Consumer Rights Wiki - User contributions [en]

Entities refusing to distribute copyleft licensed software under license terms

2025-09-07T19:44:49Z

Tenkuma: Added some missing references.

{{StubNotice}}

Many open-source software licenses require you to license your modified copies under the same license, thus maintaining the freedom of the end-user and preventing use of the source code without any contribution.<ref>{{Cite web |title=What is Copyleft? |url=https://www.gnu.org/licenses/copyleft.en.html |url-status=live}}</ref><ref>{{Cite web |date=2025-08-23 |title=What Is a Copyleft License and How Does It Work? |url=https://legalclarity.org/what-is-a-copyleft-license-and-how-does-it-work/ |url-status=live}}</ref><ref>{{Cite web |last=Cotton |first=Ben |date=12 Aug 2016 |title=What is copyleft? |url=https://opensource.com/resources/what-is-copyleft |url-status=live |website=opensource.com}}</ref> However, this practice is rarely enforced and some companies actively refuse to distribute source code in flagrant violation of the law.<ref>{{Cite web |title=The Principles of Community-Oriented GPL Enforcement |url=https://sfconservancy.org/copyleft-compliance/principles.html |url-status=live}}</ref>

A company may refuse to comply with a copyleft license to reduce user freedom regarding it's product, locking the end-user inside an ecosystem that only works with that company's product or products from it's partners.


==Licenses Examples==

===Permissive Licenses===
One may confuse permissive licenses with copyleft licenses, however, permissive licensed software do not require distribution of source code upon modification, this means that if a company is redistributing a modified version of open-source software that's under a permissive license, you may request for their source code.<ref name=":1">Gangadharan, G. R., et al. "Managing license compliance in free and open source software development." ''Information Systems Frontiers'' 14.2 (2012): 143-154.</ref>

===Copyleft Licenses===
Copyleft licenses require the modified code to be distributed under the same license as the original. It does not matter if it is from the original vendor or from a distributor.<ref name=":1" /> Examples of such licenses include:

*GPL v2 and GPL v3
*MPL

==Enforcement and Precedents==
The [https://sfconservancy.org/ Software Freedom Conservancy] is a nonprofit organization in order to combat this issue. However, in practice, they usually have long lead times and encourage the user to file a suit instead. Below are listed some precedent cases of enforcement of software licenses:

;SFC and Vizio's SmartCast TVs
:After the company Vizio failed to comply with the requirements of GPL v2 and LGPL in it's television software, SFC has filled a lawsuit against the company. Even though SFC is not the copyright holder of the used code, it's claiming to be third-party beneficiary of the said code, and if the judge decides that this is a valid claim, the case would set precedent for more rigid enforcement of open-source software licenses.<ref>{{Cite web |last=Drukarev |first=Andy |date=2025-06-29 |title=Analyzing 5 Major OSS License Compliance Lawsuits |url=https://fossa.com/blog/analyzing-5-major-oss-license-compliance-lawsuits/ |url-status=live |archive-url=https://web.archive.org/web/20250907181317/https://fossa.com/blog/analyzing-5-major-oss-license-compliance-lawsuits/ |archive-date=2025-09-07 |access-date=2025-09-07 |website=Fossa}}</ref><ref>{{Cite web |last=Lee |first=Victoria |last2=Stevenson |first2=Christopher |last3=Williams |first3=Glen |date=2024-01-16 |title=SFC v. Vizio survives motion for summary judgment on third-party beneficiary issue |url=https://www.dlapiper.com/en/insights/publications/2024/01/sfc-v-vizio-survives-motion-for-summary-judgment-on-third-party-beneficiary-issue |url-status=live |archive-url=https://web.archive.org/web/20250907181629/https://www.dlapiper.com/en/insights/publications/2024/01/sfc-v-vizio-survives-motion-for-summary-judgment-on-third-party-beneficiary-issue |archive-date=2025-09-07 |access-date=2025-09-07 |website=DLA Piper}}</ref>

