OnePlus OxygenOS phone data tracking raises privacy concerns

Some OnePlus users are again raising privacy concerns over OxygenOS's telemetry tracking, namely that some of the data being gathered makes it possible to connect the user with the data. Discussions about this tracking were first raised in summer 2016, but caught public attention in a bigger way recently when security researcher Christopher Moore published a detailed breakdown of the data collection on his website.

At the heart of the issue is the telemetry data OnePlus is collecting, the expansiveness of which some people feel is too great, plus the fact that certain bits of data could theoretically make it possible for the company to connect the particular user with the particular data collected.

This data includes things like when the device's screen is turned off and on alongside timestamps, a phone's serial number, IMEI, phone number, MAC addresses, IMSI prefixes, the mobile networks it uses, a WiFi network's ESSID and BSSID, which apps are opened and how long they're used. By all accounts, the data, which is being sent back to a OnePlus server, isn't anonymized.

Moore's attempts to get details from OnePlus on how to disable the data tracking weren't fruitful, though he found a Reddit thread that led to the revelation that the data tracking is happening through OnePlus Device Manage and Device Manager Provider. There's no simple way for a user to know the extent of the data tracking happening, nor to disable it.

Twitter user Jakub Czekanski pointed out in a tweet that this tracking can be disabled using adb sans root by substituting the net.oneplus.odm for 'pkg.' More on that in the tweet below:

SOURCE: Chris Moore