Chinese Ministry of State Security Issues Warning to AI Middleware: Some Platforms Illegally Withhold and Resell User Data for Large-scale Model Training

According to the Beating Monitor of Dynamics Insight, on June 8, the Chinese Ministry of State Security publicly issued a warning about the security risks of the "AI Relay Station," an aggregation of domestic and foreign large-scale model API proxy services. Serving as an intermediate agent connecting users and large models manufacturers, these relay platforms integrate multiple models, offer subsidized prices, and facilitate direct connections to overseas large models, attracting a large number of users domestically. The Ministry of State Security pointed out that the current relay market is operating in disorder, giving rise to multiple security risks such as privacy breaches and uncontrolled data exfiltration.

As a third-party gateway, relay platforms generally lack standard data encryption and control mechanisms. Some operators of these platforms privately withhold user data and resell it to other large model manufacturers for system training. Some relay services, to reduce costs, use low-spec models posing as high-end models and disable verification functions, leading to distorted outputs from the models. Some relay stations even have hidden backdoors, through which malicious actors may implant malware into user devices to steal account credentials or conduct remote surveillance. Since some platforms lack the proper qualifications for data export and unlawfully transfer data overseas, personal privacy, trade secrets, and national security are also at risk of exposure.

The Cyberspace Administration of China recently launched a nationwide special campaign called "Cleanliness and Rectification of AI Application Chaos." The Ministry of State Security reminds users that when using relay services, they should choose platforms that are properly authorized, secure, and compliant. Users should preprocess project data and sensitive information such as personal privacy to anonymize the data, manage keys securely, and regularly update credentials. If any behavior harmful to national security is discovered while using relay services, users can report it through the hotline 12339 or directly to the Ministry of State Security.