China is known for severely controlling and monitoring its people, something I have explained in great detail in a recent article. However, it seems that China is not only interested in monitoring its own people, but also people in other countries across the world. Yes, we are talking about the Zhenhua Files – a massive data leak from the Chinese company that surfaced on the internet recently.
Personal profiles, service records and online engagement of foreign leaders, industrialists, military personnel, including their relatives and children exist in the online domain in one way or the other. These digital crumbs, along with millions of other scraps of social media and online data, were being systematically collected since 2017 by a small Shenzhen-based Chinese company called Zhenhua Data Technology – a firm with direct links to the Chinese Communist Party. The purpose? To provide actionable intelligence to the Chinese military, government and business entities for political or financial gains. The company calls this “personal information and relationship mining.”
The database, called the Overseas Key Information Database, or OKIDB, offers insights into foreign politics, economic statistics, details about a country’s infrastructure, military deployments, and public opinion analysis. It is reported that the database has information on more than 2.5 million individuals from around the world, who hold prominent public positions. These ‘foreign targets’, according to the leak, were under constant surveillance.
Internet 2.0 is a Canberra-based firm founded by cybersecurity expert Robert Potter, an adviser to the ex-Australian MP Gai Brodtmann, and David Robinson, a retired captain from the Australian Army Intelligence Corps. The firm earned respect and made a name for itself by studying and analysing various projects on North Korea and China.
And thanks to this, a mutual friend soon introduced the duo to the US academic Christopher Balding, who previously worked at China’s Peking University in Shenzhen. Balding revealed that he had access to controversial data that was leaked by insiders who risked their lives to get it. The data in the files was corrupted, so Balding shared the data with Internet 2.0, for recovery and analysis. The rest as we know is history.
What data was being collected?
According to Internet 2.0, Zhenhua Data Information Technology Limited uses Artificial Intelligence and big data techniques to track a target’s ‘digital footprint’ across various social media platforms to maintain a comprehensive information library. As of now, only 28,000 of the 2.5 million leaked files have been recovered. And apart from snooping for personal information, the company was also collecting and compiling information from newspapers, digital news outlets, corporate bidding documents, forums, patents, research papers and even positions of recruitment.
It’s worth noting that no ‘personal data’ was being monitored, at least in the strictest sense of the word. Internet 2.0 claims that the Chinese company collects and aggregates third-party public data by scooping up geographical and online engagement information from social media platforms.
So naturally, you may now think, why is it such a big deal if it’s all public data anyway? For starters, Zhenhua looks to build what is called a ‘relational database’ which can be used to understand public sentiment and the ‘threat level’ of individuals under its surveillance. It is not the data per se, but the range and the way this data may be used that raises red flags (no pun intended). Simply put, Zhenhua Data Information Company is a firm that facilitates cyber warfare, by collecting, compiling, and providing, seemingly harmless granular information that may be put together in a broader framework for deliberate tactical or economic advantages.
Is India affected by the leak?
Short answer, yes. To what extent? Nobody really knows.
With an already sensitive situation at LAC (Line of Actual Control) in Eastern Ladakh, this data leak forces us to ponder as to how far China can go to keep tabs on us. Although the company’s website is no longer accessible, it clearly shows that the depth of Chinese surveillance cannot be underestimated. Here is a list of the most important Indian names from among the 10,000 people/entities that the report says are being tracked by Zhenhua Data Information Company.
— Ram Nath Kovid, President of India
— Prime Minister Narendra Modi
— Nirmala Sitharaman, Finance minister
— SA Bobde, Chief Justice of India
— G C Murmu, Comptroller and Auditor General
— Bipin Singh Rawat, Chief of Defence Staff
— Rajnath Singh, Defence minister
— Ratan Tata, Tata Group
— Gautam Adani, Adani Group
— Anil Kakodkar, Atomic Energy Commission
— Satish Sharma, CMD, NPCIL
— Sudhinder Thakur, scientist, NPCIL
— 15 former Chiefs of the Army
— Piyush Goyal, Commerce and Industry minister
— Smriti Irani, Textile minister
— Uddhav Thackeray, CM of Maharashtra
— Ashok Gehlot, CM of Rajasthan
— Mamata Banerjee, CM of West Bengal
— Amarinder Singh, CM of Punjab
— Shivraj Singh Chouhan, CM of Madhya Pradesh
— Sonia Gandhi, Rahul & Priyanka Gandhi
— Nipun Mehra, BharatPe founder
— Ajay Trehan, AuthBridge
— Jashodaben, PM Modi’s wife
— Savita Kovind, President Kovind’s wife
— Manmohan Singh and his family
— Smriti Irani’s husband
— Harsimrat Kaur’s family
— The Yadav clan (Mulayam, Akhilesh, Dimple, Shivpal, Ram Gopal)
— Former CMs Raman Singh, Ashok Chavan, Siddaramaiah
— Amitabh Kant, CEO of Niti Aayog
— Vikram Sood, former RAW chief
— Lalu Prasad Yadav, former CM of Bihar
— Harsh Shringla, the foreign secretary
— Sachin Tendulkar
— N Ravi, The Hindu Group.
Where do we go from here?
The Zhenhua leak proves that China is watching us closely. But the information collected by the company is likely to have contributed only a small portion of China’s vast peripheral vision. Samantha Hoffman, an analyst from the Australian Strategic Policy Institute’s Cyber Centre, said, “It’s not entirely clear what the data is used for. A lot of data is being collected now and not all of it is usable, but later it could be. The mass collection of data may assist the objectives of Beijing in the long term.”
What this leak reminds us is that, in the end, it’s up to you and me to be responsible for what we view, share and upload on the digital space. As Scott McNealy famously said, “Privacy is dead, get over it”, we have to remember that our actions on the world wide web are going to be monitored or stored one way or the other, and may be used against us in the future. Our future is literally in our own hands.