Xiaomi phones are cheap. But it isn’t just the RRP of the phones that is low, Xiaomi’s ethical approach to data and tracking is too – and this should concern you…
Xiaomi phones are cheap, packed with great specs and features, and, most of the time, ship with very competitive camera modules. This combination of price, great specs, and good looking design has helped the Chinese company grow from a nobody to one of the most popular phone brands on the planet inside the last half-decade.
But all is not as it seems. From the perspective of a consumer, Xiaomi phones seem cheap and cheerful, a value for money option for those that want high-end specs and design but cannot afford the latest and greatest flagship model from Apple or Samsung. But dig a little deeper and you’ll find something rather sinister about Xiaomi and its phones.
In the age of paranoia, the last thing you want to have to worry about is your phone spying on you, sending secure data about your habits, location, and web searches back to China. But this is exactly what Xiaomi phones do – and it doesn’t matter how “locked-down” you make the phone, the data, meaning your personal data, will still be extracted.
Just how bad is this problem? According to one researcher, Gabi Cirlig, Xiaomi phones are essentially “a backdoor with phone functionality” – and that backdoor leads straight to secure servers in China via places like Russia and Singapore. Cirlig, a cyber security expert, and ex-Xiaomi user discovered that data, personal, usually secure data, was being extracted from his RedMi Note 8 which was bought via Alibaba.
But there’s more, it gets worse.
According to Xiaomi, Cirlig’s findings are “untrue” – it says the data is encrypted before it is transferred. But Cirlig says this is not the case, and he has the videos to prove it. Furthermore, Xiaomi says it is not doing anything wrong.
Cirlig disagrees because the nature of the data collected by Xiaomi – things like unique numbers for identifying the specific device and Android version – could be used to identify the identity of the phone’s owner with ease.
Xiaomi also stated that users had “consented” to what it was doing. This is debatable. If what Xiaomi is doing is buried in its phone’s T&Cs, you’ll want to read each and every word of it before using the phone properly, rather than just clicking YES when it asks for your consent.
Still, even if it does have your consent – knowingly or not – what Xiaomi is doing is NOT ethical. Apple, Google, and Microsoft do not do this. And this would be another reason, if you need another one, to not use Chinese-made phones over those made and controlled by American and European companies.
Xiaomi also denied that browsing data was being recorded when using browsers like DuckDuckGo and Chrome’s Incognito mode. According to Xiaomi, this data is not recorded and/or shared. But two independent researchers again showed that this was not the case – Xiaomi was recording and extracting browsing data, regardless of what browser the user was using.
Once you have reams of data, you need someone to analyze it – someone to sift through the terabytes of files and web searches to spot trends. And this is where behavioral analytics companies come into play. Xiaomi uses a company called Sensors Analytics to analyze and spot trends in the data it collects on its users. Xiaomi says it just wants to better understand its customers. But the entire thing stinks if you ask me.
Following on from Cirlig and Tierney’s report, Xiaomi has made some changes to the way it collects data. The company did an entire blog post outlining its new data collection policies. And it now offers users the ability to opt out of having their web searches and browser data sent off to private analytics companies.
But this ONLY happened because Xiaomi got caught with its hand in the cookie jar. If it hadn’t been caught out, it’d still be doing it. In Xiaomi’s view, it hasn’t done anything wrong and never did. That doesn’t sit well with me. And in times like these, you’re always just better off going with a company that has a more ethical stance on privacy like Apple.
If you want a cheap, reliable phone – that doesn’t spy on you – get yourself a refurbished iPhone. You can pick up the iPhone 11 for less than $400 now. And that phone will run for years to come and get iOS updates until well into the late-2020s. I’d take a two-year-old iPhone over a brand new Xiaomi phone every day of the week too.
Or, if you’re after something more budget-friendly but new, go with one of Samsung’s A-Series Galaxy phones. They’re brilliant options with great specs, battery life, and software. And because they’re Samsung phones, you’ll get three years’ worth of Android updates – something you DEFINITELY won’t get with a Xiaomi phone.Richard Goodwin
Richard Goodwin has been working as a tech journalist for over 10 years. He is the editor and owner of KnowYourMobile.