The Department of Homeland Security released a memo saying that Da-Jiang Innovations (DJI to you and me) has been grassing up information on American infrastructure and law enforcement to the Chinese government. Naughty.
A good old “reliable source” is named (or specifically not named) as being responsible for the information, along with some open source reporting.
They are “moderately confident” that DJI is sending Chinese Government sensitive info. Two Android versions of the DJI app automatically tag GPS imagery and location, register facial recognition data even with tracking turned off, and access data in the user’s phone. This data is allegedly sent to cloud servers which the Chinese government is likely to have access.
They reckon that the Chinese could use this data to conduct cyber or physical attacks on America. The memo goes on
"Alternatively, China could provide DJI information to terrorist organizations, hostile non-state entities, or state-sponsored groups to coordinate attack against U.S. critical infrastructure."
The memo also points to a different memo from the US Army which bans units from using DJI drones because of vulnerabilities. On top of that, the Navy has a similar ban.
All sounds pretty bad. But, is it a real threat? Sounds a lot like paranoid American anti-Chinese propaganda and DJI are annoyed. They say the memo is “based on clearly false and misleading claims from an unidentified source.”
They then do a mic drop by adding
"Several of the key claims made but this unnamed source show a fundamental lack of understanding of DJI, its technology and the drone market."
But they would say that, wouldn’t they? They’re not going to fess up and say “OK, Uncle Sam, you caught us, we give up.”
It’s all reminiscent of the Kaspersky Labs issue. Again, no actual evidence was provided, but their anti-virus software is banned in the US after several media reports, but crucially no evidence.
I guess America only want Google to spy on their countrymen…