OnePlus reportedly collecting private user data
I was excited to see a new brand phone on the market when I first reported on the OnePlus smartphone as the phone out to kill all the big dogs in the phone industry, with its annihilating slogan “Never Settle”, but now it looks like they’ve been up to some very shady tactics.
There are now reports that the Chinese company is collecting information from its users’ OnePlus smartphones.
PhoneArena has given an account of how security researcher Christopher Moore, discovered that his phone’s activities were being sent to a domain belonging to OnePlus. It was collecting information about his screen, device unlock events, abnormal reboots, serial number, IMPEI, phone numbers, MAC address, mobile network names, IMSI prefixes, as well as wireless network ESSID and BSSID. Moore allso found out that the OxygenOS was collecting time stamps of when he opened and closed apps, or which activities were being opened. The two apps blamed for collecting and sending personal information to OnePlus’ domain were OnePlus Device Manager and OnePlus Device Manager Provider. When he contacted OnePlus about this, they gave him generic trouleshooting suggestions and later stopped responding to him.
A loop has been found to allow OnePlus users to disable OnePlus Analytics without having to root their devices. To disable the app permanently, users will have to use the following adb command: pm uninstall -k –user 0 pkg.
So far, the statement from OnePlus is that it transmits data in two streams: usage analytics, which can be used to fine-tune software; and device information, which is used to deliver “better after sales support”.
With all this personal data collection however, the company is facing a big sales slump and crisitcism if found absolutely guilty.
I heard about the news recently. That can be true that up to a certain extent various mobiles devices do the same as One Plus is doing, but they need to impose a limit while capturing users data even if they are doing it by keeping the users’ best interest in mind. No business can capture customer’s data without their consent.