Nokia 7 Found Violating Privacy, Sending Sensitive Data to China

Privacy related issues have been haunting tech companies for a while now and the newest entry to the list is Nokia. According to a report from Reuters, Nokia’s home country Finland has discovered something suspicious about the company. The data protection watchdog of Finland has reported that HMD Global might be sending sensitive data to China.  

The investigation was started after a Nokia 7 user, Henrik Austad, said that while monitoring his smartphone for traffic, he found that some unencrypted information was being sent to China just as the phone is switched on. According to Henrik, the information included the SIM card number, his device’s serial number, device location, and more. He said that the Chinese server where this information was sent runs by the name “vnet.cn”. Further investigations found that this server is managed by a state-owned Chinese telecommunications company named China Telecom.

HMD Global’s Take On The Issue

Nokia 7 Found Violating Privacy, Sending Sensitive Data to China

When the initial reports about the information leak were out, HMD Global responded quickly stating that this all was a software error and a fix has already been released in a January software update. Furthermore, the company said that the phones were sending information to China but there is no personal information transmitted that could give away owner identity.

“We have analyzed the case at hand and have found that our device activation client meant for another country was mistakenly included in the software package of a single batch of Nokia 7 Plus,” HMD Global gave a statement.However, such data was never processed and no person could have been identified based on this data. This error has already been identified and fixed in February 2019 by switching the client to the right country variant.”

Ombudsman Reijo Aarnio talked to Reuters and confirmed that a thorough investigation will take place and legal action will be on the way in case any important data breaches found. Aarnio also implied in the NRK report that issue might still be violating the European Union’s “General Data Protection Regulation,” or GDPR. In case GDPR violation is found, a significant fine will be charged. Earlier, Google was also found violating GDPR rules when it was fined €50 million.

Interestingly, Nokia 7 was a China-exclusive device when released and the data sharing can be related to the fact that the first model of the smartphone was built in China. Furthermore, the Nokia 7.1 was released soon after the Nokia 7 but it was made available outside of China and thus, doesn’t seem to have any data sharing or privacy violation issues.

On a general note, HMD Global has been pretty successful in using the brand name of Nokia. The recent smartphones released by the company has again pushed Nokia devices in the top league. One of its recent premium devices is Nokia 9 PureView that featured a Penta-lens camera setup at the rear end and was named as the photographer’s smartphone from many smartphone experts.