A Chinese man has accused a member of Apple's official technical support hotline of data theft and blackmail after a phone call with the iCloud service, sparking internet security concerns among the general public and China's top political advisors.

According to the Weibo user Meiguowangshi1999, who posted online screen shots and audio on March 5, regarding a dispute with an iCloud customer support technician on Feb. 28. The Apple employee later hacked into his account to find his contacts; then called him separately and threatened to leak the user's information and disable the user's phone and computer.

After he found out that his email passwords had been changed, he realized it was a real hack. He called Apple about the incident but did not receive a satisfactory response so he called the police. On March 7, he said he received a message from Apple representatives that the employee had been dismissed. 

Apple also released an official statement on March 8 that the company respects the privacy of its customers and the system is designed to protect users' privacy. Apple pointed out that AppleCare technical support advisors cannot obtain passwords, contents of emails and photos of users, so they will investigate the incident along with the alleged victim to make sure Apple employees and contractors abide by their strict standards.

This latest personal information breach incident reflects the universal concern over data privacy, as there have been many cases in China of personal information being obtained. This subject was addressed by several members of the Chinese People's Political Consultative Conference (CPPCC) at the ongoing annual sessions of the top political advisory body.

Zhou Hongyi, chairman of internet security giant Qihoo 360 and CPPCC member, said that investment in this area is not strong enough. While internet security accounts for 10 percent of the United States' information technology industry, internet security in China only accounts for 2 percent in comparison. 

"We should establish three principles for users' privacy, one, that data ownership belongs to the user; two, users must have rights to know and choose when internet companies collect and exploit data; three, internet companies should protect the users' data," said Zhou.

Pan Jianwei, one of the world's leading quantum physicists and CPPCC members, said that past experiences indicated that no matter how good the current encryption techniques are, attackers can still break the code as they improve their hacking abilities, "The national and individual's information securities face risks every day."

He hopes to build the world's first space-ground integrated quantum communication network to guard information security for hundreds of millions of households in China as quantum communications cannot be effectively hacked and thus will play a significant role in national defense, government affairs and financial matters, as well as bank transfers and personal privacy.

"Internet development's bottom line is security, " Tan Jianfeng, chairman of the Shanghai People Net Security Technology Co. and CPPCC member, said on Friday in a panel discussion, "We are the biggest country for internet users, but industry investment is lagging far behind the developed countries. Many core technologies for the Internet rely on foreign companies, which may have serious risks and security loopholes. "

He suggested that the central government should set the internet information security industry as a new emerging strategic industry, implementing good policies, supporting and attracting more enterprises and entrepreneurs in this field, as well as encouraging the development of new technologies and collaborations.

Peng Jing, a senior lawyer and CPPCC member, also appealed for special legislation for private information protection as soon as possible.

"We should build a convenient and efficient compensation mechanism for personal information protection, as well as rules to regulate different institutes and organizations on how to collect, process, use, publicize and protect personal information." She said, "We have to conduct security risk evaluation under the future law and will investigate and punish those who illegally collect and abuse personal information."

Related

Go to Forum >>0 Comment(s)