Xiaomi accused of stealing private user-info, Chinese phone maker goes on denial mode
Not being a new occurrence, Chinese tech companies have been under fire for stealing confidential information from users. A smartphone which was a clone of another clone phone was recently found preloaded with a Trojan that broadcasts users’ messages to international numbers.
Now the allegations have come down to Xiaomi, a popular and reputable Chinese brand. A Hong Kong mobile tech specialist Kenny Li had said that he found out that Xiaomi’s Redmi Note smartphone connect to a certain IP address in China and wires personal data to the server.
Another report from Taiwanese OCWorkbench website says that Xiaomi hard-coded some stuff in the Redmi Note that steals users’ photos and text messages and stores in the “MiCloud” without asking for the user’s permission. The code does work even after the smartphone is rooted and flashed with another ROM.
This could be seen as an automatic backup, OCWorkbench wrote, but Xiaomi could have properly put in place some sort of user-authorization for the service.
No, we are not stealing your privacy
Xiaomi has replied to the reports via Hugo Barra, he former Android VP of Google.
Here is the Q&A
Q: Online articles recently referred to some privacy issues with the Redmi Note, claiming that photos and text messages are sent to China secretly. Are they true?
A: An article severely misinterpreted a discussion thread asking about the Redmi Note’s communication with a server in China. The article also neglected to refer to a Chinese version of this Q&A already posted on the Xiaomi Hong Kong Facebook page (https://www.facebook.com/Xiaomihongkong/posts/799059896795602). MIUI does not secretly upload photos and text messages.
MIUI requests public data from Xiaomi servers from time to time. These include data such as preset greeting messages (thousands of jokes, holiday greetings and poems) in the Messaging app and MIUI OTA update notifications, i.e. all non-personal data that does not infringe on user privacy.
Q: Does Xiaomi upload any personal data without my knowledge?
A: No. Xiaomi offers a service called Mi Cloud that enables users to back up and manage personal information in the cloud, as well as sync to other devices. This includes contacts, notes, text messages and photos. Mi Cloud is turned off by default. Users must log in with their Mi accounts and manually turn on Mi Cloud. They also have the option to only turn on backup for certain types of data. The use and storage of data in Mi Cloud fully respects the local laws of each country and region. Strict encryption algorithms are implemented to protect user privacy.
Q: Can I turn Mi Cloud off?
A: Yes. Just go to Settings > Mi Cloud to turn it off. If you would like to use a cloud back up service from another provider, there are options from Google, Dropbox and many others.
Q: Why should I believe you?
So that means that Xiaomi is actually taking up your data, but then it doesn’t access the information collected. Now that Hugo Barra has cleared everyone, can I get a cup of coffee please? 😛
You may also like
- Xiaomi accused of stealing private user-info, Chinese phone maker goes on denial mode
- Red alert: Apple and Xiaomi phones have spyware inside — Taiwan
- Apple openly calls Xiaomi copycat, Chinese phone maker fires back
- Huawei outs Honor Holly to compete Xiaomi Redmi 1s in India
- Xiaomi apologies for looking into user-data, fixes unauthorized access