Meitu, a Chinese photo-editing app, is under the scope for supposedly collecting much more data than it should. By using this app, you can make your selfies look like cute anime characters, but when examining the permissions one is forced to grant it in order to use it, not everything looks quite as harmless.
Data security experts are shocked at the long list of permissions the Android app requires:
– USB storage.
– Full network access.
– IMEI number.
– Phone’s status and ID.
According to Ars Technica, the data they collect gets sent to multiple servers in China, which makes things even worse. Will Strafach, an InfoSec expert, wrote a post stating that the iOS version of the app is not as intrusive.
Meitu made an official statement claiming the data collected is not used in any nefarious way. Supposedly, they only use it to optimise app performance and do not sell it to anyone.
Meitu takes the following measures to protect user data:
– Use of the HTTPS protocol to make user data safe during transit.
– Employment of a full-time data security team.
– Encryption of stored data using multilayer encryption.
– Management of employee access to user data through the use of internal systems.
– Equipping their servers with an advanced firewall.
Everyone is entitled to draw their own conclusions whether they want to continue using the app or not. Still, it is worth asking: why would they need to go through your messages and USB storage to optimise the performance of their app?