Nine years ago, the world started to accept Xiaomi, a Chinese smartphone maker, while discarding all the prejudices.
In a comparatively shorter time period, the brand has grown out of China to become one of the world’s biggest smartphone manufacturers. Not just that, it has been leading the smartphone market share in India for almost four years.
With so many accomplishments in hand and so many more to come, it’s a shame to hear that Xiaomi has been harvesting private web data of users without their knowledge.
Xiaomi browsers’ data tracking
A few days ago, security researcher Cirlig told Forbes that Xiaomi’s default browser (Mi Browser), Mi Browser Pro, and Mint browser record and send web data to remote servers located in Russia and Singapore. However, their web domains are registered in Beijing.
The data collection includes search queries on Google, web history, and even items viewed on Google News. The researcher observed that the data harvesting continues even in the browser’s incognito mode.
The same monitoring behavior can be traced to other Xiaomi smartphones as well. And web data isn’t the only thing tracked by Xiaomi — the researcher also found the Chinese smartphone maker keeping tap of user’s behavior habits.
What does Xiaomi say about this?
Naturally, the first thing Xiaomi did was it simply denied the claims and called the research “incorrect.” However, after a major uproar, it said that the collected data is “anonymous” and “aggregated.”
In a blog post, Xiaomi said its aggregated usage information includes performance reports, memory usage, and other inconsequential things.
However, according to Cirlig, the same aggregated data can be used to identify a single user if it is compiled with the phone’s “metadata.” Later, cybersecurity researcher Andrew Tierney confirmed the same in a video.
Instead of addressing the videos, Xiaomi has released new browser updates, which include a toggle to turn off aggregated usage data collection in the incognito mode.
It’s not over yet
Mi Browser Pro and Mint Browser collectively have more than 20 million downloads. Moreover, Xiaomi’s default browser comes pre-installed on all the Xiaomi smartphones, which increases the userbase even further.
Although the company has rolled out an option to opt-out from the aggregated usage data collection, it’s limited the incognito mode of Xiaomi browsers. In other words, Xiaomi is still collecting “aggregated data” of users who are using the normal browsing mode.
Our other concern is the toggle to opt-out is disabled by default in the browsers. So, users who are uninformed about this won’t even realize the existence of such functionality. In its blog, Xiaomi writes, “our users’ privacy and security are of top priority,” but as we can see, the new toggle is nothing but a PR stunt.
In retrospect, nothing has changed. Xiaomi will keep collecting web data of people who are browsing in normal mode. Even if they did turn to incognito mode, it’s difficult to tell if people will opt-out of aggregated usage data collection.
In consideration of all this, we believe one should steer clear of Xiaomi browsers, which include the Mi browser, Mi browser Pro and Mint browser.
“It’s a lot worse than any of the mainstream browsers I have seen. Many of them take analytics, but it’s about usage and crashing. Taking browser behavior, including URLs, without explicit consent, and in private browsing mode, is about as bad as it gets.” Tierney told Forbes.
How to remove the Xiaomi browser?
We would have asked users to uninstall the Mi browser right off the bat. But thanks to Xiaomi’s “best possible user experience,” device users are not allowed to delete several pre-installed apps.
If the app is unbearable given its unethical practices, you can also uninstall a system app such as the Xiaomi browser using the Hidden Settings for MIUI.
Alternatively, you can also remove the app using Android’s ADB, but it’s a bit technical. With this, you can also remove other pre-installed applications on your Xiaomi device.
Xiaomi devices are known for providing flagship specifications at a significantly lower price, thanks to their unique business model. Back in 2018, CEO Lei Jun said the company will “forever” cap the profit margin on hardware at five percent.
However, there is more to this than meets the eye. Instead of hardware, internet services and software drives Xiaomi’s business. From pre-installed apps to intrusive ads, which by the way can only be removed to an extent, and the behavioral habits that help in the targeted ads, are the real source of income.
And now it appears the private web data has always been part of Xiaomi’s money-making tactics. Therefore, users are recommended to stop using Xiaomi browsers.