Hot topics

The OnePlus spying controversy should be a wakeup call

AndroidPIT oneplus 5 0311
© nextpit

Your phone could be spying on you quietly, reporting activities even as innocuous as what times you unlock your screen back to the manufacturer without your knowledge. As the world of consumer electronics becomes increasingly filled with 'always online' smart devices, this privacy problem is only going to get worse.

Earlier this week, mathematician and software engineer Christopher Moore posted a revealing blog about his experience with OnePlus, in which he discovered that the OnePlus OxygenOS was running discreet but very detailed analytics in the background.

Chris first found this out earlier this year by accident after proxying the internet traffic from his OnePlus 2 phone through a specialized security tool. 

What he discovered was that OxygenOS was collecting timestamped metrics on certain events and transmitting the data back to OnePlus. This mechanism seems to be firmly anchored in the source code of the operating system, making it very difficult for the user to control without rooting the phone. This kind of activity can have a legitimate use for developers, but the data being harvested went far beyond what tech support might be interested in. 

AndroidPIT oneplus 3t 1379
Devices generate value for the manufacturer even after you've bought them / © NextPit

The data collected by OnePlus on Oxygen OS is quite extensive. They include battery life, the Android version, mobile phone signal, IMEI, serial number, the numbers you call, WiFi and SSID information, MAC addresses, the opening and closing of apps, activities within the apps, turning the screen on and off, and much more. In a nutshell: what you're doing with your phone, and when and where you're doing it.

That's more than enough information to trace back to the individual user, and probably much more than most of us are comfortable sending to a corporation. What's worse, when Chris contacted OnePlus to inquire how to shut the data collection off, they were unwilling so advise him on how to disable it. Turning to the user community, he found that others had been aware of the problem but had been similarly ignored.

Since Chris' blog had brought more public attention to the issue, we reached out to OnePlus for comment, and were provided with the following statement:

We securely transmit analytics in two different streams over HTTPS to an Amazon server. The first stream is usage analytics, which we collect in order for us to more precisely fine tune our software according to user behavior. This transmission of usage activity can be turned off by navigating to ‘Settings’ -> ‘Advanced’ -> ‘Join user experience program’. The second stream is device information, which we collect to provide better after-sales support.

That's nice to know now, but it still amounts to a LOT of users having a ton of data collected on the sly, even if at this point some of those who follow the tech news cycle decide to take action. This is mainly due to the fact that the analytics aren't opt-in, they are automatically running and in the hope that the user doesn't notice and try to turn it off. And most users just aren't tech-savvy enough to notice.

As Chris mentions, something like this should really be opt-in or have an easy off switch. After a negative public reaction, OnePlus have come out and said that they will tweak OxygenOS to make it opt-in and to stop collecting "telephone numbers, MAC Addresses and WiFi information." They still haven't been able to satisfactorily explain how exactly this kind of information was supposed to help with after-sales support.

Our data is a precious resource, and not just to OnePlus

OnePlus doesn't come out of this looking very good, but if we get real about this, they are not going to be the only ones discreetly gathering our personal data and hoping we don't notice. That data is very valuable, and corporations are going to do their best to harvest as much as they can, any way they can, with our explicit consent and without.

Earlier this week, we wrote about how Google's Pixel 2 event contained many implicit hints that point the way to the future of data collection. The smartphone will only be a small, increasingly insignificant part of the data-harvesting machine. We as users are increasingly moving into an environment where we are surrounded by an always-online, AI-assisted technological ecosystem. As tech companies compete to gather as much user data as possible, knowledge is power.

AndroidPIT Google Pixel 2 27
AI will be able to 'see' the world, and gather visual data from our homes / © NextPit

User data is ostensibly collected for commercial purposes. Basically, this information is used as market research by companies to better advertise their products to us, and to develop future products to suit our tastes and needs. Even if you find advertising annoying, the prospect of being offered more personalized products is hardly terrifying. But that's not the whole story.

You'd have to be terribly naive about the relationship of business to power to be unable to imagine a downside to this level of data collection. It's not tinfoil hat stuff. Just think, for example, about how many silicon valley CEOs have been government advisers, or own influential media platforms. The influence of big data analytic companies on elections. The persistent rumors that Mark Zuckerberg will run for president of the United States. Peter Thiel's warm relationship with anti-democracy "intellectual" Curtis Yarvin.

As more of our personal data ends up concentrated in the hands of a few powerful individuals with political as well as business collections, it's important to be aware that your devices aren't just learning about you so that they can offer to sell you a new shiny thing in your favorite shape or color.

