Authored by Naveen Athrappully via The Epoch Times (emphasis ours),
The FBI identified data security risks from foreign-developed mobile apps used in the United States, the agency warned in a March 31 public service announcement.
“As of early 2026, many of the most downloaded and top-grossing apps in the United States are developed and maintained by foreign companies, particularly those based in China,” the FBI said, without naming any apps.
“The apps that maintain digital infrastructure in China are subject to China’s extensive national security laws, enabling the Chinese government to potentially access mobile app users’ data.”
In the Google Play store, the most popular apps include short-form video platform TikTok, video editor CapCut, artificial intelligence video generator PixVerse, and communication app Telegram X. China-based ByteDance maintains ownership of TikTok and CapCut. PixVerse is owned by a Singaporean company, and the developer of Telegram X is based in the United Arab Emirates.
On Apple’s App Store, the top free apps include CapCut, TikTok, and Chinese shopping apps Temu and Shein.
In its alert, the FBI warned users to be aware of the types of data the foreign apps request access to when they are downloaded.
“When access is permitted by the user, the app can persistently collect data and users’ private information throughout the device, not just within the app or while the app is active,” the bureau said.
The privacy policy of an app, which can typically be accessed on the company website, reveals where the harvested data, including system prompts and personal info, are stored. Some of the apps store data in servers located in China. Some apps do not allow users to run them unless they consent to data sharing, the FBI said.
Certain apps offer options to invite friends or other contacts to use the apps. Once an app is downloaded, the default permissions may allow the developer to collect and store information about users’ names, email IDs, physical addresses, user IDs, and stored contacts’ phone numbers.
“Some apps may also contain malware that could collect data beyond what is authorized by the user. This could include malicious code and hard-to-remove malware designed to exploit known vulnerabilities in various operating systems and insert a backdoor for escalated privileges,” the agency said.
“Downloading apps from unfamiliar websites or third-party app stores runs a higher risk of embedding malware. Official apps stores scan for malicious content, lowering the risk of malware or malicious code on devices.”
The FBI advised people to disable unnecessary data sharing on apps, stick to downloading verified apps from official app stores, perform regular device software updates, and change passwords regularly.
U.S. authorities have taken action against Chinese apps that pose privacy risks to citizens.
In February, Texas Attorney General Ken Paxton filed a lawsuit against Shein, stating: “Not only is Shein harming consumers with toxic synthetic materials, but it’s also exposing Americans’ data to Communist China. This must come to an end.”
The same month, Paxton sued Temu over suspected ties to the Chinese Communist Party (CCP).
In 2025, President Donald Trump issued an executive order for the United States to acquire TikTok from Chinese parent company ByteDance. In January, a deal was finalized that set up a U.S. majority-owned joint venture to oversee TikTok’s American operations.
AI, VPN Risks
In 2025, Florida Chief Financial Officer Jimmy Patronis banned the Chinese artificial intelligence model DeepSeek from the state’s Department of Financial Services. New York and Texas also banned DeepSeek from state government devices and networks last year.
“Texas will not allow the Chinese Communist Party to infiltrate our state’s critical infrastructure through data-harvesting AI and social media apps,” Texas Gov. Greg Abbott said at the time. “Texas will continue to protect and defend our state from hostile foreign actors.”
In a June 2025 report, the Tech Transparency Project, a research initiative that seeks to hold big tech companies accountable, warned that Apple and Google app stores were allowing virtual private networks (VPNs) owned by Chinese companies on their platforms, thus presenting security risks.
“Chinese-owned VPNs raise serious privacy and security concerns for Americans because Chinese companies can be forced to share user data with the Chinese government under the country’s national security laws,” the report warned. “VPNs have access to particularly sensitive user data since they see all of a person’s web activity.”
Earlier this year, Republican lawmakers introduced the Securing Federal Devices from Chinese Applications Act to block apps controlled by the CCP from U.S. government devices, according to a Jan. 16 statement from the office of Rep. Jefferson Shreve (R-Ind.).
“If an app is controlled by the CCP, it does not belong on a U.S. government device,” Shreve said. “This bill shuts the door on CCP spyware and makes clear the federal government will not aid China’s surveillance state.”
Read the full article here