Skip to content

October 11, 2017

OnePlus is collecting your private data without permission

by John_A

OnePlus is mainly known as the little upstart that took on the big guns with the help of its solid, yet affordable, handsets. But, its in-house version of Android, dubbed OxygenOS, is once again threatening to dent its hard-fought for credibility. The problem lies with the company’s approach to data-sharing, which is problematic (to say the least). As security researcher Chris Moore has repeatedly pointed out, the manufacturer’s OxygenOS-based devices not only gather a ton of user data, but they also tie this info to individual devices, and user accounts in particular.

Some of the data-gathering is pretty standard fare, including how often you unlock your phone, the apps you open and use, and the Wi-Fi networks you connect to. The problem lies with the lack of anonymity. It turns out, OnePlus is transferring this info along with your phone’s serial number, meaning that your activity is personally identifiable.

As part of its response to the controversy, the company revealed it collects two “streams” of data (you can read its statement in full below). The first is termed “usage analytics,” which helps it to improve its software. It also adds that this type of data-sharing can be turned off by going into settings, selecting “advanced,” and turning off “join user experience program.” The same doesn’t apply to the second stream, pertaining to device info.

OnePlus’ behavior isn’t exactly out of the ordinary, but the real issue lies with the way it’s conducting its data collection. The company isn’t explcitly asking for user permission to amass this type of info, and we’d wager that not all of its customers are aware of the type of data they’re offering up. We reached out to OnePlus, but didn’t immediately receive a response.

“We securely transmit analytics in two different streams over HTTPS to an Amazon server. The first stream is usage analytics, which we collect in order for us to more precisely fine tune our software according to user behavior. This transmission of usage activity can be turned off by navigating to ‘Settings’ -> ‘Advanced’ -> ‘Join user experience program’. The second stream is device information, which we collect to provide better after-sales support.”

Source: Chris’s Security and Tech Blog

Advertisements
Read more from News

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Note: HTML is allowed. Your email address will never be published.

Subscribe to comments

%d bloggers like this: