Xiaomi has been recently been in the news for all the wrong reasons. Despite having a great product line - be it the sales-success of the Redmi Note, or the spectacular offerings of the Xiaomi Mi 4 - for the manufacturer to have its root in the mainland in a point of concern for several users. Fuel was added to the fire, quite literally, when F-Secure released a report stating that Cloud Messaging, a new feature of the MIUI interface of Xiaomi smartphones, is a potential security and privacy concern. For the uninitiated, the MIUI Cloud Messaging app allows Xiaomi owners to send SMS to each other via the internet - for free. However, F-Secure's report had highlighted that Cloud Messaging passes on and tends to store a lot of user identification information - namely IMEI numbers, user phone numbers, contacts and messages etc. - on a server based in China. The potential cause of concern is that this information could be open to access from the Chinese government, especially since Cloud Messaging wasn't an opt-in feature.
Ex-Googler and now Global VP at Xiaomi, Hugo Barra has been spending much of his recent time defending the Chinese manufacturer against copy-cat claims, and security issues; be it in the Cloud Messaging service or in their online Google Drive-like Mi Cloud storage service. Recently Barra has taken to Google+ to clarify that the Cloud Messaging is being converted to an opt-in feature which can be turned off or on by the user themselves. Barra has posted that "As we believe it is our top priority to protect user data and privacy, we have decided to make MIUI Cloud Messaging an opt-in service and no longer automatically activate users. We have scheduled an OTA system update for today (Aug 10th) to implement this change. After the upgrade, new users or users who factory reset their devices can enable the service by visiting "Settings > Mi Cloud > Cloud Messaging" from their home screen or "Settings > Cloud Messaging" inside the Messaging app â€” these are also the places where users can turn off Cloud Messaging."
As a first step, this seems to be a good enough solution - make the service opt-in so that users can decide whether or not to activate and use the feature. However, the deeper issue of getting an image makeover for Xiaomi as a globally trusted brand is still left untouched. Would you ever trust a "server in China" with your precious information? Do let us know in the comments below.