Privacy Alarm: Chinese VPN Apps Still Lurking in Apple and Google Stores, User Data at Risk

Despite more than six weeks passing since the Tech Transparency Project (TTP) first sounded the alarm, Apple and Google app stores continue to host private Browse applications, known as VPNs (Virtual Private Networks), that are secretly owned by Chinese companies. This raises serious questions about user privacy and national security, with the TTP also suggesting that the tech giants may be profiting from these dangerous apps.

The Core Issue: Chinese Ownership and National Security Laws

VPNs promise to mask a user's identity while Browse the internet by encrypting traffic and rerouting it through remote servers. They're supposed to guarantee anonymity and security. However, when a VPN is Chinese-owned, the promise of privacy directly clashes with China's strict national security laws.

Under these regulations, Chinese companies can be forced to share user data with the Beijing government. This is a crucial and highly risky point for users, particularly Americans and, by extension, global users. VPNs, by their very nature, have access to extremely sensitive information: they see a person's entire web activity. From login credentials to visited websites, from private communications to financial data, everything passes through their servers. If a Chinese company is compelled to hand over this data, individual privacy is completely compromised.

The Tech Transparency Project Report: An Unheeded Warning?

The Tech Transparency Project published its first detailed report on this issue on April 1, 2025, followed by a "spot check" on June 12, 2025 (i.e., just these past few days). These reports highlighted how many of these Chinese-owned VPN apps obscure their true origin through a maze of shell companies and vague or generic developer names. This makes it almost impossible for the average user to understand who is really behind the app they're downloading and to whom they're entrusting their entire online activity.

One of the most unsettling discoveries is the link between several of these VPNs and Qihoo 360, a major Chinese cybersecurity firm. Qihoo 360 has been sanctioned by the U.S. government due to its alleged ties to the Chinese military, further escalating security concerns.

The Role of Apple and Google: Profit at the Expense of Security?

The TTP also raises a thorny question regarding Apple and Google. Both companies, through their respective app stores, could be profiting from the presence of these apps. This could be through a percentage of subscriptions (a common model for paid VPNs) or, in the case of the Google Play Store, through advertising revenue.

This potential profit, the TTP argues, would put the tech giants' economic interests in direct conflict with their users' privacy and with the national security of the United States (and implicitly, other nations). The slowness or reluctance to remove these apps, despite the evidence, fuels the debate about platform responsibility and their ability to act as effective gatekeepers for digital security.

Implications for Users

For users, the implications are clear and direct:

• Surveillance risk: Browse data, communications, and online activities could be monitored by the Chinese government.

• Exposure to fraud and attacks: Sensitive personal information could be exposed, increasing the risk of identity theft, financial fraud, or other cyberattacks.

• Compromise of corporate/national security: If employees of companies or government entities use these VPNs, sensitive data related to business operations or state secrets could be at risk.

  
  

What Can You Do?

In an increasingly complex digital landscape, it's essential for users to be aware of the risks. Before downloading a VPN, it's advisable to:

• Research the developer: Verify the company behind the app, its location, and its reputation. Be skeptical of generic or opaque names.

• Read in-depth reviews: Look for analyses from independent, trusted sources, not just user reviews on the app stores.

• Prefer reputable and transparent providers: Opt for VPNs with a proven "no-log" policy (meaning they don't store activity data) and based in countries with robust privacy laws.

  
  

The issue of Chinese VPNs in app stores is a clear example of how geopolitical challenges directly impact our daily digital lives. Pressure on Apple and Google must continue so they act with greater transparency and responsibility to protect the millions of users who rely on their services.