Beijing’s Mandatory Olympics App Is Shady as Hell, Analysts Say

The app that all Beijing Winter Olympics athletes must use to report their health and travel data contains security weaknesses and frameworks for censorship that leaves smartphone users exposed, researchers said. Canadian cybersecurity watchdog Citizen Lab found a list of “censorship keywords” built into the app, though the list appears to be inactive. It also contains a feature that allows for the flagging of “politically sensitive” phrases. And raising questions about surveillance and tech security ahead of the Feb. 4 Games, the app failed to encrypt personal data—like COVID tests and passport details—during transmission. “All the information you are transmitting can be intercepted, particularly if you are on an untrusted network like a coffee shop or hotel Wi-Fi service,” one of the report’s authors said. Citizen Lab said it disclosed the issues to the Beijing Organizing Committee on Dec. 3 but received no response. The app, MY2022, will be used by athletes, spectators, and members of the media. Several countries, including the U.S., have reportedly told their athletes to use burner phones at the Olympics.