OnePlus is slurping personally-identifiable data without user consent

OnePlus OxygenOS phone data tracking raises privacy concerns

OnePlus OxygenOS phone data tracking raises privacy concerns

What's really baffling is that the Chinese company is already aware of privacy issue, as past year security researcher Christopher Moore discovered his OnePlus 2 smartphone was sending data to a HTTPS domain belonging to OnePlus without user's consent. He saw that his handset was sending time-stamped information about locks, unlocks and unexpected reboots, according to Android Police. However, questions are being raised on why would the company want to collect phone numbers, IMEI numbers, MAC addresses, and also IMSI prefix codes.

After the blog post, OnePlus responded to the allegations saying the device information being collected was to improve services and that users had the option to switch off the option of transmitting usage activity at any time.

OnePlus seems to have landed in a new soup, as the company is being accused of collecting unanonymised analytics data from its users. In doing so, he noticed that his phone was connected to a OnePlus domain and transmitting incredibly detailed - and often very revealing - data back to the company.

The data collection has been sourced to a system application called "OnePlus System Service" which uses cannot be turned off but can be disabled every time you turn your device on.

However, when this issue was reported to OnePlus, the company confirmed that they transmit analytics data in two different streams over HTTPS to an Amazon server. "I took to Twitter to ask OnePlus on Twitter how this could be turned off, which disappointingly led down the usual path of "troubleshooting" suggestions, before being met with radio silence". We reached out to OnePlus, but didn't immediately receive a response. OnePlus has said that the data only contains "usage analytics" which is used to "fine tune our software".

What's disappointing is that users are opted into the program without being told about it. In a time where user information and security of sensitive information is becoming more important, a transparent and comprehensive understanding of what information is being collected and for what goal (as well as the option to completely opt out of such collection) would be greatly appreciated in any situation. "The second stream is device information, which we collect to provide better after-sales support", OnePlus' statement reads.

A Twitter user named Jakub Czekański has an even more thorough solution, advising people to disable the OnePlus Device Manager permanently by plugging the phone into a computer with Android Debug Bridge (ADB) installed, making sure USB debugging is active, and running the command "pm uninstall -k -user 0 net.oneplus.odm" to get rid of it forever.

Recommended News

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.