Pinduoduo was removed by Google due to "malware", is it an accident?

Produced by Tiger Sniff ESG Group

Author|Zhang Xiaoyu

Head Image|Visual China

This article is the 020th article in the #ESG Progress Watch#series

Keywords: data privacy and security

On March 21, Reuters reported that Google had temporarily removed the Pinduoduo app from the store due to malware problems.

Google spokesman Ed Fernandez said in a statement that the removal of the Pinduoduo app is a security precaution. The spokesperson also said that Google's software protection service, Google Play Protect, will prevent users from downloading the Pinduoduo app from the Google Play Store, and that users who have already downloaded the app will also receive a warning prompting them to uninstall it.

Fernandez added that "we will continue to investigate for security reasons," adding that Temu, a U.S. shopping app operated by Pinduoduo, was not affected and could still be downloaded.

According to the Wall Street Journal, a spokesman for Pinduoduo confirmed that the current version of Pinduoduo's application did not comply with Google's policies and had been temporarily removed, and also said that "we are communicating with Google to obtain more information."

So, is the removal of Pinduoduo an accident?

Alleged "malware"

According to CNN News, the malware in this incident refers to any software developed to steal data or damage computer systems and mobile devices.

On the evening of March 20, Pinduoduo released its fourth quarter and full year financial report for 2022, and the performance was less than expected and caused the stock price to fall, but some netizens analyzed: "Not only the performance problem, but also the reason why the APP was removed from the Google market, and the evidence that may steal user data privacy has been established."

Speaking of user data privacy, Pinduoduo's "chop a knife" mechanism and some functional settings in the APP do have precedents for stealing user data.

In early March, DarkNavy, a domestic independent data security research service organization, released the "2022 Most "Unpardonable" Vulnerabilities", pointing out that well-known Internet manufacturers attacked users' mobile phones by mining deserialization vulnerabilities in the OEM code of Android manufacturers. Although the name of the APP was not directly announced, from the subsequent revelations, the characteristics of "controlling the mobile phone system through the APP", "unable to uninstall", "concealed installation", "attacking competitors' APP", "stealing user privacy data" and so on are roughly consistent with the complaints of Pinduoduo users in the social platform.

Pinduoduo's MSCI ESG rating has also declined year by year, and in 2022, its ESG rating was downgraded to B, and it is also lagging behind on the topic of "data privacy and security".

Pinduoduo MSCI ESG rating changes, image source: MSCI

Data privacy and security of Internet companies is one of the most important factors that investors need to consider when making investment decisions, and it is also one of the big gaps between different companies in ESG rating results. Enterprises such as Pinduoduo, because they hold a large amount of real data, are not only concerned and tortured by business ethics in terms of data security issues, but also subject to stricter supervision by various governments.

Previously, the U.S. government proposed more measures to strengthen cyber defenses against the increasing problem of hacking and digital crime. On March 2, the White House announced a new National Cybersecurity Strategy to guide future policies to strengthen regulation of existing cybersecurity practices across industries and improve collaboration between government and the private sector.

For Pinduoduo, not only does it need to actively respond to changes in data security to obtain long-term compliance and healthy development, but also expand the scope, Temu, which is still in the initial expansion stage, is also facing the same test.

Affecting Temu's survival?

Compliance policies vary from country to country and locality, and to be global, Temu also needs to operate locally and handle compliance.

On Temu's website, "payment security, data security, intellectual property protection" is prominently displayed.

Payment security and security protection are placed on the homepage of the Temu website, image source: Temu

Specifically, according to multiple foreign media reports, Temu may collect user information including shipping details, phone numbers and addresses, but essentially this information is only used to improve platform development and user services, and this data will be stored in a secure online ledger located at its US headquarters.

The user information collected by Termu complies with compliance standards and also complies with the APP's industry standards, and strict adherence to data privacy protection is described in detail in its privacy and cookie policies. Temu will also encrypt user data for security purposes, and online shopping apps will restrict access to users' personal information to only a limited number of authorized personnel who can access user data related to their jobs, duties and responsibilities.

But because the app was developed by a Chinese company, its popularity in the United States has raised growing concerns about their own privacy and security. Temu, in overseas markets, still faces questions such as "how their operators handle user data" and "whether this information will be handed over to the Chinese government."

Schmidt, who specializes in security and privacy at Vanderbilt University, said Temu's data and privacy practices are not prominent, and the company likely collects a lot of personal data about users and then uses it to sell ads.

For example, many young people are sharing and recommending Temu apps or product links to their friends on their social media to get more points or discounts, but it is unclear how the links are secure or whether information will be collected. Another person in Temu's comment section reflected, "This app sold my personal data to scammers, and I received several calls from China who claimed to be police officers, which is terrible."

