Get all your news in one place.
100’s of premium titles.
One app.
Start reading
ABC News
ABC News
National
Sean Rubinsztein-Dunlop and Echo Hui

Australians flagged in Shanghai security files which shed light on China's surveillance state and monitoring of Uyghurs

Publisher Janis Manning and former intelligence chief Geoff Miller are among the Australians identified in the database.(

ABC News: Emma Machan

)

The identities of 161 Australian citizens — including a former intelligence chief, government officials and business leaders — have been exposed in a hacked Shanghai security database which reveals the inner workings of China's surveillance state.

Australian authorities are investigating whether the citizens may have been flagged for monitoring by Shanghai's Public Security Bureau (PSB), the city's powerful police force which has intelligence and immigration control functions.

Activists hacked an insecure server late last year, discovering the trove of more than 1.1 million Shanghai PSB and surveillance records.

The data was provided to Australian security officials, the ABC and a handful of media organisations internationally, giving a rare and detailed window into China's development of a national mass surveillance system.

The database contains PSB watchlists of tens of thousands of persons of interest, reports from informants, facial and vehicle recognition photographs, and immigration data.

The records also detail the monitoring and questioning of thousands of ethnic minority Uyghurs, some as young as five.

The database includes the passport details and photographs of more than 5,000 foreigners, flagged when they travelled to Shanghai since 2017.

The Australians include notable and influential identities, such as Geoff Miller, a former ambassador and head of the Office of National Assessments intelligence analysis agency.

Among the scores of other Australians unwittingly caught up in the data breach are business leaders and senior staff with access to sensitive technologies and information from companies including Telstra, NAB, Ernst & Young and NBN Co.

Mystery surrounds flagging of Australians

Hackers found the unprotected database, codenamed 'uyghur terrorist', on an open-source data platform used by security agencies across the world, and provided the information to Canberra-based cyber security firm Internet 2.0.

Internet 2.0 chief executive Robert Potter told the ABC the files appeared to be a piece of a larger database feeding into a burgeoning mass surveillance system.

The hacked database was provided to Robert Potter's Canberra-based security firm, Internet 2.0. (

ABC News: Nicholas Haggarty

)

"This draws on much larger systems which are significantly more advanced in both scope and scale than those operated in democratic states," he said.

"It demonstrates how China broadly seeks to control all data points within the enforcement of law and political control."

The mystery to Australian authorities is why 161 citizens were flagged passing through an immigration checkpoint at Shanghai's Pudong International Airport in 2018.

Authorities are investigating whether the Australians were identified for intelligence purposes or caught up in a broader data sweep.

The Australians included:

  • A Telstra executive responsible for technology innovation
  • A senior NAB data security consultant who went on to work for NBN Co
  • A global firearms magnate
  • Partners at global consulting firm Ernst & Young
  • A headmaster of an elite Shanghai international school 
  • A university student who interned with Australia's Department of Foreign Affairs and Trade and the US Senate
  • A director of influential Chinese-language media company Australia China Media Group
  • A senior executive at Australia's largest beef producer, the Australian Agricultural Company

Adding to the mystery, the database includes several Australian children, some as young as two.

Geoff Miller, a former Office of National Assessments director-general and ambassador to Korea and Japan, was flagged when he landed in Shanghai for a week-long sightseeing tour with his wife in September 2018.

Geoff Miller says he can understand how his career might have made him of interest to Chinese authorities.(

ABC News: Shaun Kingma

)

"Anyone checking in Chinese immigration would see that I had visited China a few times, and with Australian ministers and prime ministers," Mr Miller told the ABC.

"They might have decided, 'what's this bloke doing coming back?' so I can see that it could have happened."

Janis Manning, the co-owner of the long-running media industry publication Mediaweek, was added to the database on a one-day stopover in Shanghai.

"I'm more intrigued and mystified than anything else," Ms Manning said.

"I don't think, realistically, there's any reason why they'd be interested in me or my movements as an individual.

"I just think I've popped up on some database possibly because I've throughout my career been connected with the media in some senior positions."

Janis Manning was flagged in the system during a one-day stopover in Shanghai.(

ABC News: David Maguire

)

The investigation into the database comes amid heightened fears for Australians in China, with the Department of Foreign Affairs and Trade last year warning citizens not to travel there because Beijing had detained foreigners for allegedly "endangering national security".

Database part of larger national program, expert says

Australian Strategic Policy Institute senior analyst Samantha Hoffman, a world expert on Chinese surveillance, has looked at similar public security databases in her research.

She believes the records are a piece of a larger public security and surveillance system being developed in China.

"I've seen evidence of the same system type being developed in other cities and provinces across China in a standardised way," she said.

Analyst Samantha Hoffman believes the Shanghai files are part of a broader surveillance system being developed by Chinese authorities.(

Supplied

)

"Although this data is showing information from a limited time period, it shows how foreigners could get caught up in China's surveillance state when they've passed through the country, even if that system isn't fully established yet.

"While there's no clear evidence in this data why these Australians have been flagged, it illustrates the risks in the future when Chinese security officials could track anybody travelling within the country.

"It shouldn't be a surprise to any foreigner visiting China that they might be tracked."

Dr Hoffman believes the data feeds into a national program in development, called Skynet, which will connect facial recognition cameras, public security databases, command-and-control systems and threat intelligence across the country.

Analysts say Skynet will bring together information from many sources including facial and vehicle recognition cameras.(

Reuters: Thomas Peter, file photo

)

Human Rights Watch's China director Sophie Richardson says the database is "further evidence of the Chinese government's efforts to hoover up enormous amounts of data from people without their really knowing about it, or being aware of how it's being used". 

