Once again, an international company does not seem to take privacy very seriously. According to a report by the US business magazine “Forbes”, the Chinese mobile phone manufacturer Xiaomi is said to have installed a program on its preinstalled Internet browser that sends huge data packets about customers’ surfing behavior to servers in China.
“Forbes” bases its allegations on the judgment of two independent security experts. Both have independently confirmed that the Chinese manufacturer’s smartphones use the included Mi Browser internet app and a browser app called Mint to log when users access which websites. This collected data is then sent to servers in China. The fact that the data is also collected when the user has switched to the so-called “incognito” mode, which actually suggests anonymous surfing on the Internet, is also particularly piquant. Xiaomi would encrypt the data when it was sent, but the user’s Mi account can then be used to assign the data to the respective user again, which violates data protection regulations in many countries.
Xiaomi has officially agreed to collect the data in response to the allegations. In contrast to reporting at Forbes, the company insists that the data is only collected anonymously and would only be used to improve the browser. This is in line with national data protection law in China. When asked by the Bild newspaper, the company refers to a blog post. Xiaomi only speaks of a misunderstanding there, but shortly thereafter announces updates to the two affected browsers Mint and Mi. According to Xiaomi, these should continue to collect anonymized usage data in the future. With the scheduled update, customers can then only switch off the collection function in incognito mode. For Xiaomi, the scandal comes at an unsuitable moment, since the Chinese manufacturer has only just started to offer smartphones in Germany.