CHINESE PHONE MAKER OnePlus is scaling back its data-slurping snoopery and has announced that users' will be able to opt out of the data gathering effort at any time.
Last week, security researcher Christopher Moore revealed that OnePlus has been sucking up customers' sensitive data without their consent.
After setting up a security tool called OWASP ZAP on his OnePlus 2 handset, Moore noticed HTTPS requests being sent to a domain called open.oneplus.net, which further redirected the traffic to a US-based Amazon AWS server.
As well as hoovering up details such as users' phone and IMEI numbers, MAC addresses and mobile network names, Moore revealed that OnePlus was collecting timestamped details such as when the user locked the device and when apps were opened and closed.
"They're collecting timestamped metrics on certain events, some of which I understand - from a development point of view, wanting to know about abnormal reboots seems legitimate - but the screen on/off and unlock activities feel excessive, he said in his blog.
"At least these are anonymised, right? Well, not really - taking a closer look at the ID field, it seems familiar; this is my phone's serial number."
At the time, OnePlus shrugged its shoulders and said it collected the data in order to "precisely fine-tune its software according to user behaviour".
Over the weekend, however, OnePlus founder Carl Pei has responded to the outcry in a blog post and said that going forward, users will be able to opt-out of the privacy-invading data collection effort.
He explained that the reason for the slurping so-called "usage analytics" is so the firm "can better understand general phone behaviour and optimize OxygenOS for a better overall user experience."
However, he said that from the end of October, By the end of October, "all OnePlus phones running OxygenOS will have a prompt in the setup wizard that asks users if they want to join our user experience program."
"In addition, we will include a terms of service agreement that further explains our analytics collection. We would also like to share we will no longer be collecting telephone numbers, MAC Addresses and WiFi information," he said. µ
But it'll only be available to a select few
We should be shocked, but...
But the search giant has now squashed the bug