In response to this phenomenon, Professor Vyas of the University of Southern California also hopes that consumers can stay awake in the face of low prices. He mentioned that "living in the digital age, consumers need to pay more attention to protecting their data and privacy."

More notably, in March, the RESTRICT (Limiting the Emergence of Security Threats in the Field of Information and Communication Technology) bill, introduced by 12 U.S. senators, mentions requiring the U.S. Secretary of Commerce to investigate apps and other products from countries such as China. In addition to Tik Tok, Temu is also on the list of key reviews. Former Google CEO Eric The Special Competition Research Project, a new think tank founded by Schmidt, made it more clear in a Feb. 15 article that Shein, Temu, and CapCut (along with WeChat) as apps "may pose challenges similar to TikTok."

For Temu's further compliance, Pinduoduo is also taking action, according to Lei Feng.com, Pinduoduo's organizational structure is being adjusted, except for the B-end team related to goods and merchants in Guangzhou, the rest of the teams are doing IM segmentation; This also includes some of Temu's team. More exaggeratedly, the Shanghai teams had to isolate their data from Pinduoduo within a few days.

To put it simply, Pinduoduo is splitting up with Temu to prevent overseas policies and other factors from affecting the normal operation of Temu's business. In this regard, some analysts pointed out that due to data privacy and security uncertainty, Pinduoduo may speed up the separation with Temu. After the split, if Termu continues Pinduoduo's domestic product expansion method, I am afraid it will not be easy.

On the evening of March 21, CaiLian News reported that Pinduoduo had refuted the "malware" news, and in response to reports that "Google has removed Pinduoduo because of malware problems", Pinduoduo said in an email statement that Google's statement was not conclusive, but it still did not elaborate.

However, as far as the current situation is concerned, whether at home or overseas, Pinduoduo has to pay more attention to protecting the security of user data.

Pinduoduo was removed by Google due to "malware", is it an accident?

Read on

Dai Shan's anniversary exam: Ali B series has more than enough pressure resistance and insufficient rebound

Liu Qiangdong's obsessed "tens of billions of subsidies" is still suitable for today's JD.com

Ali JD, dragged into the new inner roll

Jingdong's "tens of billions of subsidies" went online 20 hours in advance, and the e-commerce price war began

The tens of billions of subsidies war begins: who is cheaper between JD.com and Pinduoduo? Take you to contrast

Valuations shrank by a third! PINDUODUO'S KNIFE SLASHED SHEIN UNCONSCIOUS

WHAT SHEIN TAKES AGAINST PINDUODUO TEMU

30 billion market value to zero, what happened to Qutoutiao?

I, working as a "porter" in Pinduoduo, took 1,000 yuan from a short video

Temu is furious, sellers are divided: some people are more profitable than Amazon, and some people don't make a dollar at a time

E-commerce rivers and lakes are rising again, who is Pinduoduo targeting?

Fight "cost-effective", Ali, Jingdong, Pinduoduo roll when to rest?

Wu Jun, a well-known computer expert: ChatGPT is not a new technological revolution and does not bring any new opportunities

In the face of ChatGPT's global popularity, how should China's AI debut?

Silicon Valley Big L5: Survivors of Winter

The "middle factory" went to sea for a new war: change the coach, shrink, and change the way of playing

Why can't Europe create a mobile operating system that can compete with Android and iOS?

Liu Qiangdong returned and burned three fires, wanting to snatch back the users who were "robbed" by Pinduoduo

Ten thousand layoffs turned around and embraced AI, and Meta was going to change its name again

Microsoft Google wants to reinvent the business with AI, Musk said that AI will destroy humanity... Talk about AI

Samsung "backstabbed" Google

AI competition is intense, Google makes another big move! Merger of DeepMind and Google Brain

By merging DeepMind and Google Brain, Google ushered in a new era of AI

Keep up with Microsoft! Google's generative AI Bard can program and debug code bugs too

Nothing has been achieved in AI research and development, and you still lay off employees while sending yourself "red envelopes"? Google's CEO made nearly $1.6 billion last year

Google CEO Pichai: Artificial intelligence occupies the C position Search is important but no longer the core business

Apple and Google led the development of draft tracking industry specifications to prevent abuse of features

After sparking outrage in Brazil, Google removed the Slave Simulator game

The Queens rights sold for more than $1 billion, and EXO members terminated their contracts with SM Entertainment

Huawei's new phones can be sold by satellite phones; Pinduoduo's quarterly performance is good, and the stock price has skyrocketed|Science and Technology Morning News

Can't stay 3 days a week, the Amazon CEO was forced to say ruthlessly: If you don't go back to the office, you will leave!