==Examples==

===Linux Kernel===
Linux is licensed under GPL-2.0-only.<ref name=":0">[https://github.com/torvalds/linux/blob/master/COPYING "Linux Copying Terms"] - github.com - accessed 2025-01-29</ref><ref>{{Cite web |title=COPYING |url=https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/COPYING |url-status=live}}</ref> Refusing to provide the Linux kernel source code under it's original license is not allowed<ref>[https://www.gnu.org/licenses/old-licenses/gpl-2.0.en.html "GNU GPL Clause 3a"] - gnu.org - accessed 2025-01-29</ref> and limits the end-user's usage of a device, for example, customers may not be able to build custom operating systems like LineageOS or postmarketOS for their phones as the result of this.

;Alarm.com
:''Alarm.com'' is a ''Software as a Service'' company. They collaborate with multiple hardware vendors to get their security software running on their devices, which primarily run Android. In relation to ''Qolsys''<nowiki/>'s experience, they actively refused to provide the Linux kernel source code. They also do not have a webpage showcasing where to download source code.

;AVM
:''AVM'' is a German company that produces routers and smart home devices. While they disclosed their modified Linux Kernel source code, key build scripts were missing. It was only after they were sued by a software developer that they released them.<ref>{{Cite web |last=Faust |first=Mike |date=2025-01-11 |title=Auch Skripte für Kompilierung gehören zum Quellcode [Scripts for compilation are part of source code as well] |url=https://www.golem.de/news/klage-gegen-avm-auch-skripte-fuer-kompilierung-gehoeren-zum-quellcode-2501-192338.html |access-date=2025-09-03 |website=Golem}}</ref>

;Cricket
:''Cricket'' is a mobile network carrier that also sells Android phones. As they are a distributor of Android phones, which run Linux, they are required by law to distribute the source code to customers who ask for it. However, in practice, customers are actively turned away by customer support. They also do not have a webpage showcasing where to download source code.

;Qolsys
:Most of ''Qolsys''<nowiki/>'s products run Android, however when asking customer support for the source code for the ''IQ Panel 4'', they actively refused to provide it. When pressed they will ignore you. They also do not have a webpage showcasing where to download source code.

;Xiaomi
:[[Xiaomi]]'s devices are running Android, which is built on top of the [https://kernel.org Linux kernel]. Xiaomi does release the kernel sources for many of their devices in their [https://github.com/MiCode/Xiaomi_Kernel_OpenSource GitHub repository], but not for all.
:The kernel sources for some Xiaomi devices are unavailable, they include:
:*Redmi Note 13 4G/NFC
:*Redmi 13C 4G
:*Poco M5
:This, along with [[Xiaomi Phone unlock requirements and procedure]] prevents custom ROMs from being made for these devices.

==References==
<references />
[[Category:Xiaomi]]

Entities refusing to distribute copyleft licensed software under license terms

2025-09-07T19:11:20Z

Tenkuma: Better spelling, moved TODO to comments, added Vizio's case, added more references and removed redundant paragraphs and corrected the copyleft definition.

{{StubNotice}}

Many open-source software licenses require you to license your modified copies under the same license, thus maintaining the freedom of the end-user and preventing use of the source code without any contribution.<ref>{{Cite web |title=What is Copyleft? |url=https://www.gnu.org/licenses/copyleft.en.html |url-status=live}}</ref><ref>{{Cite web |date=2025-08-23 |title=What Is a Copyleft License and How Does It Work? |url=https://legalclarity.org/what-is-a-copyleft-license-and-how-does-it-work/ |url-status=live}}</ref><ref>{{Cite web |last=Cotton |first=Ben |date=12 Aug 2016 |title=What is copyleft? |url=https://opensource.com/resources/what-is-copyleft |url-status=live |website=opensource.com}}</ref> However, this practice is rarely enforced and some companies actively refuse to distribute source code in flagrant violation of the law.

A company may refuse to comply with a copyleft license to reduce user freedom regarding it's product, locking the end-user inside an ecosystem that only works with that company's product or products from it's partners.


