Chinese authorities say they have uncovered a massive underground operation run by Apple employees selling computer and phone users’ personal data. Twenty-two people have been detained on suspicion of infringing individuals’ privacy and illegally obtaining their digital personal information, according to a statement yesterday from local police in southern Zhejiang province. Of the 22 suspects, 20 were Apple employees who allegedly used the company’s internal computer system to gather users’ names, phone numbers, Apple IDs, and other data, which they sold as part of a scam worth more than 50 million yuan (USD 7.36 million).
The statement did not specify whether the data belonged to Chinese or foreign Apple customers. Following months of investigation, the statement said, police across more than four provinces – Guangdong, Jiangsu, Zhejiang, and Fujian – apprehended the suspects over the weekend, seizing their “criminal tools” and dismantling their online network. The suspects, who worked in direct marketing and outsourcing for Apple in China, allegedly charged between 10 yuan (USD 1.50) and 180 yuan (USD 26.50) for pieces of the illegally extracted data.
The sale of personal information is common in China, which implemented on June 1 a controversial new cybersecurity law aimed at protecting the country’s networks and private user information. In December, an investigation by the Southern Metropolis Daily newspaper exposed a black market for private data gathered from police and government databases. Reporters successfully obtained a trove of material on one colleague – including flight history, hotel checkouts and property holdings – in exchange for a payment of 700 yuan (USD 100).