TikTok, the popular short video app, has been scrutinized for its potential security risks and data privacy issues. The app, owned by Chinese company ByteDance, has been accused of collecting and sharing sensitive information from its users with the Chinese government and being a platform for foreign influence and espionage. TikTok denies these allegations and claims robust security measures and data protection policies are in place.

However, TikTok is not the only app that threatens Americans’ security and privacy, especially those who work in the defense and intelligence sectors. Temu, a new online shopping app claiming exclusive deals and free delivery, has been found to have data collection and sharing practices similar to TikTok and is linked to Chinese state-sponsored cyber actors.

Temu: A Trojan Horse for China?

Temu, which means “special” in Chinese, is an app that allows users to browse and buy various products, including fashion, home decor, beauty, electronics, and more. The app boasts over 100 million downloads and is an editor’s choice on Google Play. Temu also allows users to create and upload videos of their purchases, similar to TikTok’s user-generated content.

While TikTok has faced scrutiny due to its Chinese origins, evidence suggests that Temu is a Trojan horse for China. Temu is likely one of the many apps Chinese intelligence collectors and economic competitors use to target the U.S. cleared industry.

Temu is likely part of a concerted effort by China to exploit cleared contractors for economic and military advantage. China uses commercial and government-affiliated entities as surrogate collectors and cyberspace as a critical domain for blended operations.

Examples of how China can use Temu and other apps to conduct malicious activities against U.S. cleared industry include:

  • Information Gathering: Temu collects data about its users’ activities and preferences based on their activity and purchases. This includes device information, location, IP address, search history, message content, and viewing duration.
  • Device Identifiers: The app tracks interactions with advertisers using device identifiers.
  • Inferred Factors: Temu infers factors like age range, gender, and interests based on user information.
  • Biometric Data: In the U.S., Temu can collect biometric information such as face and voiceprints.

The Impact of Temu on Cleared Contractors

Temu, like TikTok, is a seemingly harmless app that offers users entertainment and convenience. However, both apps are potential tools for foreign adversaries to steal and exploit U.S. data and technology. Cleared contractors working on America’s most sensitive programs are of particular interest to foreign collectors, especially from China and Russia.

  • Data Sharing: Like TikTok’s parent company ByteDance, Temu’s Chinese connection raises concerns about data sharing with the Chinese government.
  • Cyberspace Exploitation: China uses commercial and government-affiliated entities for data collection. Cyberspace remains a crucial domain for blended operations.
  • Loss of Competitive Edge: Compromised contractors risk losing their competitive edge, intellectual property, reputation, and trustworthiness.
  • National Security Implications: Jeopardizing national security interests by exposing sensitive information or technology.

What Can You Do?

If you’ve already downloaded and begun using Temu, here’s how you can protect yourself:

  1. Uninstall the App: First, locate the Temu app icon on your device’s home screen. Press and hold the icon until the app shakes, then tap the “X” that appears in the top corner of the icon to uninstall the app. Keep in mind that uninstalling the app will not delete or deactivate your Temu account.
  2. Review Permissions: If you’ve granted permissions to Temu, reconsider whether they are necessary. Temu collects various information, including personal details, browsing data, and social media profiles. Be cautious about what you allow.
  3. Monitor Your Accounts: Regularly review your accounts associated with Temu. Change passwords if needed and enable multi-factor authentication for added security.
  4. Be Skeptical: Remember that cheap prices may come with compromised quality. The pictures of advertised products may not match reality. Be cautious when making purchases.
  5. Consider Alternatives: If you’re concerned about privacy and security, consider using alternative shopping apps with better transparency and data protection practices.

Be aware of its risks and take steps to safeguard your privacy and sensitive information. Temu is not just a shopping app. It is a new TikTok threat to cleared contractors.

Related News

Shane McNeil has a diverse career in the US Intelligence Community, serving in various roles in the military, as a contractor, and as a government civilian. He is currently the Counterintelligence Policy Advisor for the Chairman of the Joint Chiefs of Staff. His background includes several Army combat deployments and service in the Defense Intelligence Agency (DIA), where he applied his skills in assignments such as Counterintelligence Agent, Analyst, and a senior instructor for the Joint Counterintelligence Training Activity. He is a Pat Roberts Intelligence Scholar and has a Master of Arts in Forensic Psychology from the University of North Dakota. He is currently pursuing a doctorate in Statesmanship and National Security at the Institute of World Politics in Washington DC. All articles written by Mr. McNeil are done in his personal capacity. The opinions expressed in this article are the author’s own and do not reflect the view of the Department of Defense, the Defense Intelligence Agency, or the United States government.