==Licenses Examples==

===Permissive Licenses===
One may confuse permissive licenses with copyleft licenses, however, permissive licensed software do not require distribution of source code upon modification, this means that if a company is redistributing a modified version of open-source software that's under a permissive license, you may request for their source code.

===Copyleft Licenses===
Copyleft licenses require the modified code to be distributed under the same license as the original. It does not matter if it is from the original vendor or from a distributor. Examples of such licenses include:

*GPL v2 and GPL v3
*MPL

==Enforcement and Precedents==
The [https://sfconservancy.org/ Software Freedom Conservancy] is a nonprofit organization in order to combat this issue. However, in practice, they usually have long lead times and encourage the user to file a suit instead. Below are listed some precedent cases of enforcement of software licenses:

;SFC and Vizio's SmartCast TVs
:After the company Vizio failed to comply with the requirements of GPL v2 and LGPL in it's television software, SFC has filled a lawsuit against the company. Even though SFC is not the copyright holder of the used code, it's claiming to be third-party beneficiary of the said code, and if the judge decides that this is a valid claim, the case would set precedent for more rigid enforcement of open-source software licenses.<ref>{{Cite web |last=Drukarev |first=Andy |date=2025-06-29 |title=Analyzing 5 Major OSS License Compliance Lawsuits |url=https://fossa.com/blog/analyzing-5-major-oss-license-compliance-lawsuits/ |url-status=live |archive-url=https://web.archive.org/web/20250907181317/https://fossa.com/blog/analyzing-5-major-oss-license-compliance-lawsuits/ |archive-date=2025-09-07 |access-date=2025-09-07 |website=Fossa}}</ref><ref>{{Cite web |last=Lee |first=Victoria |last2=Stevenson |first2=Christopher |last3=Williams |first3=Glen |date=2024-01-16 |title=SFC v. Vizio survives motion for summary judgment on third-party beneficiary issue |url=https://www.dlapiper.com/en/insights/publications/2024/01/sfc-v-vizio-survives-motion-for-summary-judgment-on-third-party-beneficiary-issue |url-status=live |archive-url=https://web.archive.org/web/20250907181629/https://www.dlapiper.com/en/insights/publications/2024/01/sfc-v-vizio-survives-motion-for-summary-judgment-on-third-party-beneficiary-issue |archive-date=2025-09-07 |access-date=2025-09-07 |website=DLA Piper}}</ref>

==Examples==

===Linux Kernel===
Linux is licensed under GPL-2.0-only.<ref name=":0">[https://github.com/torvalds/linux/blob/master/COPYING "Linux Copying Terms"] - github.com - accessed 2025-01-29</ref><ref>{{Cite web |title=COPYING |url=https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/COPYING |url-status=live}}</ref> Refusing to provide the Linux kernel source code under it's original license is not allowed<ref>[https://www.gnu.org/licenses/old-licenses/gpl-2.0.en.html "GNU GPL Clause 3a"] - gnu.org - accessed 2025-01-29</ref> and limits the end-user's usage of a device, for example, customers may not be able to build custom operating systems like LineageOS or postmarketOS for their phones as the result of this.

;Alarm.com
:''Alarm.com'' is a ''Software as a Service'' company. They collaborate with multiple hardware vendors to get their security software running on their devices, which primarily run Android. In relation to ''Qolsys''<nowiki/>'s experience, they actively refused to provide the Linux kernel source code. They also do not have a webpage showcasing where to download source code.

;AVM
:''AVM'' is a German company that produces routers and smart home devices. While they disclosed their modified Linux Kernel source code, key build scripts were missing. It was only after they were sued by a software developer that they released them.<ref>{{Cite web |last=Faust |first=Mike |date=2025-01-11 |title=Auch Skripte für Kompilierung gehören zum Quellcode [Scripts for compilation are part of source code as well] |url=https://www.golem.de/news/klage-gegen-avm-auch-skripte-fuer-kompilierung-gehoeren-zum-quellcode-2501-192338.html |access-date=2025-09-03 |website=Golem}}</ref>

;Cricket
:''Cricket'' is a mobile network carrier that also sells Android phones. As they are a distributor of Android phones, which run Linux, they are required by law to distribute the source code to customers who ask for it. However, in practice, customers are actively turned away by customer support. They also do not have a webpage showcasing where to download source code.

