CHINESE INTELLIGENCE AGAINST AUSTRALIA
Australians flagged in Shanghai security files which shed light on China's surveillance state and monitoring of Uyghurs
The identities of 161 Australian citizens — including a former intelligence chief, government officials and business leaders — have been exposed in a hacked Shanghai security database which reveals the inner workings of China's surveillance state.
- The database includes details of more than 5,000 foreigners who were flagged when they travelled to Shanghai
- The Australians include a former ambassador, business leaders and a university student
- The leaked files shed light on authorities' monitoring of thousands of Uyghurs labelled as "suspected terrorists", some as young as five
Australian authorities are investigating whether the citizens may have been flagged for monitoring by Shanghai's Public Security Bureau (PSB), the city's powerful police force which has intelligence and immigration control functions.
The data was provided to Australian security officials, the ABC and a handful of media organisations internationally, giving a rare and detailed window into China's development of a national mass surveillance system.
Among the scores of other Australians unwittingly caught up in the data breach are business leaders and senior staff with access to sensitive technologies and information from companies including Telstra, NAB, Ernst & Young and NBN Co.
Hackers found the unprotected database, codenamed 'uyghur terrorist', on an open-source data platform used by security agencies across the world, and provided the information to Canberra-based cyber security firm Internet 2.0.
- A Telstra executive responsible for technology innovation
- A senior NAB data security consultant who went on to work for NBN Co
- A global firearms magnate
- Partners at global consulting firm Ernst & Young
- A headmaster of an elite Shanghai international school
- A university student who interned with Australia's Department of Foreign Affairs and Trade and the US Senate
- A director of influential Chinese-language media company Australia China Media Group
- A senior executive at Australia's largest beef producer, the Australian Agricultural Company
Geoff Miller, a former Office of National Assessments director-general and ambassador to Korea and Japan, was flagged when he landed in Shanghai for a week-long sightseeing tour with his wife in September 2018.
The investigation into the database comes amid heightened fears for Australians in China, with the Department of Foreign Affairs and Trade last year warning citizens not to travel there because Beijing had detained foreigners for allegedly "endangering national security".
"I've seen evidence of the same system type being developed in other cities and provinces across China in a standardised way," she said.
"Although this data is showing information from a limited time period, it shows how foreigners could get caught up in China's surveillance state when they've passed through the country, even if that system isn't fully established yet.
"While there's no clear evidence in this data why these Australians have been flagged, it illustrates the risks in the future when Chinese security officials could track anybody travelling within the country.
"It shouldn't be a surprise to any foreigner visiting China that they might be tracked."
Dr Hoffman believes the data feeds into a national program in development, called Skynet, which will connect facial recognition cameras, public security databases, command-and-control systems and threat intelligence across the country.
Human Rights Watch's China director Sophie Richardson says the database is "further evidence of the Chinese government's efforts to hoover up enormous amounts of data from people without their really knowing about it, or being aware of how it's being used".
"But I think it's also interesting that this is another data leak, one in a series over the last couple of years, that amongst other things shows how vulnerable this data is, even though it's been gathered by the authorities."
'You can be listed as a terrorist simply because you went to a mosque'
The leaked files reveal the identities of more than 25,000 persons of interest who face intense monitoring in China, including ethnic minority Uyghurs, political dissidents, children, people with mental illness and alleged criminals.
The database contains records of the PSB's efforts to monitor, detain and question thousands of Uyghurs named as "suspected terrorists" — believed to be just a small sample of the country's vast blacklists.
The Uyghur "suspected terrorists" include more than 400 minors, some as young as five, who are logged in the files as having been examined in person by PSB officials.
About 8,000 Uyghurs are flagged in the database for "suspected terrorism" and other crimes such as "assembling a crowd to disturb social order", an offence often used to jail activists.
The ABC confirmed the identities of several of the Uyghur "suspected terrorists", including two successful businessmen who were detained in Xinjiang and later fled to Turkey with their families.
