When you download an app from the App Store or Play Store, how much research do you do ahead of time? Do you see who makes the app and where that company is based? Do you scan an app’s privacy policy to make sure your data is handled responsibly? You probably won’t, but, as it turns out, the FBI wants you to.
The FBI issued the warning last Tuesday Regarding “Foreign-Developer Mobile Application(s)”. (Thanks to the FBI for that clarification.) The FBI’s thesis is this: Many popular apps in the US aren’t developed here—instead, they’re often developed and maintained by foreign companies. Now, these discussions can veer dangerously close to xenophobic, especially given the current US administration, but some of the FBI’s concerns are legitimate. The FBI’s main issue is with the security laws of countries like China, which the FBI says could allow the Chinese government to access US user data. This caused a concern TikTok banAnd why the platform is now majority-US owned.
In its PSA, the FBI highlights how some apps will encourage you to invite friends or contacts to use the app. The companies behind those apps may store contact information, including names, email addresses, phone numbers, user IDs, and home addresses. Even if you, personally, do not use the Application, or share your contact information with the Application, any other person who does It may share your contact information itself. The FBI also points to the privacy policies of some apps, which acknowledge that data is stored in Chinese-based servers “for as long as the developers deem necessary.” Finally, some apps may contain malware that exploits security vulnerabilities in your devices’ operating systems. The FBI highlights that this malware can run programs in the background without your knowledge, designed to steal your data.
What does the FBI recommend you do?
The PSA goes through a number of steps you can take to protect your data and protect your devices—regardless of whether you’re using apps developed outside the US, including:
-
Disable data sharing whenever you can
-
Downloading apps from official app stores as opposed to unregulated online marketplaces
-
Change and update your passwords frequently
-
Install updates when available
-
Read the Terms of Services and License Agreements when downloading apps
Even the FBI encourages you File report with IC3 If you believe your data has been compromised.
The FBI tips above are actually generally useful, but none of them are necessary. These are pretty standard best practices for cybersecurity – though Changing your password frequently without reason No longer widely recommended. Follow these tips, however, and you’ll help protect your data when you connect to the Internet.
What do you think so far?
Watch out for shady apps in general, not just from “foreign” developers
Telling Americans to avoid or be wary of foreign-developed apps is a bit impractical. Yes, other countries have different privacy laws than the US, but current US laws allow companies to scrape our data for profit. If not, Meta and Google will suffer for business. The FBI isn’t worried about American companies having access to Americans’ data, of course; Foreign governments only.
I understand the logic, but I don’t think it’s something you, as an individual American with a smartphone, need to worry about. Instead, I think your concern should be more general: instead of worrying about where the app was developed, look at what data the app needs. It doesn’t matter if the app is made by a company based in America, China, or somewhere else: if the app asks for a whole bunch of data, don’t give it away for no reason. If you’re using a messaging app and want to be able to sync your contacts, that’s one thing; If your meditation app wants your contacts, it’s probably best to decline them.
Malware is certainly the biggest point of concern right now, especially as bad actors exploit some Major vulnerabilities in platforms like iOS. While the issues with malware are highlighted in this PSA, I think that’s where the FBI should focus. Downloading an app from a random site on the Internet or from a suspicious list on the App Store or Play Store can compromise your device and its data. It doesn’t matter where the app is from: doing a little research before hitting “install” can save you a big headache in the future.
