Xiaomi responds to privacy concerns: “MIUI does not secretly upload photos & messages”


Xiaomi Redmi Note-7

Thanks to whistle-blowers like Edward Snowden, privacy has become a public topic of discussion these days, which is always a good thing. On that note, earlier today, an article from ocworkbench claimed that Xiaomi’s Redmi Note smartphone is uploading data to Chinese servers, without explicit user permission. Considering Xiaomi is from China, a country which has been accused of spying on civilians in the past, the issue made its way to mainstream internet thanks to the virality of social media. But it was just one part of a story. We had reached out to Xiaomi to understand what the other side of the story is like, and they finally have an answer. Hugo Barra, the company’s public face for its International operations, has taken to social networks, to explain how the company is, in fact, not invading user privacy.

Lets examine both the sides of the story first. Here’s the claim –

A Hong Kong discussion group IMA Mobile user Kenny Li discovered that his RedMi Note has been connecting to an IP address in China and transferring data back to the server when he is operating in Wi-Fi mode. When he is on 3G, it is just a handshake (low data transmission). So what is being sent to the servers?  What surprises the tester is that even if you root the phone and flash it with another firmware, the background transmission continues. It seems that the process is hard coded into the phone. According to his observation, the RedMi seems to be sending pictures from MEDIA STORAGE. On top of that, your SMS and messages also gets channeled through the Chinese servers. It looks like XiaoMi is ‘helping’ users to automatically make a backup of your data on their servers without explicit permission from the user.

* The micloud service was never turned on during the test.

xiaomi-note-connect-to-china

So, basically, the claim is that MIUI’s messaging app sends data to a Chinese server, which is interesting, because why would a messaging app, which deals with SMSes over the phone network be connected to the internet?

Here’s Hugo Barra’s long answer –

[HTML1]

Understanding both points of views is extremely important here, as privacy is a touchy issue. Answering the question of “Is Xiaomi sending data to its servers in China?”, the short answer seems to be, yes. The long answer is that the messaging app sends and receives public data that includes thousands of jokes and pre-configured messages that are part of a “recommended” category inside the messaging app. We have received a screenshot in Chinese that shows off this tab inside the messaging app –

Screenshot_2014-07-30-19-06-56

There are usually only two tabs when the language is set to English, but the third tab(shown above) appears when the language is set to Chinese. This “recommended” tab has these pre-configured messages that are mostly jokes and greetings. These messages are apparently a part of the Chinese culture and people actually use it, who would’ve guessed, right? We had used the international variant of the Mi 3 and found no such feature in it, so we are sure it’s a local thing there, or just a language specific option. The list is updated with data from Xiaomi’s servers and, apparently, these were the reason why the messaging app has access to data. Hugo is quick to clarify that the data is “all non-personal data that does not infringe on user privacy.”

Xiaomi also clarifies that the photos can be uploaded only through manual opt-in for Mi Cloud, which works like any other cloud syncing solution on a mobile platform. A user would need to sign in, before letting the phone upload messages or photos to the cloud. The company assures, in its press note, that the data is encrypted and protects all of its users’ privacy. During a Q&A session at the Indian launch, a similar question was raised regarding the privacy of the Mi Cloud, and the company officials were quick to clarify that the servers are based on Amazon AWS cloud, which has data centers in the US.

From the tone of Xiaomi’s reply, it looks like they are being honest about all of this, but privacy is indeed a very important factor to be considered, especially for a company from China. Considering this issue was already discussed on a Facebook post from Xiaomi’s Hong Kong page, the inevitable negative feedback is something the company has to manage, even if they have their own explanation. End result, we don’t have to worry about privacy issues, if Xiaomi is to be believed, but if one still finds something strange, there is no reason why he/she shouldn’t seek an explanation.

All said, do let us know what you think of this whole issue, in the comments section below.


Author: Bharadwaj Chandramouli

Bharadwaj is a content creator who has been obsessed with technology since the early days of smartphones. He loves talking about tech, is a fan of good design and photography. You can follow him on Twitter @gadgetbuff_ to know what he's upto!