JD Finance, the finance arm of Chinese e-commerce giant JD.com, found itself embroiled in a privacy scandal over the weekend. Users raised concerns that its app could collect private data without seeking authorization in advance, adding to worldwide worries that apps might be collecting far more information than needed.
On Sina Weibo — also known as “China’s Twitter” — a user posted a video that shows what happens when he opens the JD Finance APP and takes a screenshot in another app, in this case, the mobile app of China Merchants Bank. The screenshot curiously then shows up in the documents folder of JD Finance.
JD Finance responded to concerns that this type of data collection invades user privacy by saying the screenshot is only a cache stored on the user’s phone and that JD Finance isn’t able to see and analyse these screenshots.
The cache function is only to facilitate sending screenshots from the JD Finance app to its customer service employees, JD Finance said. Unless a user sends such screenshots to JD Finance, the firm can’t access them.
But this response did not convince the Weibo video creator. He made another comment, criticising JD Finance for the way it uses the cache function. Why did it copy the entire screenshot into the cache folder, which is a waste of time and memory space, when there are other ways of doing it? He added that the method employed here justifies speculation that JD Finance might indeed have an interest in the screenshot data itself.
JD Finance responded for a second time, admitting that there is a safety problem in its app and blaming this on an error in the tech department. JD Finance held on to the claim that it has never thought of collecting user data without authorisation.
The company said it will address this problem and that it would ask experts to conduct an overall safety and security evaluation of its app.
Editor: Nadine Freischlad