Xiaomi is India's largest smartphone vendor by market share, shipping over 10 million units in the first three months of 2020. With its steady popularity in the country, such privacy gaffes can really hurt the company in its long term ambitions to hold on to its lead in one of the largest smartphone markets in the world. are sending an uncomfortable amount of user data to remote servers belonging to outsourced Chinese partners, according to a report by Forbes. The issue appears intrinsic to Xiaomi's own apps, such as its default browser or the Mi Music app that make up Xiaomi's proprietary MIUI interface. The type of data collected include a user's browsing history and accessed services, app usage behavior and even music listening preferences. The data set also includes unique device identification numbers, all in a traceable package that can be decrypted while transmitting to the remote servers. Hence, these can be used by malicious attackers to breach user identities, leading to acts of cyber espionage, blackmailing, data and identity theft, and more. The remote servers in question are said to be owned by Chinese internet operations giant Alibaba, and are leased by Xiaomi. The user data that is being collected is reportedly used to generate user behaviour patterns, presumably to sell more in-house Xiaomi products by showing targeted ads. But, while this is a common practice, it so appears that Xiaomi is seeding the sensitive user data to a third party service, Sensors Analytics. However, Xiaomi has claimed that it does not store any data with Sensors Analytics, and only seeds them anonymous user data in order to gain analytical inputs. The latter is now a standard practice among practically all technology companies. In response to all the allegations xiaomi said: “We strictly follow and are fully compliant with user privacy protection laws and regulations in the countries and regions we operate in,” the company stressed. In a separate blog post, Xiaomi said all collected usage data is based on permission and consent given explicitly by our users. “Additionally, we ensure the whole process is anonymous and encrypted. The collection of aggregated usage statistics data is used for internal analysis, and we do not link any personally identifiable information to any of this data,” said the company. Xiaomi said it hosts information on a public cloud infrastructure that is common and well known in the industry. “All information from our overseas services and users is stored on servers in various overseas markets where local user privacy protection laws and regulations are strictly followed and with which we fully comply,” it explained. Jain said that using Mi Browser or any Mi Internet product is perfectly safe and “we do not collect any information that the user has not given explicit consent to”. “All Mi Browser and Mi Cloud data of Indian users is stored locally in AWS servers in India,” he added. While collecting user data is not unusual for Internet companies, they are supposed to do so with the permission of users in order to offer them better services. But the data is supposed to remain anonymous so that the identity of the user remains hidden. I have come here with my analysis and shared all the information best to my knowledge.

Social Media Handles

*****************************************************************

Follow us on: Instagram: https://www.instagram.com/review_sheview/

Facebook: https://www.facebook.com/abhishekdaspattanayak/

******************************************************************