Does the Nokia 7 Plus data leak affects US users? Probably not, here is why

Does the Nokia 7 Plus data leak affects US users? Probably not, here is why
If you've bought a Nokia smartphone, or plan to buy one, you might want to know a couple of things about privacy and security. In case you're not yet aware, HMD Global, the company behind that Nokia-branded smartphone, is currently being investigated by Finland's data protection watchdog after proof has found that some Nokia phones sent unencrypted user information to China.

A specific model was pointed out by Norway's public broadcaster NRK – Nokia 7 Plus, and only on a single batch of units. Our previous report mentions that these phones were supposed to be sold in China initially, but ended up in the hands of European consumers. That's a very important aspect in HMD Global's defense, but here is what the company told us after the unfortunate incident:


In a long post published yesterday, HMD Global is trying to “demystify” data collection and explain why its Nokia 7 Plus units sent unencrypted information to China and how users of these phones are affected by this.

Your phone sends data to third-party servers because ...

The first thing the company wants customers to understand is why are they collecting data from devices. Apparently, there are two main reasons: a device warranty and improving the user experience. When a phone is used for the first time, it will send data to the company's servers to help it activate the warranty on the device.

When it comes to improving user satisfaction, the phone will only send data to HMD's service if you choose to participate in the User Experience Program, which means that the company will collect device satisfaction feedback and diagnostics from your Nokia phone.

One very important piece of information revealed by HMD is where exactly your data is stored in case you bought a Nokia smartphone. According to the Finnish company, if that phone was purchased from Europe, US or India, then your data is stored in Singapore, a country that supposedly follows very strict privacy laws.

However, if you live in the United States, but your phone was purchased from China, in order to comply with the country's Cyber Security law, HMD Global is forced to store data originating from China in China. Basically, if your phone is bought from China, it will undoubtedly send data to HMD's servers in China.

Avoid buying phones meant to be sold in China

What happened with the batch of Nokia 7 Plus units that were found sending data to servers in China is that the device activation client meant for the Chinese version of the phone was mistakenly included in the software package. HMD states that these phones were erroneously trying to send device activation data to a third party server, but such data wasn't processed and no person could have been identified based on the information sent.

While it's very important to know the origin of the phone you're buying, there are times when some units destined for certain markets end up being sold in another. You're not going to be able to point out these devices and you're not even supposed to, but at least you now know what it means to buy phones from China.

If your Nokia smartphone is bought from China, then chances are some data is sent to servers in China. Obviously, the same goes for Nokia smartphones bought from other countries but meant for the Chinese market.

Recommended Stories

Loading Comments...
FCC OKs Cingular\'s purchase of AT&T Wireless