;Qolsys
:Most of ''Qolsys''<nowiki/>'s products run Android, however when asking customer support for the source code for the ''IQ Panel 4'', they actively refused to provide it. When pressed they will ignore you. They also do not have a webpage showcasing where to download source code.

;Xiaomi
:[[Xiaomi]]'s devices are running Android, which is built on top of the [https://kernel.org Linux kernel]. Xiaomi does release the kernel sources for many of their devices in their [https://github.com/MiCode/Xiaomi_Kernel_OpenSource GitHub repository], but not for all.
:The kernel sources for some Xiaomi devices are unavailable, they include:
:*Redmi Note 13 4G/NFC
:*Redmi 13C 4G
:*Poco M5
:This, along with [[Xiaomi Phone unlock requirements and procedure]] prevents custom ROMs from being made for these devices.

==References==
<references />
[[Category:Xiaomi]]

Entities refusing to distribute copyleft licensed software under license terms

2025-09-07T17:47:58Z

Tenkuma: Removed TODO paragraph asking for page to be moved

{{StubNotice}}

Many open source licenses require entities to distribute their modyfied version of copyleft source code to customers that have bought their products and request for it. However, this practice is rarely enforced and some companies actively refuse to distribute source code in flagrant violation of the law.

TODO: Explain issue of "code bombs" including the Apple WebKit/KHTML situation

==Licenses==

===Permissive Licenses===
Permissive licensed software do not require distribution of source code. This means that if a company is using a permissive license, you can not request for their source code. Examples include:

*MIT
*BSD
*TODO (Add more)

===Copyleft Licenses===
Copyleft licenses give you the freedom to ask an entity for the source code. It does not matter if it is from the original vendor or from a distributor. Examples of such licenses include:

*GPL 2/3
*MPL
*TODO (Add more)

==Enforcers==
The [https://sfconservancy.org/ Software Freedom Conservancy] is a non profit organization in order to combat this issue. However, in practice, they usually have long lead times and encourage the user to file a suit instead.

==Bad Examples==

===Linux Kernel===
Refusing kernel source code is bad since customers don't get custom ROMs like LineageOS or Linux distributions like postmarketOS.

====Alarm.com====
Alarm.com is a SAAS company. They collaborate with multiple hardware vendors to get their security software running on their devices, which primarily run Android. In relation to Qolsys's experience, they actively refused to provide the Linux kernel source code. They also do not have a webpage showcasing where to download source code.

====AVM====
AVM is a German company that produces routers and smart home devices. While they disclosed their modified Linux Kernel source code, key build scripts were missing. It was only after they were sued by a software developer that they released them.<ref>{{Cite web |last=Faust |first=Mike |date=2025-01-11 |title=Auch Skripte für Kompilierung gehören zum Quellcode [Scripts for compilation are part of source code as well] |url=https://www.golem.de/news/klage-gegen-avm-auch-skripte-fuer-kompilierung-gehoeren-zum-quellcode-2501-192338.html |access-date=2025-09-03 |website=Golem}}</ref> 

====Cricket====
Cricket is a mobile network carrier that also sells Android phones. As they are a distributor of Android phones, which run Linux, they are required by law to distribute the source code to customers who ask for it. However, in practice, customers are actively turned away by customer support. They also do not have a webpage showcasing where to download source code.

====Qolsys====
Most of Qolsys's products run Android, however when asking customer support for the source code for the IQP4, they actively refused to provide it. When pressed they will ignore you. They also do not have a webpage showcasing where to download source code.

