browsing.\u201d<\/p>\n

Cequence Security\u2019s Randolph Barr agrees. \u201cThere\u2019s no question Apple and Google can and should do more to mitigate the national security and privacy risks posed by VPN apps with undisclosed foreign ownership, particularly those tied to hostile nation-states.\u201d Which raises a question around an added layer of app store security.<\/p>\n

\u201cWhile they have frameworks in place for data protection and transparency,\u201d Barr told me, \u201cenforcement is often inconsistent or delayed, especially when developers obscure their true ownership through complex corporate structures. Conducting deeper vetting requires significant legal, technical, and geopolitical effort, something these platforms have been slow to scale.\u201d This leaves a vacuum others may need to fill.<\/p>\n

According to Dilwale, \u201cChinese law requires collaboration with state intelligence efforts by businesses. This is not optional, but legislation. As a result, all information traveling through these apps could possibly be available for the Chinese government to access.\u201d<\/p>\n

As TTP explains, \u201cChina has enacted a series of national security laws over the last decade outlining its access to data held by Chinese companies. Chief among these is the country\u2019s National Intelligence Law of 2017, which requires that China-based organizations and individuals cooperate with state intelligence work.\u201d<\/p>\n

TTP says that \u201caccording to guidance from the U.S. Department of Homeland Security, in practice, this means that Chinese intelligence agencies may demand access to data of U.S. individuals and businesses held by Chinese entities and even compel the creation of backdoors in equipment and software.\u201d<\/p>\n

“In age where identity is the new perimeter these free VPN service that may not only process sensitive browsing data through foreign servers,” Maude says, \u201cbut can also create large peer-to-peer networks of proxy exit nodes can potentially be misused to both target and surveil identities but also provide a mechanism to exploit them using a vast network of exit nodes close by their target.\u201d<\/p>\n

\u201cWorryingly,\u201d Dilwale warns, “the majority of these apps continue to sit in top app stores without complete transparency about their ownership. In some cases, even Apple and Google could also be profiting from them. This is not merely a consumer protection issue. It is a national security issue. Platforms should do more to demand open ownership, stricter vetting for risky applications like VPNs, and reassessing how they make money off of tools that carry this kind of risk.”<\/p>\n

ForbesMicrosoft Confirms 2 Free Offers\u2014Windows Users Must Now ChooseBy Zak Doffman<\/a><\/p>\n

Barr suggests the following mitigating actions, and says if they can\u2019t be handled at app store level, they must be done by organizations needing to control such risks:<\/p>\n