The U.S. Commerce Department made moves Monday to limit the activities of eight Chinese companies in the U.S., citing human rights abuses and surveillance against Uighurs and other Chinese Muslim minorities.
The department said it is adding the companies to its Entity List, which identifies people, businesses or other organizations for “engaging in activities contrary to U.S. national security and/or foreign policy interests.” Although the department names human rights abuses as the primary concern in its latest action, some of the eight companies have also come under federal scrutiny in recent months for security issues.
Just two months ago the Trump administration issued a rule to bar federal purchases of telecommunications equipment from two of the companies added to the list this week, Hangzhou Hikvision Digital Technology Co. Ltd., a former Chinese government research arm, and Dahua Technology. Those earlier moves were done in accordance with the 2019 National Defense Authorization Act.
Another company added to the Entity List this week, Xiamen Meiya Pico Information Co. Ltd., calls itself an “expert in digital forensics and cybersecurity in China.” It offers cellphone surveillance equipment and boasts of phone unlocking capabilities, password recovery services and decryption techniques.
Meiya Pico has also been linked with a spy application, called MFSocket, that Chinese police have been using to examine people’s phones in random checks and retrieve location data, messages, audio files, call logs, contacts and calendars even when they are not suspected of criminal activity, according to the Financial Times.
Other businesses added to the Entity List include AI and surveillance technology companies, including IFLYTEK, Megvii Technology, Sense Time, Yitu Technologies, and Yixin Science and Technology Co. Ltd. The Commerce Department’s move also includes approximately 20 Chinese security bureaus that have helped build out surveillance in the Xinjiang Uighur Autonomous Region.
Addition to the Entity List is intended to block the companies from obtaining parts from U.S. businesses without approval from the U.S. government.
“These entities have been implicated in human rights violations and abuses in the implementation of China’s campaign of repression, mass arbitrary detention, and high-technology surveillance against Uighurs, Kazakhs, and other members of Muslim minority groups,” in the Xinjiang Uighur Autonomous Region, the department said in a filing Monday.
The Chinese government, which has forced its Uighur Muslim population into mass detention camps, has been linked with a hacking group in the past that has targeted the Uighur population with mobile malware, according to security firm Lookout. Apple confirmed just last month hackers have been using iOS vulnerabilities to target them and collect information such as location data.
It’s not the only time the Entity List has been expanded this year — Huawei was added in May for national security reasons just as the White House issued an executive order on telecommunications security meant to protect U.S. companies from working with companies beholden to adversaries’ governments. The Commerce Department is expected to roll out an enforcement plan for that executive order on telecommunications security within the next week.
Although the companies have been added to the list the same week that U.S.-Chinese trade talks are set to resume, a Commerce Department spokesperson said the “action is unrelated to the trade negotiations,” which are set to resume formally this Thursday.