"But I think it's also interesting that this is another data leak, one in a series over the last couple of years, that amongst other things shows how vulnerable this data is, even though it's been gathered by the authorities."

Internet 2.0 chief executive Robert Potter says as China has rapidly expanded surveillance, some of its data has been stored insecurely.

'You can be listed as a terrorist simply because you went to a mosque'

The leaked files reveal the identities of more than 25,000 persons of interest who face intense monitoring in China, including ethnic minority Uyghurs, political dissidents, children, people with mental illness and alleged criminals.

The database contains records of the PSB's efforts to monitor, detain and question thousands of Uyghurs named as "suspected terrorists" — believed to be just a small sample of the country's vast blacklists.

The Uyghur "suspected terrorists" include more than 400 minors, some as young as five, who are logged in the files as having been examined in person by PSB officials.

About 8,000 Uyghurs are flagged in the database for "suspected terrorism" and other crimes such as "assembling a crowd to disturb social order", an offence often used to jail activists.

The ABC confirmed the identities of several of the Uyghur "suspected terrorists", including two successful businessmen who were detained in Xinjiang and later fled to Turkey with their families.

Both men were listed on a PSB technology division blacklist, which recorded that they had been tracked in Shanghai.

The ABC has agreed not to identify them for their safety.

Speaking from Turkey, one of the businessmen told the ABC he believed he was placed on the blacklist after a day trip to Shanghai Disneyland during a visit to nearby Hangzhou in 2017.

He said PSB officers questioned him and searched his hotel room on the first night of his stay in the city, which was hosting a major national event.

"The police told me no Uyghurs are allowed to stay in Hangzhou because the city was holding an important meeting," he told the ABC. 

He said that after returning to Xinjiang, he was held for a month in a detention centre, wearing only his underpants in a cold, overcrowded cell.

He believes the leaked database is important evidence supporting claims of cultural genocide against the ethnic minority. 

"It shows what we said was the truth," he said.

"You can be listed as a terrorist simply because you went to a mosque.

"I think the Chinese government wants to eliminate us." 

The second man, who spent 10 months without charge in a Xinjiang jail, told the ABC he feared being forced back to China under a looming extradition deal with Turkey.

"I was shocked to learn I am on the list and by what that means to me and my family," he said.

"I'm seriously considering whether I should leave Turkey." 

The treaty is awaiting ratification by Turkey's parliament after China approved it in December.

The Turkish government denies it would affect the country's 40,000 Uyghurs. 

The new evidence of monitoring and control comes amid rising international pressure on China, in the wake of horrifying accounts of rape and torture of Uyghurs in a network of internment camps in Xinjiang province. 

The United States, European Union, Britain and Canada last week launched coordinated sanctions against Chinese officials over human rights abuses in Xinjiang which the US and Canada described as genocide. 

The Australian government welcomed the sanctions, but they provoked swift retaliation from Beijing which claims it targets Uyghurs to stamp out terrorism.

Persons of interest flagged for mental illness, past drug use

One watchlist in the database identifies 10,000 persons of interest according to seven priority categories declared by China's national Ministry of Public Security.

The categories include people flagged for monitoring because of mental illness, past drug use or criminal history.

The crimes identified range from theft and fraud to "illegally acquiring state secrets" and defection.

Listed alongside them as key persons of interest by the ministry are people involved in "disturbing social order" and repeat "petitioners" — people who file official petitions against government officials about issues including corruption, medical negligence, police brutality, unfair dismissal, land grabs and malfeasance. 

People who file petitions against government officials are identified for monitoring as key persons of interest by China's Ministry of Public Security.(

Supplied: Dahua Technologies, file photo

)

The leak also contains the private information of thousands of police informants and people making complaints to the Shanghai PSB.

Their personal details — including names, home addresses and phone numbers — are exposed in records of calls to Shanghai police stations made since early 2018.

It follows a huge leak of Chinese police informants' data in 2014.

Companies and employees flagged

The database also reveals how Shanghai authorities monitor employees of flagged foreign-owned and Chinese companies.

It contains a watchlist of the employees of 976 companies, which have been flagged because of their access to dangerous chemicals, explosives-making materials, and drugs.

A quarter of those companies are foreign owned, including American manufacturing giant 3M, German pharmaceutical company Bayer and Japanese heavy industries and electric company Mitsubishi.

A map showing the locations of surveillance cameras in Shanghai's Jinshan port district.(

Supplied: Internet 2.0

)

The records show how 48 employees from the flagged companies were tracked by facial recognition cameras as they moved around Shanghai's Jinshan harbour district.

The database also contains records of hundreds of thousands of vehicle recognition photographs taken by cameras in the same area.

The vehicles targeted are from a watchlist of China's "intelligent vehicle-monitoring" system, under which the owners of vehicles carrying dangerous materials, trucks and passenger buses are required to have video and GPS installed for PSB surveillance.

Australian Foreign Affairs Minister Marise Payne and the Department of Home Affairs declined to comment when contacted by the ABC.

The Department of Foreign Affairs and Trade referred Australians who are in China or considering travelling there to its Smartraveller travel advice.

China's embassy in Australia did not respond to a request for comment by deadline.

The companies named in the article were also contacted for comment. In a statement, NBN Co said it did not comment on personnel matters but had "rigorous contractual, safety and security measures in place to protect our people, company and network".

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.