There have been several concerns raised over Xiaomi user data – the latest being of IAF sugesting its teams and families to refrain from using Xiaomi devices, due to security reasons.xiaomi-mi3-india
Xiaomi Global VP, Hugo Barra has shared the following update with us. We hope this puts an end to the security concerns.


1. Xiaomi does not collect any information without user permission
We offer various Internet based services such as Mi Cloud and Cloud Messaging which require data to be stored in the cloud. We take rigorous precautions to ensure that all data is secured when uploaded to Xiaomi servers and is not stored beyond the time required. Users will always be notified beforehand in situations when we require your personal information, and will have to approve the request.
Mi Cloud and Cloud Messaging are opt-in services which users can turn on and off at any time, giving users complete control.  Please see attached screenshots as examples.
2. The concerns raised by F-Secure have been fully addressed
We believe the advisory circular issued by IAF is based on events about 2 months back.  It refers to the F-Secure test done on the Redmi 1S in July 2014 about the activation of our Cloud Messaging service (which enables users to send text messages for free). We immediately addressed the concerns raised, which was directly acknowledged by F-Secure 4 days later.
Please refer to this post by F-Secure confirming their concerns were addressed:
http://www.f-secure.com/weblog/archives/00002734.html
To understand this episode in more detail, you can read the following post:
https://plus.google.com/+HugoBarra/posts/bkJTXzyXXmj
3. We are currently moving our Indian users’ data to servers outside of China
Since early 2014, we have been migrating our services and corresponding data for Indian users from our Beijing data centers to Amazon AWS data centers in Singapore and USA.  This migration will be fully completed by the end of the year.
This helps improve the performance of our services and also provide some peace of mind for users in India in ensuring that we treat their data with the utmost care and will always maintain the highest privacy standards.
Here’s a post I wrote last night about this: https://plus.google.com/110023707389740934545/posts/9ARVCHczyvb

In 2015, we are planning to take on a new challenge to further improve the performance of our services for users in large and fast-growing markets such as India and Brazil.
In these markets, where Amazon AWS services aren’t yet available, we will be working with local data center providers to set up our service infrastructure.  Once that has been completed, users in these markets will be much closer to their data and enjoy even faster speeds by connecting to local servers.


Add comment

Newsletter