Xiaomi Brings Evidence Against Data Collection Charges

Posted on

Xiaomi would like to explain the collection of personal data highlighted by Forbes’ article published on May 1st.

The brand goes into detail about its policy regarding anonymity, encryption and private browsing on its smartphones.

Xiaomi tries to put out the fire as best she can. On May 1st, the brand found itself mired in a new controversy.

An article on the Forbes site, produced in collaboration with security researcher Gabi Cirlig, claims that Xiaomi massively collects personal data from users via back-doors.

This information would be transferred to servers belonging to the Chinese company Alibaba.

As a counter-attack, Xiaomi has made a point of expressing itself on its official blog, reminding that “all usage data collected is based on permission and consent explicitly given by our users”.

In other words, the manufacturer ensures that it only collects usage statistics such as user preferences, smartphone performance, memory usage and damage reports.

Xiaomi Fights Back At All Costs

As stated by Xiaomi, all this data is collected only if the user is logged into his Mi account and participates in the user experience program.

In its response, the company is working to dismantle one by one the accusations made by Forbes and Gabi Cirlig.

First, Xiaomi states that it generates random unique identifiers to preserve user anonymity.

This data would be sent directly to Xiaomi’s servers, not to a third-party partner’s server. All this information would be transmitted via a secure HTTPS protocol with TLS 1.2 encryption.

To the accusations of collecting data in private browsing, Xiaomi refutes and proves its good faith by broadcasting pieces of code used to collect all this data.

Code proving how unique identifiers are randomly generated
Code proving how unique identifiers are randomly generated

To conclude its defense, Xiaomi recalls that the company has received several certifications, in the protection of data in the cloud, in information security management systems, in the protection of personal data and in the respect of users’ privacy.

TrustArc and the British Standard Institution are among the firms that have recognized and rewarded Xiaomi for their work on these subjects.

Leave a Reply