What Did the FBI Warn Smartphone Users About?
In early 2026, the FBI issued a formal Public Service Announcement (PSA) warning iPhone and Android users about serious data security risks posed by foreign-developed mobile applications — particularly apps maintained by companies headquartered in China. The core concern: China’s national security laws require developers to share data with the Chinese government on demand, meaning popular apps could be quietly funneling your contact lists, location data, and private messages to foreign servers.
Key Takeaways
- The FBI’s 2026 PSA warns that many of the most-downloaded U.S. apps are developed and maintained by foreign companies, especially Chinese firms.
- Chinese national security laws require developers to share user data with the government, potentially exposing contacts, location, browsing history, and biometrics.
- Data can be stored locally on your device or on servers in China for as long as developers choose to keep it.
- TikTok’s 2026 restructuring under U.S. control (Oracle, Silver Lake, MGX) highlighted exactly these concerns but the FBI’s warning extends far beyond any single app.
- Practical steps — auditing app permissions, deleting foreign apps, using encrypted messaging — can significantly reduce your exposure.
Why the FBI Issued This Warning Now
This alert did not come from nowhere. Years of concern over TikTok — culminating in the 2026 deal that transferred U.S. operations to an American-led consortium — brought data sovereignty into mainstream conversation. But the FBI’s warning makes clear this is a systemic issue, not a single-app problem.
As of early 2026, multiple of the most-downloaded and top-grossing apps in the United States are developed and maintained by companies based in China. These companies operate under laws that compel cooperation with Chinese intelligence agencies, regardless of what their privacy policies say to Western users.
The risk is structural, not hypothetical.
What Data Is at Risk?
When you grant an app permissions on your smartphone, you may be handing over far more than you realize. The FBI’s PSA specifically identifies the following data categories as vulnerable through foreign apps:
Contact lists — Even if you never share your own contacts deliberately, apps with contact access can build social graphs that map your relationships to high-value targets.
Location history — Continuous location tracking reveals home address, workplace, travel patterns, and behavioral routines.
Biometric data — Facial recognition data collected through photo filters and face-scan features.
Browsing and app usage history — What you read, watch, buy, and search can be harvested and aggregated.
Microphone and camera access — Apps that request mic or camera permission — often unnecessarily — can capture audio and video.
The PSA specifically warns that once permission is granted, apps can persistently collect this data throughout the device, not just when the app is actively open.
How to Protect Yourself: Step-by-Step
Step 1 — Audit your app permissions.
On iPhone: go to Settings → Privacy & Security. On Android: go to Settings → Privacy → Permission Manager. For each sensitive permission category (Location, Microphone, Camera, Contacts), review which apps have access and revoke anything that doesn’t have a legitimate reason.
Step 2 — Check where apps are headquartered.
Before downloading an app, search the developer’s name and privacy policy. Look for where data is stored and whether the company has ties to Chinese infrastructure.
Step 3 — Delete apps you don’t actively use.
An unused app with broad permissions is a liability. Delete rather than simply uninstall from the home screen.
Step 4 — Use encrypted messaging for sensitive conversations.
The FBI has separately warned that cross-platform messages between iPhone and Android lack end-to-end encryption. Use Signal or WhatsApp (end-to-end encrypted) for sensitive communication rather than standard SMS.
Step 5 — Stick to official app stores.
The FBI recommends avoiding sideloading apps outside of the Apple App Store or Google Play. Third-party app sources carry significantly higher malware risk, especially for Android users.
Step 6 — Keep your OS updated.
Security patches close known vulnerabilities that malicious apps could exploit.
Comparison: Risk Levels by App Type
| App Category | Typical Risk Level | Why |
|---|---|---|
| Short-form video (foreign-developed) | High | Location, contacts, and biometrics are commonly requested |
| Photo filter/editing apps | Medium-High | Facial data and camera access |
| VPN apps (foreign) | High | Routes all traffic through the developer’s servers |
| Utility apps (flashlight, etc.) | Medium | Often request far more access than needed |
| Gaming apps | Medium | Contact access, purchase behaviour, device IDs |
| Major U.S. platforms | Lower (still review permissions) | Subject to U.S. data laws |
Expert Tip
The FBI’s tip to check what permissions an app requests upon download is good, but insufficient on its own. As the FBI warns smartphone users about growing mobile security threats, it’s important to remember that many apps ask for minimal permissions initially and request more after establishing user trust. Set a calendar reminder every 6 months to review your app permissions from scratch — not just at install time.
FAQ
What did the FBI warn smartphone users about in 2026?
The FBI issued a PSA warning that foreign-developed apps — particularly from Chinese companies — pose serious data risks because Chinese national security laws require developers to share user data with the government on demand.
Which apps are the FBI warning about?
The FBI did not list specific app names, but focused on apps developed by companies headquartered outside the U.S., particularly in China, that store user data on Chinese servers.
Can the Chinese government access my phone data through apps?
Under China’s national security laws, developers based in China can be compelled to share user data with Chinese intelligence agencies. Apps that store data on Chinese servers are subject to this requirement.
How do I check what permissions my apps have?
On iPhone, go to Settings → Privacy & Security. On Android, go to Settings → Privacy → Permission Manager. Review and revoke unnecessary permissions, especially for Location, Microphone, Camera, and Contacts.
Is TikTok still dangerous after the 2026 deal?
TikTok’s U.S. operations were transferred to an American-led group (Oracle, Silver Lake, MGX) in 2026 to address data concerns. The FBI’s broader warning, however, extends to all foreign-developed apps, not just TikTok.
What encrypted messaging apps does the FBI recommend?
The FBI has recommended using end-to-end encrypted messaging apps (such as Signal) for sensitive communications, as standard SMS messages between iPhone and Android users lack end-to-end encryption.
Find a Home-Based Business to Start-Up >>> Hundreds of Business Listings.
