The US Federal Bureau of Investigation has issued an alert to millions of smartphone users. On March 31, 2026, the FBI issued a Public Service Announcement via its Internet Crime Complaint Center (IC3), warning Americans about the serious data security risks associated with mobile applications developed by foreign companies, with a special focus on apps built and maintained by Chinese companies. The alert highlights that the threats are not limited to the United States; the bureau identifies these issues as worldwide in scope.
The timing of the warning is important. It follows years of regulatory disputes over TikTok’s Chinese parent company ByteDance, which was eventually compelled to hand up control of TikTok’s US operations to an American-led consortium led by Oracle, Silver Lake, and UAE-based investor MGX in early 2026. That agreement was made to avoid an outright ban under a 2024 US statute mandating divestiture for national security reasons. However, the FBI’s recent advice indicates that TikTok was never the complete matter, but rather the most obvious symptom of a much larger problem.
New York Post on X: “FBI warns iPhone, Android users against installing certain apps – as personal data could be collected, stored overseas.”
What The FBI Is Warning About And Why China Is At The Centre:
The PSA states plainly that as of early 2026, a significant number of the most downloaded and top-grossing apps in the United States are built and maintained by foreign companies and China is the country the bureau identifies by name. The core concern is legal, not just technical. Apps that maintain their digital infrastructure inside China are legally required to operate under that country’s extensive national security laws. Those laws give the Chinese government the authority to access data held by Chinese companies, which means users of those apps could have their personal information accessed by a foreign government simply by using an app on their phone.
The FBI is not saying every foreign-developed app is malicious. But it is saying that the legal framework governing Chinese companies creates a structural risk that users may not be aware of when they tap “install.” Unlike most Western jurisdictions where companies can push back against government data requests through legal channels, Chinese companies operating under national security obligations have far less room to refuse.
Apart from legal concerns, the alert presents a second, more technical concern: some of these programs may actively contain malware. The agency warns that certain foreign-developed apps may contain dangerous code, difficult-to-remove spyware, and backdoors that let creators or those who manage them to collect data well beyond what a user has explicitly authorized. This can occur when extra code packages are secretly downloaded after installation, expanding access to the device in ways the user did not intend.
FBI Director Kash Patel on X: “FBI will continue publishing recommendations and asking all Americans to take preventive steps to protect their data even on encrypted commercial messaging apps as we have seen evidence of foreign adversaries targeting their information through phishing schemes. This is part…”
What Data Is Actually At Risk Including People Who Never Downloaded The App:
One of the most striking aspects of the FBI’s warning is the scope of who could be affected. The bureau points out that the risk does not stop at the person who installs the app. When a user grants an app access to their address book or contact list, the app can harvest information about everyone stored in that list – names, phone numbers, email addresses, physical addresses, and user IDs regardless of whether those people have ever used the app or are even aware it exists.
This means that even if a person has never downloaded a Chinese-developed app, their contact information may be collected and potentially stored on servers overseas because a friend or family member who has installed the app given it access to their contacts. According to the FBI, this is one of the reasons why these apps are so difficult to monitor in terms of data security: the risk spreads from the individual user to their entire social network.
The type of data these apps can access goes far beyond contacts. Once permissions are granted, the bureau warns that some apps may continuously extract information even when they are not actively in use pulling location data, messages, browsing history, and financial account details from the device at will.
Cybersecurity News Everyday on X: “The FBI highlights privacy risks from foreign mobile apps, especially Chinese-developed ones, which may collect extensive data even when inactive. Users should limit data sharing and ensure device security.”
What The FBI Is Telling Users To Do Right Now:
The bureau’s guidance is practical and actionable. First and most importantly, users should only download apps from official app stores – Apple’s App Store and Google Play Store rather than from third-party websites or unknown sources, which carry substantially higher risk of compromised code. Even within official stores, the advisory recommends reading the privacy policy and terms of service of an app before installing it, paying close attention to what data the app requests access to and whether those permissions seem proportionate to the app’s stated purpose.
Users are also advised to disable data-sharing features that are not strictly necessary for the app to function. Keeping the device operating system updated is another key recommendation, as updates routinely patch known vulnerabilities that malicious code can exploit to gain elevated access.
For those who suspect their device has already been compromised, or who have noticed unusual behavior after installing a foreign-developed app, such as unexplained battery drain, abnormal data usage, or unauthorized account access, the FBI advises them to file a detailed complaint with the IC3 at ic3.gov. The bureau requests that users include the app’s name, developer, where it was obtained, the date of installation, the data permissions granted, and any suspicious activity detected following the installation.
Select Committee on China on X: “Reports reveal a breach of an FBI system containing sensitive law enforcement data, including surveillance targets. Advanced foreign hackers, including Chinese espionage groups, continue to threaten U.S. networks. All governments, businesses, and organizations must be vigilant.”
The FBI’s warning adds considerable weight to a growing bipartisan consensus in Washington that the data practices of foreign-developed apps particularly those linked to Chinese companies represent a genuine and underappreciated national security risk. For the average smartphone user, the message is straightforward: knowing who built the app on your phone, and understanding what laws that developer operates under, matters more than most people have ever stopped to consider.




