In coordinated disclosures, multiple news organisations around the world reported on Monday what they described as a widespread surveillance operation by a Chinese company.
Zhenhua Data, the reports claimed, put together a database with the personal information of over two million people of public interest — politicians, celebrities, business leaders, prominent military officials and academics. In India, according to The Indian Express, these included the president, the prime minister, the Congress president and several chief ministers.
The company describes its activities as “hybrid warfare” and counts among its clients, the Chinese military and intelligence. It has sold “services for military, security and foreign propaganda” to “domestic institutions” in China, including the government and security services, The Daily Telegraph noted. The data, purportedly trawled since 2017, includes biographies, family maps, and records of social media posts.
The nature of this information and the way in which the company described its activities feed into larger concerns about Chinese surveillance operations on adversarial countries and their citizens. These have, at least in India, led to the banning of popular mobile apps such as TikTok and PUBG in recent months.
Zhenhua Data’s activities, however, appear to be less novel or damaging than the adjectives used to describe it. Such operations are known as OSINT (open-source intelligence) gathering and analysis. The data in OSINT operations is publicly available. The novelty of the practice is in digging this data out, drawing linkages and contextualising it. Journalists have used it, famously, to nail the culprits behind the downing of civilian aircraft (flight MH17 over Ukraine and PS752 in Iran), fake news and disinformation operations, even identify military deployment. OSINT operations by intelligence agencies are usually hidden from public view.
To put it simply, Zhenhua’s database is akin to putting together a dossier on a person with publicly available data.
Such dossiers are not uncommon in security establishments. By nature, these dossiers are meant to include information that is not in the open, information that can compromise an individual, an institution or an establishment. A security analyst who follows surveillance told me that, by contrast, Zhenhua’s database was “not all that worrying”.
What does appear to be new is the increasing frequency with which adversaries are drawing attention to China’s cyber operations. The Daily Telegraph noted that Zhenhua Data’s database was leaked by a company insider and first obtained by the Five Eyes intelligence network of the United States (US), the United Kingdom, Canada, Australia and New Zealand. It was from this network that the information made its way to the press. Earlier this summer, a US Senate report released in July accused China of surveillance and censorship through its tech. A month before that, Australia disclosed a “large scale” cyber attack. While Prime Minister Scott Morrison did not name any suspects, the country’s security establishment told local journalists that the blame likely lay with groups in China.
The larger threat stems from China’s position as a hardware and software powerhouse as it exports technology that is often at a more lucrative price point than alternatives. Overtly, this emanates from the country’s cyber security law, which legally mandates that all Chinese tech companies hand over data (stored in Chinese servers) if requisitioned by security agencies. Covertly, this emanates from software and hardware that foreign intelligence agencies have long suspected of having backdoors to allow interception as information streams across mobile networks, internet routers and server farms.
Essentially, yes — China is watching. But Zhenhua Data is likely to have contributed only a small portion of its peripheral vision.
The views expressed are personal