How a Chinese Spy App used the Super Bowl to Undermine America

Americans love Super Bowl commercials. Every year, it seems as many people tune into their televisions for these marketing ploys as do the actual football fans for the game. This attention is so valuable to advertisers that 30-second spots can go for millions of dollars. This year, Chinese discount shopping app Temu bought three spots during the game and two afterwards. What football fans and commercial enjoyers may not realize is that using Temu introduces a major cybersecurity risk for them and the United States. American consumers need to be wary of applications sourced from China due to the influence of the Chinese Communist Party and its goals of harvesting mass amounts of data.

Temu has seen a decline in U.S. sales as of late, so it decided to raise awareness of their brand through the Super Bowl. Of course, these ads did exactly that. Google searches for the app jumped shortly after the ads aired and the app even took the second spot on Apple’s list of most downloaded free apps. Temu previously advertised during the 2023 Super Bowl so odds are they will be looking to do so in 2025.

The Super Bowl is not the only target of Temu in its quest for winning over American audiences. Its ad spend rose 1,000% in 2023, and 76% of that went into social media. From September to December of 2023, Temu spent a whopping $517 million on advertising. The company’s strategy of saturating the market with its name seems to be having an effect. Estimates are that Temu had 82.4 million active users in September of last year, a substantial increase from the 4.6 million it had a year before. In an earnings call last year, Etsy CEO said that Temu was having a direct impact on advertising costs.

Temu launched in the U.S. in September of 2022. It is based in Boston, but more importantly its parent company, PDD Holdings Inc., is located in Shanghai. PDD also owns a Chinese based app called Pinduoduo. This catastrophically invasive app collects data such as contacts, photo albums, and even texts. It was banned from the Google Play store over embedded malware that used vulnerabilities to “bypass user security permissions and access private messages, change settings, view data from other apps, and prevent uninstallation.”

Temu may not be as aggressive in harvesting users’ data as Pinduoduo, but sharing the same parent company is worrisome enough. These close ties resulted in some members of the Pinduoduo team responsible for developing the malware to be moved over to Temu. By sharing the same Shanghai based parent company, both apps are at risk of being influenced by the Chinese Communist Party (CCP). As in the case of Tiktok and its parent company Bytedance, these apps are never truly divorced from CCP influence. The CCP ultimately requires companies under its jurisdiction to respond to its demands, so why would Temu be any different?

China is actively waging unrestricted warfare, a concept that describes warfare conducted not only through traditional kinetic means, but also through subversive tactics like social engineering and cyberattacks. Apps like TikTok and Temu play a part in the great power conflict between the U.S. and China. With every download, China can gather more data to power its machine learning models. Lots of data is the key to getting value out of these new technological weapons. With data equipped models, China can better target high value users like those in government and military positions or more easily spread targeted disinformation.

Americans must not be lulled into complacency by these Super Bowl ads portraying Temu as some sort of wondrous discount marketplace. No one should be even thinking about downloading these Chinese spy apps. Not only are their products disappointing and cheap, but they also gather user data for unknown purposes. Montana has taken the necessary steps to address the issue by banning Temu from state devices and business. More states, along with the federal government, must be prepared to take similar action to prevent the continued abuse of Americans’ data by the CCP. With China’s well documented track record of cyber abuses, the U.S. must take an active approach towards the defense of its data.