If you own a Xiaomi phone it's possible the company could have a record of all your interactions with all the apps that come with MIUI, its own user interface that's laid over Android.
This news comes from Forbes (opens in new tab), which published a report based on the account of Gabi Cirlig, a cybersecurity researcher who claimed to have found that lots of his phone use habits were being sent to Xiaomi.
- These are the best Xiaomi phones we've tested
- Check out our Xiaomi Mi 10 Pro review
- These are the best smartphones
Cirlig said he found that accounts of internet searches done on Xiaomi's Browser app, folders that were opened, and interactions on the phone's home screen were being sent to servers in Singapore and Russia rented by Xiaomi.
This all happened on a Redmi Note 8 but apparently Cirlig found the same browser code on a Redmi K20 (or Xiaomi Mi 9T, as it was called in many regions), a Xiaomi Mi 10 and a Mi Mix 3, suggesting that the issue would also affect them.
While this data was encrypted, it was reportedly done in a very simplistic way that meant Cirlig could easily crack his own data and reveal indicators that it was his. In other words, his data could still be tracked to him.
Save the data
Most tech companies collect user data, usually to understand how people use various apps and functions. This is gradually being seen as normal in tech, but usually this data isn't traceable back to users, while in the case of the Xiaomi data it seems Cirlig's data was easily identifiable.
In a statement Xiaomi sent to several tech websites, however, it contested Forbes' article and defended its privacy protocols:
"Xiaomi was disappointed to read the recent article from Forbes. We feel they have misunderstood what we communicated regarding our data privacy principles and policy. Our user's privacy and internet security is of top priority at Xiaomi; we are confident that we strictly follow and are fully compliant with local laws and regulations. We have reached out to Forbes to offer clarity on this unfortunate misinterpretation."
It's not certain, then, if the fact Cirlig could reportedly easily unscramble his data was a bug affecting just a few users, or a more widespread problem, although it seems Xiaomi doesn't think its users should feel worried.