As a tensions between India and China over the Line of Actual Control peaked over the last week, a Shenzen-based tech firm is monitoring over 10,000 individuals and organisations, including the Indian Prime Minister and President, across the world, multiple media reports said.
According to a copy of the database that was left unsecured on the Internet and retrieved by an Australian cybersecurity consultancy, China’s Zhenhua Data Information Technology Co, which has ties with the Chinese government, and the country’s Communist Party, has stocked a global database of “foreign targets”.
The list includes President Ram Nath Kovind, Prime Minister Narendra Modi, Congress interim President Sonia Gandhi and their families, Cabinet Ministers Rajnath Singh, Ravi Shankar Prasad and Nirmala Sitharaman, and also Chief of Defence Staff Bipin Singh Rawat to at least 15 former Chiefs of the Army, among many others, the report claimed.
The firm targets key personalities and institutions who are involved in politics, government, business, technology, media, and civil society, according to this database.
DH could not independently verify the names claimed in this database.
Reports said the company tracks the digital footprint of the individual or the organisation, across multiple social media – from friends and relationships; analyses posts, likes and comments by friends and followers – and online platforms, drawing up a complete record.
The cache, called the Overseas Key Information Database (OKIDB) claims to offer insights into foreign political, military and business figures, details about infrastructure and military deployments of countries, and public opinion analysis. The database allegedly contains information on over 2 million people, according to Zhenhua’s marketing documents and a review of a portion of the database, The Washington Post reported.
This record, or “information library,” consists of data collected from news sources, forums papers, patents, bidding documents and even positions of recruitment and builds a connection among the subjects. The company also keeps an eye even on private information about movements such as geographic location through Artificial Intelligence tools, a report in The Indian Express said.
The report also added that collecting such massive data and weaving in public or sentiment analysis around these targets, Zhenhua offers “threat intelligence services”, at the heart of what the company itself flaunts as its role in “hybrid warfare.”
According to Canberra-based expert Robert Potter, “Why does this company (Zhenhua) need processing centres in so many countries? If you don’t want attention from the platforms you are mass scraping, you simply use proxies.”
“The only plausible purpose is to build capacity for following up on the actionable data,” Potter said.
“The threat of surveillance and monitoring of foreign individuals by an authoritarian China is very real,” he said, referring to the leaked database report.
The company’s website did not respond to multiple media queries. The website was taken down on allegedly September 9 and the access was blocked as well.
A representative of Zhenhua told The Guardian, “The report is seriously untrue.”
“Our data are all public data on the internet. We do not collect data. This is just a data integration. Our business model and partners are our trade secrets. There is no database of 2 million people,” the representative, who identified herself as head of business, told the news outlet.
“When agglomerated, this data opens up myriad opportunities to conduct targeted influence activities should the need arise … This can include dis and mis-information, inauthentic simulation (deep fakes), straight-up bribery, and general muddying of the information environment in which democracy operates,” Dr Zac Rogers of Flinders University in South Australia, who is research leader at the Jeff Bleich Centre for the US Alliance in Digital Technology, Security and Governance told The Guardian.
Zhenhua’s documents characterize the company as a ‘patriotic firm’ with the military as its primary target customer, operating out of Shenzhen and an office park in northwest Beijing, The Washington Post report said.
In India, the laws under the Information Technology Rules, 2011, under the IT Act, 2000, personal data state that “any information regarding a natural person, which either directly or indirectly, in combination with other information available or likely to be available… is capable of identifying such person.”
This is barring the information that is available freely or accessible in the public domain anddoe snot impose any conditions on the use of personal data for direct marketing etc.
“The key point is that the company is undertaking this without consent… a third party scraping your geo-location from social media sites and sharing it with a rival country’s intelligence will be seen illegal, at least in some advanced jurisdictions,” a data expert told The Indian Express.
This is also a major security concern for India, as the nation banned 118 more Chinese apps on September 2, including the popular gaming app PUBG Mobile, citing security reasons amid a fresh incursion bid by the Chinese People’s Liberation Army troops in eastern Ladakh.
The Ministry of Electronics and Information Technology said in its statement, “The compilation of these data, its mining and profiling by elements hostile to national security and defence of India, which ultimately impinges upon the sovereignty and integrity of India, is a matter of very deep and immediate concern which requires emergency measures.”
In June, the Centre banned 59 Chinese apps including TikTok, Club Factory, Cam Scanner and UC Browser, and later added 47 more to the list. In total, 224 other apps have now been banned by India.
According to a PTI report, China possesses one of the largest militaries in the world and is becoming increasingly comfortable portraying itself as a counter to the United States. Russia has also upgraded conventional forces while investing heavily in cyber, space, electronic warfare, and hybrid warfare capabilities, the Pentagon said.
China-US tensions over trade, technology and a multitude of other issues have increasingly spilt over into the areas of diplomacy and media, with the US ordering the closure of the Chinese Consulate in Houston in July.
China tightly controls and censors its own cyberspace through the popularly dubbed Great Firewall, which has for years restricted access to firms such as US majors Twitter Inc, Facebook Inc and Google owner Alphabet Inc.
The administration of US President Donald Trump has taken aim at Chinese giants such as Huawei Technologies Co Ltd Tencent Holdings Ltd and TikTok owner ByteDance, citing concerns over national security and the collection of personal data, which the companies have rejected.
(With inputs from agencies)