Sponsored by: Investment Center

Something new in your business?  Click here to submit your business press release

Chamber Corner | Main Street News | Job Hunt | Classifieds | Calendar | Illinois Lottery 

China smartphone maker Xiaomi apologizes for unauthorized data access

Send a link to a friend  Share

[August 11, 2014]  By Gerry Shih

BEIJING (Reuters) - Xiaomi Inc said it had upgraded its operating system to ensure users knew it was collecting data from their address books after a report by a computer security firm said the Chinese budget smartphone maker was taking personal data without permission.

The privately held company said it had fixed a loophole in its cloud messaging system that had triggered the unauthorized data transfer and that the operating system upgrade had been rolled out on Sunday.

The issue was highlighted last week in a blog post by security firm F-Secure Oyg and had been reported by media outlets in Taiwan. Like Apple Inc's iMessage service, Xiaomi lets users avoid SMS charges by routing messages over the Internet rather than through a carrier's network.

In a lengthy blogpost on Google Plus, Xiaomi Vice President Hugo Barra apologized for the unauthorized data collection and said the company only collects phone numbers in users' address books to see if the users are online.

He said the smartphone's messaging system would now only activate on an "opt-in" basis and that any phone numbers sent back to Xiaomi servers would be encrypted and not stored.

Some industry analysts say Xiaomi has pipped Samsung Electronics Co Ltd to become the top selling smartphone brand in China, the world's biggest smartphone market.

Although an increasing number of smartphone apps harvest vast troves of personal data including a user's real-time location, the address book remains a particularly sensitive domain.

The U.S. Federal Trade Commission fined the social network Path $800,000 last year after security researchers showed how the company siphoned users' address books without their knowledge and stored it on its servers.

As a result of the Path controversy, which began in 2012 and prompted a brief Congressional inquiry, Apple changed its iPhone operating system so that app developers would have to ask explicitly for permission before accessing address book data.

(Editing by Miral Fahmy)

[ 2014 Thomson Reuters. All rights reserved.]

Copyright 2014 Reuters. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.


< Top Stories index

Back to top