A short walk from my home in Beijing is a dumpling shop where I stop by every time I crave a hearty bowl of tomato soup, and the dumplings the shop is known for. When I came to the shop in early August, Mei, the shop owner, was standing at the door, fiddling with a broken temperature sensor. Last year, as Beijing successfully put the pandemic under control and restaurants began to reopen, the city government issued strict guidelines, including mandated body temperature checks as well as contact-tracing mechanisms.
Next to the sensor, two QR codes were taped to the front door. The one on the left read: “Beijing Health Kit.” Scanning it in my WeChat, I was taken to a mini-program, a pop-up window that contained my photo and health status. The other was labeled as my “Travel History Card,” which tracked the provinces and cities I visited in the past two weeks, based on my cell phone location.
Shortly after the Covid-19 outbreak, local governments in China quickly rolled out contact-tracing tools, many of which rely on mini-programs hosted on WeChat and Alipay. To register, users are usually required to complete a facial scan, then enter their name, mobile number, and national ID. Before visiting public places, like a park, a shopping mall, or a train station, one is expected to take out a smartphone and scan codes displayed beside the entryway.
The ubiquity of mini-programs predated the pandemic. In short, a mini-program is an “app within an app.” It allows people to access extra functionality without leaving the host application. I began noticing them in late 2017, when they popped up in malls and restaurant chains. Staff at McDonald’s in Beijing routinely directed customers to use the program to place orders. Luxury brands like Dior and Prada prompted their customers to make reservations. And neighborhood shops quickly joined in.
In November that year, I visited Mei’s dumpling shop and noticed QR codes taped to the corners of every table. A few months earlier, she hired a company to develop a mini-program to handle dining-in orders. Unlike some of the programs offered by larger restaurants, hers was bare-bones. It had no delivery option or built-in function to display promotional deals. She had paid an initial fee of just over $500, plus a small maintenance fee to the developers every month.
“It was the going rate for a waiter’s monthly salary. So I figured it was worth it,” she told me.
Mini-programs were designed to help people like Mei, and now, she and her business are being lumped into the bigger picture of government-mandated data gathering during the pandemic.
WeChat founder Allen Zhang and his team began testing out mini-programs in 2016. They wanted to build a decentralized platform, allowing third-party developers to help small businesses handle daily transactions. A mini-program is lighter than a native app and easier to develop because it is housed by bigger platforms. Merchants don’t have to worry about maintaining separate apps for iOS and Android users. And customers don’t have to overload their phones with apps they rarely use. Instead, they can scan a QR code or do a quick search in WeChat to locate a program. And when transactions are finished, users simply close the pop-up window and return to WeChat’s main menu.
There is no equivalent in other countries. In many ways, the rise of mini-programs is made possible by the landscape of China’s platform industry, which is dominated by super apps, like WeChat and Alipay. Since Tencent officially rolled them out in January 2017, other tech giants, including Alipay, Baidu, and ByteDance, have followed suit. By the end of last year, the number of mini-programs had surpassed 6 million in total. WeChat dominatesf the market with more than 400 million daily active users.
Despite their rising popularity, though, I had mostly skirted around them. The price of convenience involved disclosing more personal data than I was comfortable with. To use a mini-program in WeChat, one has to authorize it to obtain their “public profile,” which can include an alias, bio picture, and location. At the same time, it is often impossible to find any of the developers’ information.
And once you opt in, there is no clear way to opt out. Researchers found last year that less than 40% of all mini-programs laid out their privacy terms; some even continued to track users’ location after permission had been revoked. So when Mei first asked me to try hers, I told her that my WeChat wasn’t up-to-date, and she graciously took my order with a pen and pad. Truth be told, I simply did not wish to share too much when I had too little control.
Then the pandemic hit, and China tightened border restrictions. Before visiting home in late June, I had to ask for permission from the Chinese consulate in San Francisco, where I was scheduled to fly out to Shanghai. I provided a photocopy of my passport, my Covid-19 test results, flight information, and other supporting documents. The consulate staff then reviewed them before issuing a “green code,” so I could board my flight. Since last March, Chinese citizens living overseas have had to go through similar procedures if they wish to visit home.
All of these procedures were handled via a mini-program on WeChat. Despite two lines in fine print at the bottom of the page that list the name of an agency under China’s Ministry of Foreign Affairs and “supported by Tencent / Tencent Cloud,” there was no indication of who had access to my data and how long it would be stored.
I arrived home to find that all my friends and family had long become experts in the new normal. When I went grocery shopping with my 87-year-old grandfather, I watched in awe as he took out his phone, scanned the codes, and cruised through security, while I was scrambling to get everything together. Later, when I asked him how he felt about having to use these tools, he replied, without missing a beat, “I think they are great. Other countries don’t have them, and that’s why they are terrible at controlling the pandemic.”
Like the program used by Chinese consulates, Beijing Health Kit, a program mandated by the city government, had no privacy terms either. Last March, Mana Data, a research institute based in Shanghai, looked at 16 contact-tracing mini-programs in different cities and provinces and found that only three laid out their terms and required user consent.
Last December, dozens of celebrities’ photos and health statuses were leaked via Beijing Health Kit and sold online. The story did not gain much traction in the Chinese press, and the source of the security gap is still unclear. ZKBRAIN, the developer of the program, said that the company would “look into the issue” but never publicized its findings. At the time of publishing, it could not be reached for comment.
But I did notice that the current version makes it more difficult to look up someone else’s health status: if one wishes to do so, and that person is between the age of 16 and 60, the program requires a facial scan of the said person for authentication. (Previously, entering a name and national ID number would suffice). The program is being used by over 30 million people, according to an interview with the lead developer.
A few weeks ago, China passed the Personal Information Protection law, which was hailed as a game changer. The law is geared toward curbing data gathering by commercial entities, says Xiaomeng Lu, director of geo-technology practice at Eurasia Group, a U.S.-based political risk consultancy. But experts cautioned against too much optimism, especially when it comes to government-mandated data collection.
Though the law does require government agencies to respect privacy, Lu doubted that enforcement would be strong. While companies would have to comply with more stringent requirements on data gathering, transfer, and maintenance, the law gives the government “a broad leeway” to collect personal data for public safety, Lu told me. “If the government demands data on public health grounds, it’s hard for the companies to say no,” she said.
That makes me wonder what would happen to all the data I had duly provided via dozens of mini-programs during my recent visit home. Now that the Chinese government is determined to make pandemic control a “regular” aspect of daily life, will we ever have the option to say no again?
On my last day in Beijing, I arrived at the Capital International Airport four hours before my scheduled departure. As I was checking in my luggage, a service staff reminded me to complete the exit declaration for borders and customs. “Just turn around and walk past the long line, you’ll see a stand with a QR code on your left,” she said, her voice muffled by the mask.
I thanked her, walked over to the stand, and scanned the code. That was the last time I used a mini-program — at least until my next visit home.
