Nokia 7 Plus sent user info to China-based server, HMD Global responds

Nokia 7 Plus China variant accidentally shipped to Europe, and the affected devices apparently sent Nokia phone details to a server in China.

A Norwegian website NRKBeta earlier in the week uncovered a strange behaviour in the Nokia 7 Plus, supposed sending user information to some third-party server China. This apparently violates the Europe Union's General Data Protection Regulation (GDRP), which any companies even telecom sector from storing or sending personal data of the citizens outside the continent.

As per NRKBeta, Nokia 7 Plus used to export information such as device's IMEI, MAC ID, and the SIM ICCID, which are unique identifier details that can be used to track a person online activity and even track them in physical places using the tower locations to a server managed by China Telecom.

Nokia 7 Plus, launch,price, specs,MWC 2018 — Nokia 7 Plus sent sensitive user information including location details to a server in China.Nokia Press Kit

To this, HMD Global Oy has admitted that some Nokia 7 Plus units sold in Europe were actually meant for China and they came installed with an app that tracked the information purely for improving the user experience. It added that the information that was transferred from Europe to China wasn't processed and it has no markers to reveal a particular person. So, no identifiable Nokia 7 Plus owner details are with the company.

"We have looked deeply into the case at hand and can confirm that no personally identifiable information has been shared with any third party. We have analysed the case at hand and have found that our device activation client meant for our China variant was mistakenly included in the software package of a single batch of Nokia 7 Plus phones," HMD Global said in a statement.

Nokia 7 Plus, data leak, China, server — Nokia phone details stored in HMD Global Server in SingaporeHMD Global Oy

The company said that the error was actually detected in February and fixed in the same with a software patch to block the phone further sending the information to the Chinese server. Almost all Nokia 7 Plus owners have installed the update, it added.

The Finnish firm added that all device data of Nokia Phones other than the China variant is stored at HMD Global's servers in Singapore provided by Amazon Web Services.

It has released an infographic of where Nokia phone devices information is stored and why they collect it for.

"We encourage our consumers to familiarize themselves with this information and our Privacy Policy (here) that further explains the data collection. HMD Global takes the privacy and security of its consumers seriously," HMD Global noted.