OnePlus goes too far collecting private user data without proper warning
The beautiful albeit familiar and powerful yet not extremely affordable OnePlus 5 was met with plenty of enthusiasm back in June by Android fans focused on “never settling” for less than the best possible quality/price ratio.
But the excitement started to die down the very day after the oh-so-promising 5.5-inch phone came to light, as accusations of benchmark manipulation were played down by the Chinese company’s officials instead of taken seriously and prompting a behaviour change in performance-measuring tests.
Of course, that was only the beginning of months of scandals and controversies, ranging from annoying ad notifications to bizarre hardware flaws, the occasional critical software bug and yet another annoying case of unwanted notifications pushed over-the-air to increasingly frustrated OP5 owners.
But whether we’re looking at a 5T or OP6 release next, a delicate privacy issue still needs to be fixed. This one doesn’t just concern the OnePlus 5, actually surfacing online many months back after a lot of digging into the OP2’s data collection tactics.
Some Reddit posters noticed the unusual and troubling info-reporting conduct more than a year ago, but for some reason, this potentially huge controversy is only gathering steam now.
Basically, the default OnePlus Device Manager app seems to go a little too far in its user-tracking mission, accumulating everything from your standard “device information” to precise timestamps of screen on/off and unlock activities.
Worse yet, none of the data is anonymised, tying to your phone’s serial number as it moves into an Amazon server, together with other private stuff like MAC addresses, mobile network names, wireless network IDs and phone numbers.
Now, even if OnePlus keeps all this to itself, “in order to more precisely fine tune software according to user behavior”, as well as “provide better after-sales support”, it’s still way too much and way too detailed data. Not to mention users aren’t properly informed of everything the OEM has access to both during and after using devices like the OnePlus 2.
For what it’s worth, you can turn off the “transmission of usage activity” by unjoining the “user experience program” in your advanced settings menu. Meanwhile, the super-in-depth “device information” collection can be stopped by installing ADB on a computer, hooking the phone up to the PC, and running this command: pm uninstall -k – -user 0 net.oneplus.odm.