OnePlus changes tack on OxygenOS data slurping

OnePlus volte face will also enable users to opt-out of company's device data collection practice

Fashionable smartphone maker OnePlus has promised to scale back the volume of data slurping surreptitiously carried out by its devices. The company has announced that users will now be able to opt out of the data gathering in a forthcoming update.

Last week, security researcher Christopher Moore revealed that OnePlus has been sucking up customers' sensitive data without their consent.

After setting up a security tool called OWASP ZAP on his OnePlus 2 handset, Moore noticed HTTPS requests being sent to a domain called open.oneplus.net, which further redirected the traffic to a US-based Amazon AWS server.

As well as hoovering up details such as users' phone and IMEI numbers, MAC addresses and mobile network names, Moore revealed that OnePlus was collecting time-stamped details, such as when the user locked the device and when apps were opened and closed.

"They're collecting time-stamped metrics on certain events, some of which I understand - from a development point of view, wanting to know about abnormal reboots seems legitimate - but the screen on/off and unlock activities feel excessive, he said in his blog.

He continued: "At least these are anonymised, right? Well, not really - taking a closer look at the ID field, it seems familiar; this is my phone's serial number."

At the time, OnePlus shrugged its shoulders and said it collected the data in order to "precisely fine-tune its software according to user behaviour".

Over the weekend, however, OnePlus founder Carl Pei has responded to the outcry in a blog post and said that in future, users will be able to opt-out of the privacy-invading data collection effort.

He explained that the reason for slurping the so-called "usage analytics" is so that the company "can better understand general phone behaviour and optimise OxygenOS for a better overall user experience".

However, he said that from the end of October, By the end of October, "all OnePlus phones running OxygenOS will have a prompt in the setup wizard that asks users if they want to join our user experience program".

"In addition, we will include a terms of service agreement that further explains our analytics collection. We would also like to share we will no longer be collecting telephone numbers, MAC Addresses and WiFi information," he said.

It isn't the first time that OnePlus has been slammed for questionable practices. Earlier this year, XDA slammed the company's OnePlus 5 device for 'inappropriately manipulating' benchmark scores in order to make its performance appear better than it really is.