Both men were listed on a PSB technology division blacklist, which recorded that they had been tracked in Shanghai.
The ABC has agreed not to identify them for their safety.
Speaking from Turkey, one of the businessmen told the ABC he believed he was placed on the blacklist after a day trip to Shanghai Disneyland during a visit to nearby Hangzhou in 2017.
He said PSB officers questioned him and searched his hotel room on the first night of his stay in the city, which was hosting a major national event.
"The police told me no Uyghurs are allowed to stay in Hangzhou because the city was holding an important meeting," he told the ABC.
He said that after returning to Xinjiang, he was held for a month in a detention centre, wearing only his underpants in a cold, overcrowded cell.
He believes the leaked database is important evidence supporting claims of cultural genocide against the ethnic minority.
"It shows what we said was the truth," he said.
"You can be listed as a terrorist simply because you went to a mosque.
"I think the Chinese government wants to eliminate us."
The second man, who spent 10 months without charge in a Xinjiang jail, told the ABC he feared being forced back to China under a looming extradition deal with Turkey.
"I was shocked to learn I am on the list and by what that means to me and my family," he said.
"I'm seriously considering whether I should leave Turkey."
The treaty is awaiting ratification by Turkey's parliament after China approved it in December.
The Turkish government denies it would affect the country's 40,000 Uyghurs.
The new evidence of monitoring and control comes amid rising international pressure on China, in the wake of horrifying accounts of rape and torture of Uyghurs in a network of internment camps in Xinjiang province.
The United States, European Union, Britain and Canada last week launched coordinated sanctions against Chinese officials over human rights abuses in Xinjiang which the US and Canada described as genocide.
The Australian government welcomed the sanctions, but they provoked swift retaliation from Beijing which claims it targets Uyghurs to stamp out terrorism.
Persons of interest flagged for mental illness, past drug use
One watchlist in the database identifies 10,000 persons of interest according to seven priority categories declared by China's national Ministry of Public Security.
The categories include people flagged for monitoring because of mental illness, past drug use or criminal history.
The crimes identified range from theft and fraud to "illegally acquiring state secrets" and defection.
Listed alongside them as key persons of interest by the ministry are people involved in "disturbing social order" and repeat "petitioners" — people who file official petitions against government officials about issues including corruption, medical negligence, police brutality, unfair dismissal, land grabs and malfeasance.
The leak also contains the private information of thousands of police informants and people making complaints to the Shanghai PSB.
Their personal details — including names, home addresses and phone numbers — are exposed in records of calls to Shanghai police stations made since early 2018.
It follows a huge leak of Chinese police informants' data in 2014.
Companies and employees flagged
The database also reveals how Shanghai authorities monitor employees of flagged foreign-owned and Chinese companies.
It contains a watchlist of the employees of 976 companies, which have been flagged because of their access to dangerous chemicals, explosives-making materials, and drugs.
A quarter of those companies are foreign owned, including American manufacturing giant 3M, German pharmaceutical company Bayer and Japanese heavy industries and electric company Mitsubishi.
The records show how 48 employees from the flagged companies were tracked by facial recognition cameras as they moved around Shanghai's Jinshan harbour district.
The database also contains records of hundreds of thousands of vehicle recognition photographs taken by cameras in the same area.
The vehicles targeted are from a watchlist of China's "intelligent vehicle-monitoring" system, under which the owners of vehicles carrying dangerous materials, trucks and passenger buses are required to have video and GPS installed for PSB surveillance.
Australian Foreign Affairs Minister Marise Payne and the Department of Home Affairs declined to comment when contacted by the ABC.
The Department of Foreign Affairs and Trade referred Australians who are in China or considering travelling there to its Smartraveller travel advice.
China's embassy in Australia did not respond to a request for comment by deadline.
The companies named in the article were also contacted for comment. In a statement, NBN Co said it did not comment on personnel matters but had "rigorous contractual, safety and security measures in place to protect our people, company and network".