The FBI has flagged risks tied to apps built overseas, urging Americans to pay attention to who makes the software on their phones and what data those apps collect. This article breaks down the warning, names widely used Chinese-made apps, explains how app privacy labels work, and gives practical steps to reduce exposure to intrusive data collection. The goal is to help you decide which apps deserve a spot on your device and which should stay in the browser.
The FBI issued a public note meant to raise awareness, explaining the problem in simple terms: “to highlight data security risks associated with foreign-developed mobile applications (apps) frequently used in the United States.” That quote spells out the core concern: apps made abroad can be a vector for large-scale data harvesting. The agency’s focus is rooted in national security and user privacy, not app design trends or viral moments.
Centralized app stores make downloads feel safe and tidy, but the companies that build those apps can be scattered across the globe. Many big names in social, shopping, and utility apps are owned or developed by firms based in China or with deep ties to China. That global reach matters because of differing legal standards around data access and government influence.
Here are common examples of Chinese-developed or China-linked apps people use daily. TikTok, once wholly owned by ByteDance in Beijing, remains a major social platform with roots in China. Temu and Shein are two discount shopping apps with Chinese ownership and international operations. CapCut is a video editor from the same parent company that powers TikTok-style editing features. RedNote, also called Xiaohongshu, and Tencent’s apps such as WeChat round out a list of names that often appear in American app libraries.
These apps are widely popular and easy to install, which is part of the problem—popularity masks risk. When an app collects location, contacts, device identifiers, search and browsing history, or microphone and camera access, it can assemble a very detailed portrait of a user. Those data points, combined at scale, are exactly what foreign surveillance or commercial profiling systems covet.
Apple and Google both added visible privacy disclosures in app listings to give users clearer information about what apps collect. On iPhone, the App Privacy section lists the types of data an app may gather; on Android, the Data Safety panel performs a similar role. These labels are not perfect, but they help you see at a glance whether an app wants access to sensitive categories like location, contacts, or unique device identifiers.
Privacy labels can be blunt instruments, though, and they rely on developers reporting accurately. Even so, they expose a lot of the collection behavior people never read about. For apps that link collected data to user identities or that claim broad tracking rights, those labels should raise red flags and prompt extra caution before installation.
TikTok, for instance, has been documented collecting a long list of user data, from location to usage habits and device identifiers. That kind of data fuels recommendation algorithms and advertising profiles, but it also represents an aggregate of information that could be exploited if it fell under a foreign government’s influence. Recent efforts to store U.S. user data domestically aim to limit that exposure, but past practices left large pools of user information stored overseas.
There are practical steps anyone can take to cut down risk without sacrificing usefulness. First, verify the origin and reputation of any app before downloading it and read the app’s privacy disclosures. Second, restrict permissions so an app only has the access it genuinely needs to function, and revoke optional permissions if you notice unusual requests. Third, keep your phone and apps up to date so known vulnerabilities are patched quickly.
For apps you rarely use, consider using the mobile web instead of installing the native client, since browsers can offer more controlled access to features like location and camera. If an app asks for broad access to contacts, messages, or background location without a clear reason, that’s a cue to pause and reassess. Your judgment, combined with regular permission checks, is a strong line of defense.
At the end of the day, popularity does not equal safety, and convenience should not blind you to potential exposure. Treat unfamiliar or foreign-developed apps with a healthy dose of skepticism, and prefer services that are transparent about where your data is stored and who can access it. Small changes in how you install and manage apps will reduce the chances that your personal information becomes part of a large, foreign-held dataset.
- TikTok
- Temu
- Shein
- CapCut
- RedNote / Xiaohongshu
