Nokia fans waited for years for the first Nokia-Android handsets to arrive, and it finally happened two years ago, when HMD Global unveiled its first Nokia 6 handset, after acquiring the right to use the brand. Since then, HMD unveiled a variety of Nokia handsets, culminating with the Nokia 9 PureView a few weeks ago.
However, the old Nokia has nothing to do with the Nokia phones we’re seeing today, and all these devices are made in China by Foxconn. This brings us to HMD’s first China-related issue, as some Nokia phones have apparently sent data to servers in the region without consent from users.
A Reuters report says that Finland will investigate the HMD phones, looking at whether they breached data rules. It all started with Norwegian public broadcaster NRK, which reported the breach on Thursday. A Nokia 7 Plus owner was told that his phone contacted a particular server, sending data packages in an unencrypted format.
According to NRK, Nokia had admitted that “an unspecified number of Nokia 7 Plus phones had sent data to the Chinese server,” without disclosing who owned the server.
“We can confirm that no personally identifiable information has been shared with any third party,” HMD told Reuters. “An error in software packaging process in a single batch of one device model” caused the issue.
“Such data was never processed and no person could have been identified based on this data,” HMD added, saying that the error was fixed in February and nearly all devices had installed the update. It’s still unclear what kind of data was sent to the server, and why it happened in the first place. Finland’s ombudsman Reijo Aarnio told Reuters he would investigate whether the breaches involved “personal information and if there has been a legal justification for this.”
UPDATE: HMD posted a detailed account of what happened during the Nokia 7 Plus data breach at this link, complete with an infographic and a FAQ section, explaining that it takes the privacy and security of its consumers very seriously.