Free VPNs may be exposing sensitive data to the Chinese government because of China’s laws that compels companies to hand over data upon request.
Apple users of free virtual private networks, or VPNs, may be exposing sensitive data to the Chinese government, as a report by the Tech Transparency Project (TTP) shows that several popular VPN applications continue to operate despite being identified as secretly owned by Chinese entities. The report raises security concerns, as Beijing’s strict information-sharing laws convert apps into potential data goldmines for China’s intelligence agencies. Some of these applications are linked to companies identified by the U.S. as Chinese military firms.
To date, 13 apps from the April 2025 report continue to operate on Apple’s App Store. In some cases, companies have changed the name of identified apps, added new VPNs to the App Store, or offered additional applications. At least 11 also continue to operate on Google’s Android store. As of September 2025, Chinese VPNs available on the Apple App Store include:
Chinese-owned VPNs pose a significant threat to users. While Apple and Google have acknowledged the risks, TTP’s reporting shows a major gap in the tech industry’s security practices. Fortunately, consumers can protect themselves by taking several steps when choosing a VPN provider.A new type of risk
To gauge the level of risk these applications pose, you must first understand how they work. Virtual Private Networks mask users’ IP addresses by rerouting their connection through an outside network rather than their internet provider. These tunneled connections are encrypted, so prying eyes can’t access certain security-critical information. Although VPNs don’t guarantee user anonymity, they are a useful tool for security-conscious consumers. Despite their benefits, if a VPN isn’t secure, it can pose serious risks.
For instance, VPNs have unfettered access to a user’s connection, enabling them to potentially track IP addresses, locations, browsing history, and even payment details. Chinese-owned VPNs, in particular, pose significant risks to users’ privacy because Beijing’s compulsory data-sharing laws compel companies to grant their government access to all their user data upon request. The risk of the Chinese government pilfering American data has been at the forefront of U.S. lawmakers’ minds, with legislators attempting to force the sales of popular Chinese-owned applications like TikTok and Grindr. The Biden administration even banned Chinese tech giant Huawei from selling telecommunication equipment.
But VPNs can be even more worrisome due to their high level of access, potentially transforming them into playgrounds for a Chinese cyberwarfare apparatus that continues to target private citizens.
