OnePlus reportedly collecting personal information from users
It looks like OnePlus has got into the habit of making great smartphones, get praised for it, and then do something which would vilify it amongst its fans, tech enthusiasts and media alike. OnePlus in the past has received enough bashing on different occasions, be it cheating with benchmarks or backing down on its promises. This time, the Chinese manufacturer is being convicted for collecting personally identifiable information from its smartphone users.
Software Engineer Christopher Moore has discovered that OnePlus is collecting information like IMEI number, MAC address, mobile network names, number of unexpected reboots and more in massive amounts from its phone users. This might look normal as OnePlus may want this information for bug fixes, however, what’s unusual is that the company is also collecting time-stamped information about the number of times a user locked and unlocked his device. Well, that’s too creepy. We wonder why OnePlus would want to know the number of times their users locked/unlocked their device.
Moore also discovered that all this data is being sent to open.oneplus.net domain which is owned by OnePlus (obviously) and hosted on Amazon AWS server in the US. Upon further investigation, it turned out that OnePlus System Service and OnePlusAnalyticsJobService, that are a part of OnePlus Device Manager, were responsible for this data collection.
When asked about this matter, OnePlus responded by saying, “We securely transmit analytics in two different streams over HTTPS to an Amazon server. The first stream is usage analytics, which we collect in order for us to more precisely fine tune our software according to user behavior. This transmission of usage activity can be turned off by navigating to ‘Settings’ -> ‘Advanced’ -> ‘Join user experience program’. The second stream is device information, which we collect to provide better after-sales support.“
So, as you can see, this transmission of data can be turned off by heading over to the Settings > Advanced > Join user experience program. Moreover, you also have the option to remove the OnePlus Device Manager app (that’s sending all this data) from your phone via ADB (without rooting) by using the command: pm uninstall -k –user 0 pkg. However, do note that there are chances this might alter the behavior of your device.
Having said that, it’s worth noting that Moore found this out on his OnePlus 2 and there’s no evidence yet whether OnePlus is collecting similar information from OnePlus 3, 3T and 5. However, going by OnePlus’ statement, chances are the company is collecting information from these flagships as well.