← All Posts

China OSINT: Mass Surveillance Tech

December 19, 2025 |

iFlytek (科大讯飞), China's largest voice-recognition company, has been on the U.S. Entity List since 2019 for human-rights violations in Xinjiang. Its ASR technology is significant enough to be tested alongside Google, Amazon, and Alibaba in recent academic security research (USENIX Security 2025). Leaked internal documents now provide the first technical proof of what that surveillance infrastructure actually looks like — and the scale is staggering.

RedRadar obtained and analyzed a trove of leaked internal documents including source code, database schemas, API configurations, and strategic planning materials. What we found removes any remaining ambiguity about iFlytek's role in China's surveillance state.

The smoking gun: the security apparatus as a deployed customer

Intelligence analysts have long suspected iFlytek's involvement with Chinese security services. The leaked documents eliminate any doubt — internal platform operations reports explicitly name 政法 (zhèngfǎ) as a deployed business line for iFlytek's video-analysis capabilities.

For readers unfamiliar with Chinese bureaucratic terminology: 政法 refers to the Political-Legal Committee system (政法委) — the Chinese Communist Party organ that coordinates and controls:

  • 公安机关 — Public Security (police / PSB)
  • 国家安全机关 — State Security (MSS / intelligence)
  • 人民法院 — People's Courts
  • 人民检察院 — People's Procuratorate (prosecutors)

This is the entire Party-controlled security and judicial apparatus — not just police, but the full domestic surveillance and social-control infrastructure. This is not inference. It's stated plainly in iFlytek's own internal operations report: their video-surveillance AI is deployed to serve China's security apparatus.

Platform operations report listing the Political-Legal system as a deployed business line
Figure 1 — ASE platform monthly operations report: the Video Analysis Division (视频分析条线) lists 政法, the Political-Legal system, among its deployed business lines.

Huawei surveillance integration

Strategic planning documents reveal deep technical integration with Huawei's surveillance infrastructure, and internal issue-tracking logs corroborate active technical work on Huawei systems. These are not theoretical partnerships — they're active work orders showing iFlytek engineers building and maintaining Huawei surveillance-system integrations. Both companies are on the U.S. Entity List.

Three-year strategic plan referencing Huawei surveillance and vision solutions
Figure 2 — the three-year strategic plan references Huawei's Intelligent Surveillance Solution (华为智能监控方案) and Industrial Vision Solution as integrated platform components, running on Huawei Cloud.
Internal issue tracker showing Huawei-related work items
Internal issue tracker (onlineissue_info.csv): active items for a Shanghai Huawei cluster inspection alert and Huawei HAG open Q&A skill integration.

Surveillance customization isn't a side business. It's the core model.

The strategic planning document contains a revealing admission about resource allocation: the majority of iFlytek's AI research and development services specific client requirements — primarily government security agencies. That single detail reframes everything.

Strategic plan admission on AI R&D resource allocation
The admission in their own words: over 70% of RDG's AI-line resources go to customization and directed client support.

Scale: 270 million monthly voiceprints

Claims about "mass surveillance" in China often lack specificity. The leaked ASE Platform operations report provides exact numbers.

Voiceprint service volume table across three provinces
Figure 3 — the Smart Home Voiceprint Service (智慧家庭声纹服务), delivered via China Mobile: ~168M monthly calls from Shandong and ~50M each from Shaanxi and Fujian, roughly 270M monthly and 8.7M daily.

Technical proof: device-fingerprinting source code

Previous reporting on Chinese surveillance has leaned heavily on policy analysis and corporate relationships. The leaked source code provides something different: technical proof of exactly how the data collection works. The fingerprinting pattern appears consistently across multiple service types — speech recognition, text-to-speech, natural language processing. It's not incidental logging. It's systematic collection by design, built into the SDK that developers integrate into their applications.

Leaked SDK source code showing device fingerprinting parameters
Figure 4 — leaked SDK integration code: mandatory device-fingerprinting parameters (IMEI, IMSI, MAC address, carrier) transmitted with every API call.

Database schema: national ID card storage

Database mapping files reveal infrastructure purpose-built for storing Chinese citizen identity documents. The Chinese national ID card (居民身份证) contains extensive personal information: full legal name, photograph, an 18-digit ID number encoding birthdate and region, address, ethnicity, and issuing authority. The schema links this to user accounts via a foreign key, enabling correlation between biometric data — voiceprints, device fingerprints — and verified government-issued identity.

Database mapper defining a citizen identity-document table
UserCloudInfoMapper.xml — the toycloud_certificate_info table, built to store citizen ID-card fronts and backs (name, photo, ID number, issuing authority) keyed to user accounts.

Production credentials: proof of authenticity

How do we know these documents are genuine and not fabricated? The leaked configuration files contain production database credentials with consistent internal naming conventions — the kind of operational detail that a fabrication doesn't reproduce.

Production configuration file with database credentials
Figure 6 — application-custom.properties: production credentials showing internal iPaaS domains, a MySQL cluster, and Redis nodes (sensitive values redacted).
Table of additional internal infrastructure identified
The "hfb" in those domains is 合肥基地 (Hefei Base), iFlytek's headquarters. Additional internal infrastructure surfaced too: an HR portal, Maven repository, Docker registry, and a 48-node Redis cluster.

The sanctions paradox

iFlytek was added to the U.S. Entity List on October 7, 2019. Yet as of publication, iFlytek consumer products — translation devices, voice recorders, smart pens — remain available on Amazon US and other Western e-commerce platforms, marketed with privacy-focused messaging.

The same company operating population-scale biometric surveillance infrastructure for Chinese public security simultaneously sells consumer electronics to American households. The Entity List designation restricts U.S. companies from exporting technology to iFlytek — it does not prevent iFlytek from selling to U.S. consumers.

This report is an exclusive investigation by the RedRadar Intelligence Team.

GOT A QUESTION ABOUT OUR TRAININGS?

Not sure which program fits, or whether we cover what you need? Just ask.

We're happy to tell you whether a specific platform, or focus area is included in a given course — and if it's not, whether we can build it in.

Reach out to sales@epcyber.com about:

  • Whether we cover a specific platform (Weibo, Xiaohongshu, Douyin, CSDN, or anything not listed)
  • A particular focus area you need
  • Group rates, team enrollment, and custom corporate bundles
  • Eligibility — if you're unsure whether your organization qualifies
  • Payment options — wire transfer and other methods for organizations
  • Custom or tailored training built around your team's mission
  • Whatever you're trying to accomplish, tell us where you're headed and we'll point you to the right program.
All contact routes

WHY EPCYBER FOR CHINA OSINT?

Read Post