The #NeverSettle smartphone maker has found a new way to irk users and alienate potential customers. OnePlus, the Chinese company that made a name for itself with its budget “flagship killers,” had to deal with various controversies this year, most of them related to the OnePlus 5 launch. Sadly, it’s not over.
A new report shows that OnePlus has been collecting a treasure trove of information about its customers, and it looks awful. There’s no good reason for the company to obtain this much data, no matter what OnePlus will tell us.
It was developer Christopher Moore who first noticed the unusual network activity of its OnePlus handset. Apparently, the phone was sending a lot of data to a OnePlus-owned domain, open.oneplus.net.
He was able to decrypt the data and discovered that the phone (a OnePlus 2) would send time-stamped data to the server. This included information about phone locks and unlocks, and reboots. He also found that OnePlus collected “the phone’s IMEI(s), phone numbers, MAC addresses, mobile network(s) names and IMSI prefixes, as well as my wireless network ESSID and BSSID and, of course, the phone’s serial number.”
Wow, that’s quite a bit of information about my device, even more of which can be tied directly back to me by OnePlus and other entities.
What’s even worse is that the server collects exact app data, recording when an app is opened and for what purpose.
Yes, sharing data with device makers should help them fix problems. And Google, Facebook, Amazon, Apple, and others collect data about users. But what OnePlus seems to be doing is above and beyond what’s acceptable, especially as the end-user isn’t properly notified about what goes on in the background.
You won’t like OnePlus’s statement on the matter, given to Android Police:
We securely transmit analytics in two different streams over HTTPS to an Amazon server. The first stream is usage analytics, which we collect in order for us to more precisely fine tune our software according to user behavior. This transmission of usage activity can be turned off by navigating to ‘Settings’ -> ‘Advanced’ -> ‘Join user experience program’. The second stream is device information, which we collect to provide better after-sales support.
But initially, OnePlus’s Twitter support account was not willing to provide any real help to the developer. Mind you, these tweets are from January:
Yes please: how do I turn off this event data collection (which gets sent to https://t.co/42nroll7PD)?
— Christopher Moore (@chrisdcmoore) January 13, 2017
This had no effect on the usage data collection.
— Christopher Moore (@chrisdcmoore) January 13, 2017
Furthermore, it looks like OnePlus’s data collection goes back a long way, with a July 2016 Reddit thread detailing the same issues.
To make sure you block any data transmission, you should uninstall OnePlus Device Manager
:
@chrisdcmoore I've read your article about OnePlus Analytics. Actually, you can disable it permanently: pm uninstall -k –user 0 pkg
— Jakub Czekański (@JaCzekanski) October 10, 2017
Alternatively, you can also prevent OnePlus from collecting your data by not buying a OnePlus device in the near future, or ditching the one you already own.
