Finland investigates Nokia smartphones sending data to China
Nokia 7 Plus user claims his phone sent ‘unencrypted data’ to Chinese server
Finland’s data protection agency has launched an investigation into Nokia owner HMD Global over allegations that its mobiles sent user information to China.
A report by Norwegian broadcaster NRK claims that a data breach affecting an “unspecified number” of Nokia 7 Plus smartphones had exposed information to data centres in China, says Reuters.
NRK was alerted to the issue when a Nokia 7 Plus user contacted them to say his mobile had “often” contacted Chinese servers and sent data in an “unencrypted format” (where information is distributed online without sufficient protection), the news site reports.
Reijo Aarnio, a data protection officer at the Finnish watchdog, told Reuters that the firm would be assessing whether the software glitch involved “personal information and if there has been a legal justification for this”.
According to smartphone news site Android Authority, the server was traced to a company called the China Internet Network Information Center. NRK then contacted the company, which confirmed that it was owned by state-owned communications firm China Telecom.
Meanwhile, 9to5Google claims the leak would allow third parties to eavesdrop on unsuspecting Nokia 7 Plus users, as their geographical position, SIM card number and mobile serial number were allegedly sent to the server every time they unlocked their device.
While HMD Global has not revealed any details about the server, a spokesperson for the Finnish company confirmed to Reuters that a data breach had occurred.
“We can confirm that no personally identifiable information has been shared with any third party,” the spokesperson said. They added that there had been “an error in software packaging process in a single batch of one device model”.
HMD Global claims it had rectified the issue earlier this year via a software update, Engadget reports.