The TLDR: A Chinese company with links to Beijing's military and intelligence networks has been amassing a vast database of detailed personal information on millions of people around the world. The leaked information shows that at least 10,000 Indians were targeted by Zhenhua Data—ranging from the President and Prime Minister to military chiefs and even celebrities. The professor who leaked it claims that the evidence reveals China’s ambition to create a “global authoritarian techno surveillance state.”

What’s this database?

The company: Zhenhua Data is based in Shenzhen, China—and its primary clients are the People’s Liberation Army and the Chinese Communist Party. Established in 2018, it is part of the China Zhenhua Electronics Group—which in turn is controlled by state-owned China Electronic Information Industry Group (CETC), a military research company. Zhenhua CEO Wang Xuefeng is a former IBM employee who previously advocated waging "hybrid warfare" through manipulation of public opinion and "psychological warfare” on WeChat.

The database: Zhenhua’s core business is something called the Overseas Key Information Database, or OKIDB. It uses artificial intelligence to scrape and analyse personal data of millions of people around the world:

“Information collected includes dates of birth, addresses, marital status, along with photographs, political associations, relatives and social media IDs. It collates Twitter, Facebook, LinkedIn, Instagram and even TikTok accounts, as well as news stories, criminal records and corporate misdemeanours.

 

While much of the information has been ‘scraped’ from open-source material, some profiles have information which appears to have been sourced from confidential bank records, job applications and psychological profiles. The company is believed to have sourced some of its information from the so-called ‘dark web.’”

The information also includes geolocation data typically collected by smartphone apps. Plus this:

“Researchers found that, once the company had created a ‘profile’ from the data, including a photo taken from public sites the targets maintained accounts on such as Twitter, Facebook, or LinkedIn, it was stored on publicly available Chinese servers with links for each individual.”

One expert calls it "Cambridge Analytica on steroids.”

Point to note: Zhenhua claims to have around 20 "collection nodes" scattered around the world. They collect enormous amounts of data and send it back to China. But only two of these nodes have been identified—one in Kansas and the other in Seoul. There is no information as to whether there is an Indian node, as well.

How did this leak?

The database was leaked to a US academic based in Vietnam, Professor Chris Balding. Until 2018, Balding had worked at the elite Peking University and then moved to Vietnam fearing for his safety. He won’t reveal details of the person who gave him the data dump for the same reason. Balding only revealed that this individual contacted him after he published a series of articles on Huawei (which has now been banned in several countries over concerns that it may use its 5G technology for mass surveillance). 

"We've worked very hard to make sure that there are no links between me and that person, once I realised what had been given to me… They are still in China. But hopefully I think they will be safe."

So who's in this database? 

It contains information on 2.4 million individuals. Balding turned the database over to Canberra cyber security company Internet 2.0—which was able to restore 10% of the information. Of the 250,000 records recovered, there are 52,000 Americans, 35,000 Australians, 10,000 Indian, 9,700 British, 5,000 Canadians, 2,100 Indonesians, 1,400 Malaysians, 793 New Zealanders and 138 from Papua New Guinea. 

This information was then shared with media outlets around the world including The Indian Express, The Australian Financial Review, Italy’s Il Foglio and The Daily Telegraph, London.

Tell me about the Indians

According to Indian Express’ analysis of the data dump, the 10,000 targeted Indians include a staggering range of personalities:

• Big name politicians including President Ram Nath Kovind, Prime Minister Narendra Modi, Sonia Gandhi and their families. Also Chief Ministers like Mamata Banerjee, Ashok Gehlot and Uddhav Thackeray.
• Cabinet Ministers include Rajnath Singh, Ravi Shankar Prasad and Nirmala Sitharaman. 
• Chief of Defence Staff Bipin Rawat and at least 15 former Chiefs of the Army, Navy and Air Force. Even Chief Justice of India Sharad Bobde is on the list.
• Top industrialists like Ratan Tata and Gautam Adani (No Mukesh-Bhai?) and start-up founders like Bharat Pe’s Nipun Mehra.
• Celebrities such as Sachin Tendulkar, Shyam Benegal, Sonal Mansingh and Rajdeep Sardesai.

As Indian Express notes, Zhenhua tracks not just these people but also their personal and professional networks:

“Significantly, it builds a 'relational database', which records and describes associations between individuals, institutions, and information… So Zhenhua’s 24 x 7 watch collects personal information on the target from all social media accounts; keeps track of the target’s friends and relationships; analyses posts, likes and comments by friends and followers; collects even private information about movements such as geographic location through artificial intelligence tools.”

What do they do with all this information? 

According to Balding, China is now applying techniques honed at home—to control its citizens—at a global scale. 

Grooming a target: Collecting compromising data either on a target or a family member opens the door to controlling them. Also: detailed information (including psychological profiles) on a target offers a huge advantage when dealing with them. Think about what Xi knows about PM Modi or a military chief like Bipin Rawat.

Hybrid warfare: Above all, big data is a vital tool in “hybrid warfare”—which combines a variety of military, economic and propaganda tactics to gain advantage. The idea is to create multiple fronts in an unlimited battleground—extending from outer space to the screens of your smartphones. Imagine creating social panic via fake news which in turns triggers a political crisis—while putting military pressure on the borders.

And as The Diplomat notes, public opinion warfare has been a key component of Beijing’s strategy since 2003:

“The most important part of this digital war for public opinion is knowledge about the target subject’s computer usage habits, preferred topics, ideology, and political orientation. Personal data of this kind will become a perfect sample for a country to design computer viruses and tactics to manipulate public opinion.”

The bottomline: Balding sums it up best: “The threat of China as an authoritarian techno surveillance state is real and happening now… Not just within China but around the world.”

Reading list

Indian Express has all the details on the India angle, including the Chinese Embassy’s denial. Also: check out its explainer. ABC News and News.com.au have the best global overview. Want to know more about hybrid warfare? Eurasia Review offers a deep dive—including the scary example of how Russia used these tactics in Ukraine. The Conversation offers a quick overview. The Diplomat looks at how China might deploy it against Taiwan.