OnePlus Betrays Customer Privacy, Quietly Collects Personal Data

Mindy Sparks
October 14, 2017

It's no secret that OnePlus has faced heavy criticism from its users in the past year or two over its failure to provide adequate device support. If you haven't rooted your phone ever, we will recommend proceeding with a lot of caution. More negative press ensued after the launch of the OnePlus 5 with reports of benchmark manipulation, wrongly-mounted displays, and more importantly, users being unable to dial 911 in emergency situations.

In an article published on his blog, Moore demonstrated how personal information coming from his phone was being transferred to OnePlus, without him having given his consent.

The data that the company is collecting includes: IMEI numbers, phone numbers, MAC addresses, IMSI prefixes, serial numbers, mobile network name (s), when user launched/closed an app, screen on/off, time when user locked or unlocked their phone, and such more data that is considered invasive.

The information about the tracking was revealed by an OnePlus 2 user Chris D Moore who installed a security application that tracks the inflow and outflow of device's data.

Moore states that the code responsible for this data collection is part of the OnePlus Device Manager and OnePlus Device Manager Provider. After setting up a security tool called OWASP ZAP on his OnePlus 2 handset, he noticed HTTPS requests being sent to a domain called open.oneplus.net, which further redirected the traffic to a US-based Amazon AWS server. The most important thing is OnePlus admitted it collects data from users, but the Chinese company explained the reason behind its decision.


Two different streams are used to transmit the data one stream is used to determine the usage analytics and the other one to determine the user's behavior. "The second stream is device information, which we collect to provide better after-sales support", the statement reads.

We also spoke with a representative from the company but did not receive a satisfactory explanation as to why the company does not simply let users opt-in and share their data to help with future updates.

"Collecting basic telemetry data is quite a standard-fare but the problem arises when the data is precise enough to identify a user based on the information collected".

OnePlus says users can block transmission of usage activity disabling the option in Settings Advanced Join user experience program. Although this initiative may be useful for the company, the users should have been informed about this.

Other reports by Iphone Fresh

Discuss This Article

FOLLOW OUR NEWSPAPER