So who watches the watchmen?

Data-hungry corporations will do their best to try to convince us that they can totally regulate themselves, guys. As we stand upon the advent of widespread AI, there have been multiple organisations and think tanks set up to consider the social and ethical consequences (by companies that have been caught illegally harvesting personal data without people's consent, oops!). Naturally, there will be plenty of hard-working people with good intentions working on this. But corporations are profit-making machines, and will weigh ethical concerns against their bottom line.

AndroidPIT google home 6975
We bring the company's eyes and ears into our house / © NextPit

Government regulation may to some degree mitigate the worst abuses of data at the hands of private corporations. But tech companies will likely be ahead of the curve in know-how and have already proven themselves experts in circumventing government regulation. That's without even considering their influence in shaping policy to begin with. 

For people that don't necessarily trust corporations to have our best interests at heart, it's up to us to get more informed about the technology around us, and we can't only listen to what manufacturers are willing to tell us up front. Helpful experts like Chris are great to have, and instrumental given that we can't all be security specialists. But nonetheless, it would be good if we all took time to learn a little more about the tech jungle we're going to live in, lest we get eaten by lions.

We're all tech geeks here, and none of us are prepared to trash our devices and go live off the grid, scraping lichen off trees for our sustenance. You bet that I will continue to be extremely online and playing with AI as soon as possible.The Androidpit editorial team continues to inform ourselves and our readers about future technology, and potential privacy issues that come with it. Consumer electronics are becoming smarter, and it wouldn't hurt if we users did, too.

Are you worried about private companies harvesting your data without you knowing? Or do you think there's no real risk?

 

 

  nextpit recommendation Price tip Luxury version with handle Price tip with handle For Garmin fans Mid-range tip
Product
Image Withings Body Smart Product Image Renpho Smart Body Fat Scale Product Image Withings Body Scan Product Image Lepulse Lescale P1 Product Image Garmin Index S2 Smart Scale Product Image eufy Smart Scale P3 Product Image
Deals*
Go to comment (8)
Nicholas Montegriffo

Nicholas Montegriffo
Editor

A cyberpunk and actual punk, Nicholas is the Androidpit team's hardcore gamer, writing with a focus on future tech, VR/AR, AI & robotics. Out of office, he can be found hanging around in goth clubs, eating too many chillies, or at home telling an unlucky nerd that their 8th level wizard died from a poisoned spike trap.

Liked this article? Share now!
Recommended articles
Latest articles
Push notification Next article
8 comments
Write new comment:
All changes will be saved. No drafts are saved when editing
Write new comment:
All changes will be saved. No drafts are saved when editing

  • 1
    chong Lee Oct 17, 2017 Link to comment

    Good app


  • 49
    storm Oct 17, 2017 Link to comment

    Seems par for the One Plus course.

    Loie FavreDeactivated AccountDeactivated Account


  • 46
    Deactivated Account Oct 17, 2017 Link to comment

    If you think there is any smart phone manufacture that is not spying or data harvesting. You need to get your head out of the sand. Especially the Chinese owned manufactures which have already been caught too. If you have a smart phone, and use location and Facebook. Everything you do is tracked. Now we are adding in Facial recognition where people are willing up loading their face so they can be tracked in public. Good bye privacy, and what is next?

    Loie FavreDeactivated AccountDwarfer66


    • Nicholas Montegriffo 11
      Nicholas Montegriffo Oct 17, 2017 Link to comment

      Do you think there's a real chance to fight this, or is personal privacy just impossible in modern hi-tech society?

      Loie FavreDeactivated Account


      • 46
        Deactivated Account Oct 17, 2017 Link to comment

        Complete privacy is impossible, a high level of privacy is possible. I just not sure you would want to live the way it takes to have it. Maintaining a lower profile is possible as long as you are carful.

        Loie Favre


      • 31
        Deactivated Account Oct 17, 2017 Link to comment

        knowledge is power and data is the currency of power..
        far too many of the wrong sort of people seek power for the the wrong sort of reasons,
        like governments spending more on warfare than welfare
        desire for power will always outweigh the respect of privacy...

        Loie FavreDeactivated Account


      • 28
        itprolonden Oct 19, 2017 Link to comment

        Governments are supposed to spend on warfare, not so much on welfare. It's not my job to provide a living for you


      • 31
        Deactivated Account Oct 19, 2017 Link to comment

        Kim Jong-un would welcome you like a long lost brother...

        006_Bill

Write new comment:
All changes will be saved. No drafts are saved when editing