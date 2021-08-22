China watch Cybersecurity Experts Worried by Chinese Firm’s Control of Smart Devices

By Adam Xu

Published 23 August 2021

Cybersecurity experts are worried, and they urge Washington to limit or ban Tuya from doing business in the United States, in part because a broad new Chinese law requires companies to turn over any and all collected data when the government requests it.

Smart home thermostats. Smart home security cameras. Smart refrigerators. Smart TVs. Smart pet feeders. Smart breast pumps.

Tuya says as of 2020, its services cover more than 1,100 categories, such as healthcare, agriculture and apartment management, and are sold in more than 220 countries and regions globally in over 116.5 million smart devices.

More than 5,000 brands have incorporated Tuya’s technology in their products, including Dutch multinational Philips, and TCL, the Chinese electronics company that makes Roku TV, according to the company. Global retailers Amazon, Target and Walmart sell consumer products that use Tuya’s technology.

Some cybersecurity experts worry about the lack of protection for the consumer data collected by Tuya tech in household items and in products used in health care and hospitality.

The experts are urging Washington to limit or ban Tuya from doing business in the United States, in part because a broad new Chinese law requires companies to turn over any and all collected data when the government requests it.

“If you think about this as a safety issue, you can’t buy a toy with broken glass in it. You can’t buy expired medicines,” said Vince Crisler, CEO of Dark Cubed, a cybersecurity firm in Arlington, Virginia. “Could these devices be considered a safety issue and therefore there is a certain level of standards? I think that’s absolutely a starting point where Congress could legislate.”

In October 2020, Republican Senator Marco Rubio introduced the Adversarial Platform Prevention (APP) Act “which would establish a set of data protection and censorship related standards and restrictions that must be met before high-risk foreign software … is permitted to legally operate in the United States.”

Consumer Desire

Tuya technology provides the function known as “platform as a service” (PaaS), which enables things to be “smart” by providing them with an internet connection. The smart devices then create a large, inter-connected network.