The extent of the Chinese government’s surveillance of its citizens is in the spotlight after personal data - including profile information and private messages – from over 300 million Chinese social media users were leaked online.
Victor Gevers, a cybersecurity researcher at the not-for-profit GDI Foundation, exposed the leak via Twitter. The Financial Times reported that the database was secured again soon after this, while another Twitter used named Yuan Yang observed that China’s government had instructed internet cafes to install monitoring software on their computers, which could have caused the leak.
Gevers said that the government’s surveillance programme extracts information from an estimated 364 million profiles and messages daily, then passes this information to police stations across China. Among the data are names, ID numbers, GPS coordinates, conversations, photographs, network details, and transferred files.
The data is drawn from six popular Chinese social media apps including WeChat and QQ, both of which are owned by Tencent.
“Around 364 million online profiles and their chats & file transfers get processed daily. Then these accounts get linked to a real ID/person. The data is then distributed over police stations per city/province to separate operators databases with the same surveillance network name”, wrote Gevers.
The researcher added that the system bore a resemblance to Prism, the surveillance programme used by the US National Security Agency that was famously exposed by Edward Snowden in 2013.