The messaging app Totok, developed by an Emirati company, returned to the Google Play Store on January 4, 2020, after being removed in December 2019 over allegations that it was a surveillance tool used by the United Arab Emirates government to spy on users. The app’s reinstatement follows denials from both the app’s publisher and the UAE’s telecommunications regulator.
Removal after spying allegations
Apple and Google removed Totok from their app stores in December 2019. The removals came after a report from The New York Times alleged that the app was not a simple messaging service but a tool for the UAE government to collect personal data, location information, and private conversations from users.
The New York Times report claimed that Totok’s publisher, Breej Holding Ltd, had connections to DarkMatter, an Abu Dhabi-based intelligence and hacking firm. The report also said that the app’s popularity was artificially inflated through fake reviews. Before its removal, Totok had been downloaded about five million times from the Google Play Store alone.
Totok allowed free calls and texts across multiple countries. The app allegedly tricked users into granting access to their device’s location, private data, and photos.
UAE regulator denies charges
The UAE’s Telecommunications Regulatory Authority (TRA) denied the spying allegations. In a statement, the TRA said it “strictly prohibit any kind of data breach and unlawful interception.” The regulator did not provide specific evidence to counter the New York Times report but maintained that the country’s laws protect user privacy.
“The UAE has strict laws and regulations to protect the privacy of individuals and to ensure the security of data,” the TRA said. “Any claims of unlawful surveillance are false and misleading.”
Totok announces return
Totok announced its return to the Google Play Store on Twitter on January 4, 2020. The company posted: “Dear ToTok Community, The wait is over. We are happy to inform you #ToTok is now available for download on the Google Play Store. Thank you for your patience. Let’s connect!”
The app remains unavailable on the Apple App Store as of the date of this report. It is unclear if Apple has reviewed the app for potential security issues or if the company has decided to keep it off its platform.
Broader context of surveillance concerns
The Totok case is part of a larger pattern of concerns about government surveillance through consumer apps. The New York Times report highlighted how the UAE has used technology to monitor dissidents, journalists, and activists. The country has been accused of using spyware like Pegasus, developed by the Israeli firm NSO Group, to hack into phones of targets.
DarkMatter, the firm linked to Totok’s publisher, has been described as a group of former US and Israeli intelligence operatives who provide hacking and surveillance services to the UAE government. The company has denied any involvement in the Totok app.
The return of Totok to the Google Play Store raises questions about how app stores vet applications for security and privacy. Google has not publicly commented on why it allowed the app back on its platform. The company has policies against apps that collect user data without consent or that are used for surveillance.
The app’s reinstatement also highlights the challenges of regulating cross-border technology. Totok is based in the UAE, but its users are spread across the Middle East, Africa, and Asia. The app’s removal and return show how quickly digital tools can be affected by geopolitical tensions.
The situation remains fluid. Totok is back on Android devices, but its future on Apple devices is uncertain. Users who download the app should be aware of the privacy concerns raised by the New York Times report. The UAE government and Totok’s publisher continue to deny any wrongdoing. The app’s return does not resolve the underlying questions about its security and purpose.
