Click to Skip Ad
Closing in...

OnePlus has been silently collecting all sorts of data from users

Published Oct 11th, 2017 5:31PM EDT
OnePlus User Data Collection
Image: Zach Epstein, BGR

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

The #NeverSettle smartphone maker has found a new way to irk users and alienate potential customers. OnePlus, the Chinese company that made a name for itself with its budget “flagship killers,” had to deal with various controversies this year, most of them related to the OnePlus 5 launch. Sadly, it’s not over.

A new report shows that OnePlus has been collecting a treasure trove of information about its customers, and it looks awful. There’s no good reason for the company to obtain this much data, no matter what OnePlus will tell us.

It was developer Christopher Moore who first noticed the unusual network activity of its OnePlus handset. Apparently, the phone was sending a lot of data to a OnePlus-owned domain, open.oneplus.net.

He was able to decrypt the data and discovered that the phone (a OnePlus 2) would send time-stamped data to the server. This included information about phone locks and unlocks, and reboots. He also found that OnePlus collected “the phone’s IMEI(s), phone numbers, MAC addresses, mobile network(s) names and IMSI prefixes, as well as my wireless network ESSID and BSSID and, of course, the phone’s serial number.”

Wow, that’s quite a bit of information about my device, even more of which can be tied directly back to me by OnePlus and other entities.

What’s even worse is that the server collects exact app data, recording when an app is opened and for what purpose.

Yes, sharing data with device makers should help them fix problems. And Google, Facebook, Amazon, Apple, and others collect data about users. But what OnePlus seems to be doing is above and beyond what’s acceptable, especially as the end-user isn’t properly notified about what goes on in the background.

You won’t like OnePlus’s statement on the matter, given to Android Police:

We securely transmit analytics in two different streams over HTTPS to an Amazon server. The first stream is usage analytics, which we collect in order for us to more precisely fine tune our software according to user behavior. This transmission of usage activity can be turned off by navigating to ‘Settings’ -> ‘Advanced’ -> ‘Join user experience program’. The second stream is device information, which we collect to provide better after-sales support.

But initially, OnePlus’s Twitter support account was not willing to provide any real help to the developer. Mind you, these tweets are from January:

Furthermore, it looks like OnePlus’s data collection goes back a long way, with a July 2016 Reddit thread detailing the same issues.

To make sure you block any data transmission, you should uninstall OnePlus Device Manager
:

Alternatively, you can also prevent OnePlus from collecting your data by not buying a OnePlus device in the near future, or ditching the one you already own.

Chris Smith Senior Writer

Chris Smith has been covering consumer electronics ever since the iPhone revolutionized the industry in 2008. When he’s not writing about the most recent tech news for BGR, he brings his entertainment expertise to Marvel’s Cinematic Universe and other blockbuster franchises.

Outside of work, you’ll catch him streaming almost every new movie and TV show release as soon as it's available.