If you've bought a Nokia smartphone, or plan to buy one, you might want to know a couple of things about privacy and security. In case you're not yet aware, HMD Global, the company behind that Nokia-branded smartphone, is currently being investigated by Finland's data protection watchdog after proof has found that some Nokia phones sent unencrypted user information to China.
A specific model was pointed out by Norway's public broadcaster NRK – Nokia 7 Plus, and only on a single batch of units. Our previous report mentions that these phones were supposed to be sold in China initially, but ended up in the hands of European consumers. That's a very important aspect in HMD Global's defense, but here is what the company told us after the unfortunate incident:
We can confirm that no personally identifiable information has been shared with any third party. We have analyzed the case at hand and have found that our device activation client meant for another country was mistakenly included in the software package of a single batch of Nokia 7 Plus. Due to this mistake, these devices were erroneously trying to send device activation data to a third party server. However, such data was never processed and no person could have been identified based on this data. This error has already been identified and fixed in February 2019 by switching the client to the right country variant. All affected devices have received this fix and nearly all devices have already installed it. Collecting one-time device activation data when the phone is taken first time into use is an industry practice and allows manufacturers to activate phone warranty. HMD Global takes the security and privacy of its consumers seriously.
In a long post published yesterday, HMD Global is trying to “demystify” data collection and explain why its Nokia 7 Plus units sent unencrypted information to China and how users of these phones are affected by this.
Recommended Stories
Your phone sends data to third-party servers because ...
The first thing the company wants customers to understand is why are they collecting data from devices. Apparently, there are two main reasons: a device warranty and improving the user experience. When a phone is used for the first time, it will send data to the company's servers to help it activate the warranty on the device.
When it comes to improving user satisfaction, the phone will only send data to HMD's service if you choose to participate in the User Experience Program, which means that the company will collect device satisfaction feedback and diagnostics from your Nokia phone.
One very important piece of information revealed by HMD is where exactly your data is stored in case you bought a Nokia smartphone. According to the Finnish company, if that phone was purchased from Europe, US or India, then your data is stored in Singapore, a country that supposedly follows very strict privacy laws.
However, if you live in the United States, but your phone was purchased from China, in order to comply with the country's Cyber Security law, HMD Global is forced to store data originating from China in China. Basically, if your phone is bought from China, it will undoubtedly send data to HMD's servers in China.
Avoid buying phones meant to be sold in China
What happened with the batch of Nokia 7 Plus units that were found sending data to servers in China is that the device activation client meant for the Chinese version of the phone was mistakenly included in the software package. HMD states that these phones were erroneously trying to send device activation data to a third party server, but such data wasn't processed and no person could have been identified based on the information sent.
While it's very important to know the origin of the phone you're buying, there are times when some units destined for certain markets end up being sold in another. You're not going to be able to point out these devices and you're not even supposed to, but at least you now know what it means to buy phones from China.
If your Nokia smartphone is bought from China, then chances are some data is sent to servers in China. Obviously, the same goes for Nokia smartphones bought from other countries but meant for the Chinese market.
Cosmin, a tech journalist with a career spanning over a decade, brings a wealth of experience to PhoneArena. His expertise lies in brands like Samsung and Nokia, and he has a keen interest in innovative technologies. After a brief stint in PR, Cosmin returned to tech journalism in 2016, committed to delivering clear and objective news. When he's not writing or appearing as a guest on TV and radio shows, Cosmin enjoys playing RPGs, watching Netflix, and nurturing his passion for history and travel.
Recommended Stories
Loading Comments...
COMMENT
All comments need to comply with our
Community Guidelines
Phonearena comments rules
A discussion is a place, where people can voice their opinion, no matter if it
is positive, neutral or negative. However, when posting, one must stay true to the topic, and not just share some
random thoughts, which are not directly related to the matter.
Things that are NOT allowed:
Off-topic talk - you must stick to the subject of discussion
Offensive, hate speech - if you want to say something, say it politely
Spam/Advertisements - these posts are deleted
Multiple accounts - one person can have only one account
Impersonations and offensive nicknames - these accounts get banned
Moderation is done by humans. We try to be as objective as possible and moderate with zero bias. If you think a
post should be moderated - please, report it.
Have a question about the rules or why you have been moderated/limited/banned? Please,
contact us.
FCC OKs Cingular\'s purchase of AT&T Wireless
Things that are NOT allowed: