Update: The company has issued a statement regarding this issue. “Xiaomi was disappointed to read the recent article from Forbes. We feel they have misunderstood what we communicated regarding our data privacy principles and policy. Our user’s privacy and internet security is of top priority at Xiaomi; we are confident that we strictly follow and are fully compliant with local laws and regulations. We have reached out to Forbes to offer clarity on this unfortunate misinterpretation.” Also Read - Xiaomi सुन रहा है यूजर्स की बातें, रिमोर्ट सर्वर में भेजा रहा है फोन का डाटा
Cybersecurity researchers have accused Xiaomi of infringing on the privacy of its phone users by recording their ‘private’ web and phone use habits. Researcher Gabi Cirlig found that his Redmi Note 8 smartphone was watching almost everything that he was doing on the phone, Forbes reported on Thursday. Also Read - Xiaomi Mi Note 10 Lite स्मार्टफोन 4 बैक कैमरों, 32MP सेल्फी कैमरा के साथ लॉन्च, जानें कीमत
Watch Video: Top 5 apps providing free services during coronavirus pandemic
The default Xiaomi browser on the device recorded all the websites he visited and everything viewed on a news feed feature of the Xiaomi software. What is more, the tracking did not appear to stop even when he used the supposedly private “incognito” mode. Also Read - Xiaomi Redmi Note 9 launched: Price, sale, specifications, features and more
To his dismay, the researcher found that the Xiaomi device was good at recording what folders he opened and to which screens he swiped, said the report, adding that the data was then being transferred to remote servers hosted by another Chinese tech giant, Alibaba. At Forbes’ request, another cybersecurity researcher, Andrew Tierney, investigated the issues further. Browsers shipped by Xiaomi on Google Play – Mi Browser Pro and the Mint Browser – were recording the same data, Tierney found.
Xiaomi, however, denied that it was breaching user privacy, and asserted that it transfers only encrypted data. While collecting user data is not unusual for Internet companies, they are supposed to do so with the permission of users in order to offer them better services. But the data is supposed to remain anonymized so that the identity of the user remains hidden.
But Cirlig found a problem with the way Xiaomi transfers data to remote servers. He said he could easily decode the data being sent and feared that Xiaomi could know what he was watching on his phone. And the problem, he said, was not just with the model he used. Several other models could be doing the same job of recording the private web and phone use habit, he found.