Uyghur Muslims in the Chinese province of Xinjiang are facing a threat to their digital privacy rights. Chinese government officials are requiring the Uyghur Muslims to install backdoors on their electronic devices. The spyware is being installed on electronic devices owned by minorities in the name of fighting terrorism. The Chinese government claims that they will be using the backdoors to search for “terrorist propaganda”. The spyware is known as Jingwang, which translates to “Citizen Safety”. The app makes MD5 cryptographic hashes for all files on the user’s device, which are then checked against a database of “known terrorist content”.
The Citizen Safe spyware was unveiled in China back in April. The spyware debuted at a ceremony held by the Urumqi City Public Security Bureau. Urumqi law enforcement developed the Citizen Safe spyware. Urumqi is the capital city of Xinjiang. The Citizen Safe spyware sends the government a user’s WeChat and Weibo chat records, as well as the device’s IMSI and IMEI, and even sends the user’s WiFi login details. The app also allows a user to report suspicious activities to the local authorities. In early July, Chinese law enforcement in Xinjiang province began sending WeChat messages to Uyghur Muslims demanding that they install the Citizen Safe spyware or face being jailed for up to 10 days. Chinese government officials also tweeted out an announcement warning people of the possibility of facing imprisonment for failure to install the Citizen Safe spyware.
Since then, Chinese law enforcement officials in Xinjiang province have been stopping Uyghur Muslims and checking their mobile devices to ensure that they have installed the Citizen Safety spyware on their devices. Some of the Uyghur Muslims have been detained for their refusal or unwillingness to install the Citizen Safe spyware. Police in Urumqi have been setting up checkpoints to stop and search Uyghur Muslims and their electronic devices. People have been going online and alerting others of the location of these checkpoints by law enforcement, so that others can avoid having their device searched and having to face imprisonment.
Xinjiang is the only Chinese province that is requiring the people to install the Citizen Safe spyware. While Uyghur Muslims are a minority in the country overall, however, they make up a majority in the Xinjiang province. In Xinjiang province 45% of the population consists of Uyghur Muslims and 40% are Han Chinese. The Xinjiang province has gone through unrest and turmoil, including terrorist attacks. The international terrorist group ISIS is said to have a small contingency in the Xinjiang province. In response to the terrorist attacks, the provincial government in Xinjiang has passed legislation which instituted a ban on facial veils, burqas, and beards. The new legislation included restrictions on marriage and the naming of children, and even criminalizes those who “reject or refuse radio, television and other public facilities and services.”
The people of China’s Xinjiang province have had their digital rights under threat for quite some time already. In 2015 it was reported that people in Xinjiang province were having their cellular phone and internet service cut off for using foreign communications apps such as WhatsApp, or for having used VPNs. An SMS text message received by a cell phone user from Urumqi stated, “Due to police notice, we will shut down your cellphone number within the next two hours in accordance with the law. If you have any questions, please consult the cyber police affiliated with the police station in your vicinity as soon as possible.”
A few years ago, hacktivists from Turkey defaced thousands of websites in protest of the Chinese government’s repression of Uyghur Muslims. Some of the sites which were hacked included Chinese government websites, hospitals, and universities. The Turkish hacktivists struck a second time, but that time only defaced over thirty Chinese government websites. A group known as Scarlet Mimic, which is likely operated by the Chinese government, or by an organization sponsored by the Chinese government, have been using a backdoor known as FakeM for the Windows operating system for years to spy on Uyghur Muslim activists.