One of the most popular apps in the Middle East has reportedly been used by Emirati authorities to spy on millions of users. Cybersecurity researchers said the app's design would allow it without exploits or backdoors.
Image: picture-alliance/Photoshot/Xinhua/c. Wenwu
Advertisement
Video and text messaging app ToTok has been flagged as a "spying tool" for the United Arab Emirates (UAE), according to a report published by The New York Times (NYT) late Sunday.
Citing US officials "familiar with a classified intelligence assessment," the newspaper said the app allows it to "track every conversation, movement, relationship, appointment, sound and image of those who install it on their phones."
Apple and Google both subsequently removed the app from the online marketplaces. Google said this had been done for a "policy issue."
The app has previously topped charts in the UAE and boasts users from Europe, the US and the wider Middle East, among other regions and countries.
Cybersecurity researchers showed that the app didn't require back doors or exploitsImage: picture-alliance/Photoshot/Z. Dingzhe
'Temporarily unavailable'
In the UAE, most Voice over Internet Protocol (VoIP) apps are banned, including the likes of WhatsApp and Skype. That made ToTok an attractive alternative for users in the UAE.
The app was pulled from Apple and Google's app stores.
ToTok issued a statement on Sunday saying that its app was "temporarily unavailable in these two stores due to a technical issue."
It said the app was still operational for users with Samsung, Huawei and Xiaomi phones, among others.
Patrick Wardle, a cybersecurity researcher approached by NYT, published a technical analysis before the report under the headline: "Mass Surveillance, is an (un)Complicated Business."
Wardle said his technical analysis "showed the ToTok simply does what it claims to do … and really nothing more."
"Assuming the claims that ToTok is actual designed to spy on its users, this 'legitimate' functionality of the app is really the genius of the whole mass surveillance operation: no exploits, no back doors, no malware," he wrote.
"Again, just 'legitimate' functionality that likely afforded in-depth insight in a large percentage of the country's population."
Fighting for the internet: Social media, governments and tech companies
Germany has passed a new law on social media in 2017, despite complaints from social media companies worried about the impact on their business. But how far is too far? DW examines the trends.
Image: picture-alliance/dpa/W. Kastl
Free speech or illegal content?
Whether hate speech, propaganda or activism, governments across the globe have upped efforts to curb content deemed illegal from circulating on social networks. From drawn-out court cases to blanket bans, DW examines how some countries try to stop the circulation of illicit content while others attempt to regulate social media.
Image: picture-alliance/dpa/W. Kastl
Social media law
After a public debate in Germany, a new law on social media came into effect in October. The legislation imposes heavy fines on social media companies, such as Facebook, for failing to take down posts containing hate speech. Facebook and other social media companies have complained about the law, saying that harsh rules might lead to unnecessary censorship.
Image: picture-alliance/dpa/T. Hase
Right to be forgotten
In 2014, the European Court of Justice ruled that European citizens had the right to request search engines, such as Google and Bing, remove "inaccurate, inadequate, irrelevant or excessive" search results linked to their name. Although Google has complied with the ruling, it has done so reluctantly, warning that it could make the internet as "free as the world's least free place."
Image: picture-alliance/ROPI/Eidon/Scavuzzo
Blanket ban
In May 2017, Ukraine imposed sanctions on Russian social media platforms and web services. The blanket ban affected millions of Ukrainian citizens, many of whom were anxious about their data. The move prompted young Ukrainians to protest on the streets, calling for the government to reinstate access to platforms that included VKontakte (VK), Russia's largest social network.
Image: picture-alliance/NurPhoto/Str
Safe Harbor
In 2015, the European Court of Justice ruled that Safe Harbor, a 15-year-old pact between the US and EU that allowed the transfer of personal data without prior approval, was effectively invalid. Austrian law student Max Schrems launched the legal proceedings against Facebook in response to revelations made by former US National Security Agency (NSA) contractor, Edward Snowden.
Image: picture-alliance/dpa/J. Warnand
Regulation
In China, the use of social media is highly regulated by the government. Beijing has effectively blocked access to thousands of websites and platforms, including Facebook, Twitter, Instagram and Pinterest. Instead, China offers its citizens access to local social media platforms, such as Weibo and WeChat, which boast hundreds of millions of monthly users.
Image: picture-alliance/dpa/Imaginechina/Da Qing
Twitter bans Russia-linked accounts
Many politicians and media outlets blame Russia's influence for Donald Trump's election victory in 2016. Moscow reportedly used Facebook, Twitter, Google, and Instagram to shape public opinion on key issues. In October 2017, Twitter suspended over 2,750 accounts due to alleged Russian propaganda. The platform also banned ads from RT (formerly Russia Today) and the Sputnik news agency.
Image: picture-alliance/AP Photo/M. Rourke
Facebook announces propaganda-linked tool
With social media under pressure for allowing alleged Russian meddling, Facebook announced a new project to combat such efforts in November 2017. The upcoming page will give users a chance to check if they "liked" or followed an alleged propaganda account on Facebook or Instagram. Meanwhile, Facebook has come under fire for not protecting user data in the wake of the Cambridge Analytica scandal.
