Another year, another Chinese app makes the news for anti-privacy – this time it’s Meitu.
Meitu is the selfie image editing app taking the world by storm, turning anyone into something out of a comic book. First made popular in China and Taiwan, it spread all over Asia (in Singapore too) and has recently made it all the way to the United States.
However, while Chinese developers and manufacturers have long sought to be rid of their stereotyped image, for far too long, vulnerabilities and backdoor access have been discovered in some of the major apps and products to come out from China.
And Meitu has just added on to that perception.
Is Meitu Collecting And Sending Your Data Somewhere Unwanted?
Over the past weekend, Meitu has come under fire from the tech community.
Going public last month in what was considered Hong Kong’s largest tech IPO in the last 10 years, it fuelled its expansion outside Asia, and gained instant popularity after landing in the United States.
Coincidentally, that was also when its troubles started, when security experts started to probe into this new-found American app phenomenon that had people beautifying themselves and their favourite president.
To start off, experts have found that the app requires some peculiar data permissions from the user.
More than just gaining access to the user’s camera and photo gallery, it will also require them to accept having their other apps to be essentially monitored by Meitu, their precise location, their IMEI number, call, telco, and wifi information.
That’s for the Android version of the app, but the iOS version didn’t fare any better either. Despite some protection on Apple’s end, the app will require a largely similar set of information access from phones.
Blown Out Of Proportion
While infosec (information security) experts are quick to point out these issues, they are also quick to defend it.
The thing about all these permissions is that they are very very similar as to what other free apps employ, and that users turned a blind eye to them just because they are from “trusted sources”, and Meitu is receiving all the flak simply because it is an app from China.
Meitu has told Techcrunch that they are aware of all that has been reported and want to reassure users around the world that they have always worked with Apple and Google in ensuring their app is safe, but stops short at explaining what they do with data they collect from users.
What we do know, is that Meitu has reassured users that all data is sent directly only to them in their offsite servers.
This raises another level of concern – the lack of transparency of what they’re doing with all the collected data. But again, this isn’t something that only Chinese app developers do.
As The Verge points out, this is a matter of tracking rather than spying.
Now, if you were to look at all of your most used apps in your phone – Facebook, Twitter, Instagram, Snapchat…all of them want to know where you are, who you are with, what you are doing at any point of time that you decide to upload content.
Tech out of China these days have transcended to become a genuine global contender, and they are hard at work trying to shake off the stereotype that they are about fakes and data breaches.
Bad apples exist in tech regardless of which country it originates from, and users need to take it upon themselves to do their due diligence each time they install a new app and decide for themselves if the permissions required are ones they are comfortable with sharing.