Amidst the buzz that the Xiaomi Mi 3 has sold out once again in India, a concerned report has been published in Times of India stating that “Xiaomi is collecting data from users without their consent, even if they don’t sign-up for Mi Cloud.”
Powered by affordable price, excellent features and hype, the Xiaomi Smartphone has been creating sensation in the Indian cellphone market with selling 20,000 units in one second at Filpkart on Tuesday. According to Flipkart 1,50,000 people were registered to buy the handset, though only 20,000 units were up for sale.
However, the latest news claimed that the Chinese smartphone makers silently sending users data to remote servers in China. After testing Xiaomi’s Redmi 1S phone, the security software and solutions company F-Secure has claimed that with using Mi Cloud features (which stores user data) the company sending the user details to remote server.
“Next we connected to and logged into Mi Cloud, the iCloud-like service from Xiaomi. Then we repeated the same test steps as before. This time, the IMSI details were sent to api.account.xiaomi.com, as well as the IMEI and phone number,” F-Secure claim in its blog.
Xiaomi VP Hugo Barra had refused the allegations earlier and clarified the policy in a FAQ post on his Google+ page, saying that MIUI does not secretly upload photos and text messages without user knowledge. But, now the company has admitted to secretly transferring unencrypted user data to its remote servers in Beijing.
Xiaomi says that it only collects ‘to analyze the efficiency of its business; however, it is a clear breach of privacy.
Referring to Xiaomi’s recent Facebook post, wantchinatimes.com says, “Its software interface MIUI employs a cloud messaging service that helps determine whether it can route text messages over the internet for free. The service is automatically activated without user consent and transfers information such as the user’s mobile number, carrier name, IMEI (the device identifier) and numbers from the address book and text messages back to its Beijing servers. Furthermore, the information is transferred without encryption, making the data easily accessible to hackers.”
Xiaomi’s privacy clearly policy says, “When you use and activate Xiaomi mobile devices for the first time, the mobile user identification information, mobile device unique identification and the location information of your device will be sent to Xiaomi. The collection of such information may apply to the updates of your system or software, recovery of factory settings or situations like before.”
“When you use Xiaomi products to share information with your family and friends, to send messages and products or invite other person through Xiaomi BBS, we(Xiaomi) will collect the information which you provide and is relevant with such people, for example name, mail address and telephone number and so on,” it added.
Tags: Chinese server Flipkart Mi Cloud Xiaomi Xiaomi Mi 3 Xiaomi smartphone