The Chinese military said fitness trackers and watches could send private and strategic data to hackers who've gained access to the vulnerable devices.
China’s military released an ominous warning on May 10, telling troops and the wider public that network-connected wearable devices pose a national security risk when used by military personnel.
Published in the People’s Liberation Army (PLA) Daily—a mouthpiece for the military—the warning outlines the risks (link in Chinese) of all devices smart and wearable: watches, fitness trackers, and glasses are all addressed.
“The moment a soldier puts on a device that can record high-definition audio and video, take photos, and process and transmit data, it’s very possible for him or her to be tracked or to reveal military secrets,” says the message, without mentioning any specific products.
What led to this ominous message? The PLA cites a recent case in which an unnamed soldier from Nanjing tried to use a smart watch to take a photo with his comrades. The story may not actually be real: Even the smartest watches don’t usually have cameras, and the quote from the unwitting soldier—”Come on, let me use my new smart watch to take a photo of everyone!”—seems too convenient to be true. But it’s plausible enough for the PLA to make its point about security.
In fact, the PLA and militaries the world over are probably less afraid of intentional acts like photographing and distributing classified information, and more worried about the passive data collection and transmission happening on these devices. The PLA’s warning says that fitness trackers and watches, if compromised, could send data on soldiers’ locations, movements, and even health conditions to whoever has gained access.
The military should be even more afraid if soldiers are using knock-offs that are no doubt less secure than the real thing.
The warning doesn’t mention an outright ban of wearables by the PLA, but does cite China’s National Administration for the Protection of State Secrets, the Communist Party’s arbiter of classified information, as saying that “the use of wearables with internet access, location information, and voice calling functions should be considered a violation of national security provisions when used by military personnel.”
Indeed, such devices don’t have to be all bad for militaries. The US in 2013 issued FitBit wristbands to soldiers as part of a trial fitness program. And the PLA would surely want, for its own purposes, data on the health conditions of all of its soldiers at any point in time.
Nevertheless, wearable tech is now on the growing list of cyberwar battlefields, alongside email inboxes and USB drives.