A recent investigation has revealed that Apple’s App Store hosted several free VPN applications with direct connections to a Chinese military-linked firm, Qihoo 360. This discovery raises new concerns about privacy and national security for millions of iPhone users.
According to the Tech Transparency Project, roughly 20% of the top 100 free VPN apps available to U.S. users in 2024 were owned by Chinese companies. Many of these companies are legally required under Chinese law to hand over user data to the government. Among them, Qihoo 360 stands out due to its links with China’s People’s Liberation Army and several state ministries.
Ties to a Sanctioned Entity
Qihoo 360 has been on the U.S. Department of Commerce’s Entity List since 2020 due to its military connections. Yet, VPN apps developed by its subsidiary, Innovative Connecting, such as VPN Proxy Master, Thunder VPN, Turbo VPN, and others, remained accessible on the App Store. These apps have been downloaded millions of times, leaving a significant number of users vulnerable.
The app ownership structure was intentionally complex, making it difficult for users to understand who was behind these services. Despite Apple’s guidelines prohibiting data misuse, these apps may still collect and share browsing data due to Chinese national laws.
Apple’s Privacy Commitment Under Question
This situation puts Apple in a tough spot. The tech giant often promotes itself as a leader in privacy and user protection. However, experts believe its app review process may not be robust enough to catch these kinds of risks. Michelle Kuppersmith from the Campaign for Accountability called the findings a “national security nightmare” and urged Apple to act swiftly.
So far, Apple has not responded publicly. Notably, the apps remain available on the App Store.
Ongoing Challenges in China
This is not the first time Apple has faced challenges tied to Chinese regulations. In past years, it removed non-compliant VPNs from China’s App Store and slowed down its Apple Intelligence rollout due to local censorship rules.
While Apple continues to operate within each country’s legal framework, this latest revelation reignites the debate over how tech giants balance compliance with global privacy standards.
