LITHUANIA KNOWS A thing or two about standing up to large Communist states. It also has previous with China, most recently over the naming of Taipei’s representative office in Vilnius as Taiwan’s, which led to Beijing demanding Vilnius recall its ambassador.
Thus the exhortation this week by its defence ministry to Lithuanians to throw away their Chinese smartphones and not buy new ones fits a pattern.
The advice followed a cybersecurity analysis by the ministry’s National Cyber Security Centre (NCSC) of three 5G-enabled smartphones introduced into the Lithuanian market last year and seen in the screenshot above. There is one each from Huawei, Xiaomi and OnePlus, a brand of BBK Electronics that also owns the Oppo and Vivo brands.
The NCSC found that:
- Huawei’s official app gallery directs users to third-party online stores that sell malicious or virus-infected apps, raising data breach risks;
- all three devices routed user data through servers based in third countries such as Singapore that are not covered by the EU’s General Data Protection Regulation and are Chinese company-owned, meaning the data would have to be turned over to Chinese authorities on request; and
- Xiaomi’s smartphones have a built-in censorship feature, which it says is deactivated in Europe but, the NCSC says, can be activated remotely.
Each device uses a variant of Google’s Android operating system.
Huawei says no user data is sent externally and Xiaomi that it does not censor communications. However, the NCSC’s findings will confirm the mounting fears in Western countries that Beijing is using the commercial prowess of its technology companies to advance the deployment of its growing cyber capabilities, particularly for espionage and data gathering.
The NCSC will release further findings by the end of the year, likely intensifying the European backlash against Chinese hardware.