OnePlus devices are reportedly sending sensitive personal data to its servers. The company's OxygenOS is under the scanner for tracking personally identifiable information like IMEI number,MAC addresses, mobile network names, Wi-Fi SSIDs, and the phone's serial number.
A OnePlus 2 user, Chris D Moore noticed an anomaly in his device when he installed a security tool that tracks the inflow and outflow of data from his device. To his surprise, the device was making traffic requests to open.oneplus.net, which Moore discovered directed traffic to a US-based Amazon AWS server.
Earlier, there was no confirmation if this was typically the case with OnePlus 2 devices or all OnePlus devices. However, the company's response clearly proves that other OnePlus devices including OnePlus 3T, OnePlus 5 have the same tracking issue.
In its defense, the company released a statement saying, "We securely transmit analytics in two different streams over HTTPS to an Amazon server. The first stream is usage analytics, which we collect in order for us to more precisely fine tune our software according to user behavior. This transmission of usage activity can be turned off by navigating to 'Settings' -> 'Advanced' -> 'Join user experience program'. The second stream is device information, which we collect to provide better after-sales support."
And I'm _definitely_ not convinced you should know how long I spend in which apps. pic.twitter.com/1tX3vjW9fu- Christopher Moore (@chrisdcmoore) January 13, 2017
The data collection has been sourced to a system application called "OnePlus System Service" which uses cannot be turned off but can be disabled every time you turn your device on.
The company has not announced any plan to fix this in the future updates. Though OnePlus claims its doing this to provide better after-sales support, most users might not be happy about being kept out of the loop all this while.