Various outlets from around the world have reported about a privacy breach that Xiaomi Redmi series phone owners may be facing. According to the report, Xiaomi Redmi Note phones have been establishing a connection with a server in China to send data back and forth.
To be a bit more specific, it is the SMS or the Messaging app which is being alleged as the culprit. The app is accused of sending sensitive information to Chinese servers, which has irked some.
Xiaomi is in a crucial phase of its development right now, with international expansion in full swing. An allegation like this could taint its image in a manner which could take years to repair, and thus, Xiaomi has been forthcoming in their approach to this allegation. Here is what Xiaomi Vice President Hugo Barra had to say on the issue:
Gizchina News of the week
Q: Online articles recently referred to some privacy issues with the Redmi Note, claiming that photos and text messages are sent to China secretly. Are they true?
A: An article severely misinterpreted a discussion thread asking about the Redmi Note’s communication with a server in China. The article also neglected to refer to a Chinese version of this Q&A already posted on the Xiaomi Hong Kong Facebook page (https://www.facebook.com/Xiaomihongkong/posts/799059896795602). MIUI does not secretly upload photos and text messages.
MIUI requests public data from Xiaomi servers from time to time. These include data such as preset greeting messages (thousands of jokes, holiday greetings and poems) in the Messaging app and MIUI OTA update notifications, i.e. all non-personal data that does not infringe on user privacy.
Q: Does Xiaomi upload any personal data without my knowledge?
A: Xiaomi offers a service called Mi Cloud that enables users to back up and manage personal information in the cloud, as well as sync to other devices. This includes contacts, notes, text messages and photos. Mi Cloud is turned off by default. Users must log in with their Mi accounts and manually turn on Mi Cloud. They also have the option to only turn on backup for certain types of data. The use and storage of data in Mi Cloud fully respects the local laws of each country and region. Strict encryption algorithms are implemented to protect user privacy.
Q: Can I turn Mi Cloud off?
A: Yes. Just go to Settings > Mi Cloud to turn it off. If you would like to use a cloud back up service from another provider, there are options from Google, Dropbox and many others.
Q: Why should I believe you?
A: Xiaomi is serious about user privacy and takes all possible steps to ensure our Internet services adhere to our privacy policy. We do not upload any personal information and data without the permission of users. In a globalized economy, Chinese manufacturers’ handsets are selling well internationally, and many international brands are similarly successful in China – any unlawful activity would be greatly detrimental to a company’s global expansion efforts.
From the statement, it does look very much like your data is indeed going through Chinese servers, but perhaps not the malicious way. Consumers from around the world have always had a problem trusting Chinese companies and their devices, and even though Xiaomi might not have malevolent intentions, it sure will have to go into repair mode to fix this.
Via +HugoBarra
I am using the MiCloud on every Xiaomi Device, it is really comfortable and if somebody turns it on and sends pictures to it, it’s his own fault. Plus, is it so much more save to send Date to Facebook, Dropbox, Google+ after all that NSA shit, I don’t think so.
You are right. It is basically about choosing your enemy. In general it is unsafe to upload data to servers that do not belong to yourself. So it really doesn’t matter if the Russians, Chinese or Americans get the data. They could all abuse it if they want to.
Where as I see the Russians and Chinese abusing i9t for safety reasons (for example find potential enemies to the system) I believe the Americans are the most unethical. They don’t only use it for that, but also use it to gain profits and abuse you. I personally think between both there is a big difference.
They’re all terrible hence the one I’m using is not.
Good logic.
Xiaomi fined in tiawan for its flash sale discrepancies. Its a tough road ahead for xiaomi as it becomes a bigger player day by day.
I am using the MiCloud on every Xiaomi Device, it is really comfortable and if somebody turns it on and sends pictures to it, it’s his own fault. Plus, is it so much more save to send Date to Facebook, Dropbox, Google+ after all that NSA shit, I don’t think so.
You are right. It is basically about choosing your enemy. In general it is unsafe to upload data to servers that do not belong to yourself. So it really doesn’t matter if the Russians, Chinese or Americans get the data. They could all abuse it if they want to.
Where as I see the Russians and Chinese abusing i9t for safety reasons (for example find potential enemies to the system) I believe the Americans are the most unethical. They don’t only use it for that, but also use it to gain profits and abuse you. I personally think between both there is a big difference.
They’re all terrible hence the one I’m using is not.
Good logic.
Xiaomi fined in tiawan for its flash sale discrepancies. Its a tough road ahead for xiaomi as it becomes a bigger player day by day.
The initial report indicated that flashing an entirely different ROM on the device had no effect on this questionable data exchange.
This makes me question their claims of a simple cloud service sync. Certainly that would be a software feature included with the stock MIUI ROM. Why would it be baked in at such a low level that flashing an alternate ROM has zero effect?
The initial report indicated that flashing an entirely different ROM on the device had no effect on this questionable data exchange.
This makes me question their claims of a simple cloud service sync. Certainly that would be a software feature included with the stock MIUI ROM. Why would it be baked in at such a low level that flashing an alternate ROM has zero effect?