Americans may face risks related to their personal data being collected and stored internationally, even if they haven’t downloaded apps from foreign developers themselves. This warning from the FBI highlights how, if someone close to them gives an app access to their device, information like names, email addresses, and phone numbers can be extracted from their contact lists and stored abroad.
This concern, while stemming from ongoing scrutiny of TikTok’s connections to China, actually points to a broader issue involving various foreign-developed applications. The FBI issued a public service announcement stating that many widely used overseas apps, especially those linked to China, can gain access to extensive data, including contact information, once users grant permissions.
The agency cautioned that some apps might continue to gather data in the background even after receiving access, potentially storing this information on servers in jurisdictions with laws that allow government access. The FBI’s statement indicated that developers might collect users’ personal information and contact details, which could persist even beyond just using the app.
While the FBI did not specify particular apps, its warning could indicate risk for popular services from Chinese companies, such as CapCut for video editing, or shopping platforms like Temu and SHEIN, alongside social media apps like Lemon8—all of which rank highly in downloads across the U.S.
U.S. officials have raised alarms for years, suggesting that data gathered through China-linked platforms might be utilized to create detailed profiles of Americans, chart their personal and professional networks, and support intelligence operations. As for apps operating within China, they fall under national security laws which could enable the government to access user data.
The FBI also mentioned some red flags signaling excessive data collection, such as unusual battery drain, spikes in data usage, or unauthorized account activities, which may imply background data collection or other suspicious behavior. Users are encouraged to limit unnecessary data sharing, download apps strictly from official app stores, and check permissions granted to these platforms regularly. Furthermore, apps obtained from unofficial sites could harbor malware aiming for unauthorized data access.
Years of scrutiny surrounding TikTok concluded with an agreement that mandated the Chinese parent company to divest control of its U.S. operations to a U.S.-led group, aimed at addressing concerns related to data access and national security.
The FBI’s recent caution indicates that these risks are not confined to just one app but potentially involve a wide array of foreign-developed applications used by millions in the United States.
The Chinese embassy has yet to respond to requests for comment.
