As our smartphones become central to our lives—holding private conversations, financial details, personal photos, and work-related data—the importance of data privacy has never been greater. However, not all smartphone brands have earned the trust that such responsibility demands. In particular, two Chinese brands, Infinix and OnePlus, have repeatedly been caught in the spotlight for questionable privacy practices and potential security vulnerabilities.
Infinix: Budget Phones with Hidden Costs
Infinix, a subsidiary of Transsion Holdings, is well-known for its affordable smartphones that cater to budget-conscious consumers in markets like Pakistan, India, and Africa. Despite their popularity, Infinix devices have a concerning history of shipping with malware and poorly secured apps.
A major investigation in 2020 by mobile security firm Secure-D uncovered that certain Infinix and other Transsion-made phones came preloaded with malware like xHelper and Triada. These malicious programs silently subscribed users to paid services in the background, siphoning off mobile credit without their consent.
Things didn’t improve much in later years. In 2024, security experts identified two critical vulnerabilities in Infinix phones. One allowed any local app to silently perform a factory reset, wiping all user data. Another vulnerability enabled apps to track users’ precise location using a misconfigured weather app—without any permission.
Worse still, these issues remain largely unaddressed. Infinix has not issued any meaningful public acknowledgment or fixes, and in 2025, India’s cybersecurity agency officially listed Infinix as a high-risk vendor. Users also report being bombarded with system-level ads, unable to uninstall bloatware, and noticing strange spikes in data usage, which all point toward a phone that prioritizes monetization over privacy.
OnePlus: From Fan Favorite to Privacy Red Flags
OnePlus, once hailed as a revolutionary flagship killer for Android users, has seen its reputation erode over the years due to repeated data privacy incidents. Back in 2017, OnePlus was found collecting sensitive user data—including device identifiers and app activity—without users’ knowledge or explicit consent.
Around the same time, it was discovered that a hidden application called “EngineerMode” could be used as a root backdoor, allowing unauthorized control of the phone if accessed physically. This discovery rang alarm bells among cybersecurity experts and users alike.
Fast-forward to 2025, and OnePlus is once again in hot water. A bipartisan group of U.S. lawmakers requested the Commerce Department investigate the brand amid allegations that its phones might be transmitting user data, including screen recordings, to servers in China. Though no conclusive evidence has yet been published, the brand’s past behavior adds weight to the suspicions.
Adding to the concerns were two major data breaches in 2018 and 2019, which exposed sensitive customer information like names, email addresses, and delivery data from its online store. Despite repeated backlash, OnePlus has yet to regain full consumer trust when it comes to privacy.
ZTE: Still Under the Shadow of Surveillance
While not as frequently reported on as Infinix or OnePlus, ZTE also raises concerns. This Chinese brand was banned from doing business in the U.S. in 2018 for allegedly violating trade sanctions and assisting in government surveillance activities. Though it continues to operate in some markets, ZTE remains under heavy restrictions across the U.S. and Europe and is often grouped with Huawei in global discussions on digital surveillance and data security risks.
Why Should You Be Concerned?
Even if you think you have “nothing to hide,” the security of your personal data should never be taken lightly. Many of us store intimate details—banking passwords, photos, business documents, and messages—on our phones. Brands that fail to protect this data, or worse, exploit it without disclosure, represent a clear danger.
The recurring pattern with Infinix and OnePlus includes factory-installed malware, backdoor access, telemetry collection without consent, and a lack of timely updates or transparency. While these actions may not always point to deliberate spyware, the outcomes are just as harmful to your personal security and privacy.
What Can You Do to Stay Safe?
One of the most important steps is choosing brands with a strong track record of privacy and security. Phones from companies like Apple, Samsung, and Google (Pixel devices) tend to adhere to stricter privacy practices and receive frequent security updates.
Make sure to keep your phone updated with the latest firmware. Avoid downloading apps from unverified sources, and be cautious about granting unnecessary permissions—especially access to your location, camera, microphone, and contacts.
Where possible, uninstall or disable pre-installed bloatware that you don’t use. Advanced users might also consider installing custom ROMs like LineageOS, which offer greater transparency and control—but these come with their own technical challenges and risks.
The convenience of a cheap phone shouldn’t come at the cost of your personal security. While Infinix and OnePlus offer appealing specs at competitive prices, their history of data misuse and weak security practices suggests that the real cost may be hidden. In today’s digital world, trust is everything—and when it comes to protecting your data, you deserve better.
