It's only been a few days since Chinese Xiaomi was accused by Forbes of gathering information about smartphone users. The news spread very quickly around the world.
The manufacturer itself has already responded to this accusation. It responds and clarifies the situation through a press release.
Xiaomi's reaction was not long in coming
"No negligence on the part of Xiaomi: the monitoring of the data is safe and Forbes' allegations are unfounded as well as incorrect." - says Xiaomi's statement, which was published together with a press release.
The press release clarifies the situation about how Xiaomi actually collects data.
There are two types of data that the tag groups when a user uses their smartphone and surfs the Internet through Mi Browser:
- collection of summary data on usage statistics: data (such as system information, preferences, use of user interface features, sensitivity, performance, memory usage, and failure reports) are aggregated and cannot be used alone to identify any user (contrary to what Forbes claims in its investigation);
- synchronization of user navigation data: Data within a user's browser (history) is synced when the user is logged in to their account and the data sync feature is set to "On".
The Xiaomi brand adds and also confirms that user data is not synchronized in incognito mode, but aggregate usage statistics are still collected.
As far as is known, these types of data are the same as those grouped by Facebook and Google when using their applications. So this is not a surprising innovation that is unparalleled at the moment.
The press release explains
Chinese Xiaomi also attaches screenshots in the press release to support what he says. Especially in the first case, we see how completely anonymous data tracking tokens are generated (contrary to what the findings from the Forbes workshop claim).
Below we see how User Analytics statistics are not collected by Sensor Analytics, as Forbes writes. They come rather to their own domains or domains related to Xiaomi, as evidenced by the address containing the text "miui".
After all, when it comes to decryption by a cybersecurity expert, Xiaomi attaches photos that confirm the selected security protocols.
In particular, four certifications received from companies and international third-party organizations (such as TrustArc or the British Standard Institution), which provide certified security and privacy practices not only for Xiaomi smartphones, but also for pre-installed applications, including the "alleged" Mi Browser application.
Xiaomi is disappointed. Of the unsubstantiated allegations of Forbes
As for the words he used Forbes in his investigative article, the manufacturer Xiaomi expresses "Disappointing" and is convinced that "The report completely distorts the facts".
There is another fact that is quite startling. Before writing and publishing the article, journalist Forbes contacted producer Xiaomi and asked a number of questions.
The brand subsequently responded in a clear and transparent way (as stated in the above-mentioned press release), but in spite of everything "The published article does not accurately reflect the content and facts that have been published" during the interview.
It is currently unclear which of these two parties (Forbes vs. Xiaomi) is right, but a media attack with unsubstantiated data is clearly the wrong move for a media of such magnitude as Forbes.