====Xiaomi====
[[Xiaomi]]'s devices are running Android, which is built on top of the [https://kernel.org Linux kernel]. The Linux kernel is licensed under the [https://www.gnu.org/licenses/old-licenses/gpl-2.0.en.html GPLv2],<ref>[https://github.com/torvalds/linux/blob/master/COPYING "Linux Copying Terms"] - github.com - accessed 2025-01-29</ref> which requires the source code of derivative works to be made available.<ref>[https://www.gnu.org/licenses/old-licenses/gpl-2.0.en.html "GNU GPL Clause 3a"] - gnu.org - accessed 2025-01-29</ref> Xiaomi does release the kernel sources for many of their devices in their [https://github.com/MiCode/Xiaomi_Kernel_OpenSource GitHub repository], but not for all.

The kernel sources for some Xiaomi devices are unavailable, they include:

*Redmi Note 13 4G/NFC
*Redmi 13C 4G
*Poco M5
*TODO: add more items

This, along with [[Xiaomi Phone unlock requirements and procedure]] prevents custom ROMs from being made for these devices.

==Good Examples==

===Google===
https://source.android.com/opensourcerequest

===Samsung===
https://opensource.samsung.com/uploadList?menuItem=mobile

==References==
<references />
[[Category:Xiaomi]]

Xiaomi's disclosure of kernel sources

2025-09-07T17:45:38Z

Tenkuma: Tenkuma moved page Xiaomi's disclosure of kernel sources to Entities refusing to distribute copyleft licensed software under license terms: Misspelled title

#REDIRECT [[Entities refusing to distribute copyleft licensed software under license terms]]

Entities refusing to distribute copyleft licensed software under license terms

2025-09-07T17:45:38Z

Tenkuma: Tenkuma moved page Xiaomi's disclosure of kernel sources to Entities refusing to distribute copyleft licensed software under license terms: Misspelled title

{{StubNotice}}

TODO: Please rename the title of this article to something like "Entities refusing to distribute copyleft licensed software". I do not have that permission (or I can't find how I can do it myself). Once done, please remove this TODO paragraph.

Many open source licenses require entities to distribute their modyfied version of copyleft source code to customers that have bought their products and request for it. However, this practice is rarely enforced and some companies actively refuse to distribute source code in flagrant violation of the law.

TODO: Explain issue of "code bombs" including the Apple WebKit/KHTML situation

==Licenses==

===Permissive Licenses===
Permissive licensed software do not require distribution of source code. This means that if a company is using a permissive license, you can not request for their source code. Examples include:

*MIT
*BSD
*TODO (Add more)

===Copyleft Licenses===
Copyleft licenses give you the freedom to ask an entity for the source code. It does not matter if it is from the original vendor or from a distributor. Examples of such licenses include:

*GPL 2/3
*MPL
*TODO (Add more)

==Enforcers==
The [https://sfconservancy.org/ Software Freedom Conservancy] is a non profit organization in order to combat this issue. However, in practice, they usually have long lead times and encourage the user to file a suit instead.

==Bad Examples==

===Linux Kernel===
Refusing kernel source code is bad since customers don't get custom ROMs like LineageOS or Linux distributions like postmarketOS.

====Alarm.com====
Alarm.com is a SAAS company. They collaborate with multiple hardware vendors to get their security software running on their devices, which primarily run Android. In relation to Qolsys's experience, they actively refused to provide the Linux kernel source code. They also do not have a webpage showcasing where to download source code.

==== AVM ====
AVM is a German company that produces routers and smart home devices. While they disclosed their modified Linux Kernel source code, key build scripts were missing. It was only after they were sued by a software developer that they released them.<ref>{{Cite web |last=Faust |first=Mike |date=2025-01-11 |title=Auch Skripte für Kompilierung gehören zum Quellcode [Scripts for compilation are part of source code as well] |url=https://www.golem.de/news/klage-gegen-avm-auch-skripte-fuer-kompilierung-gehoeren-zum-quellcode-2501-192338.html |access-date=2025-09-03 |website=Golem}}</ref> 

====Cricket====
Cricket is a mobile network carrier that also sells Android phones. As they are a distributor of Android phones, which run Linux, they are required by law to distribute the source code to customers who ask for it. However, in practice, customers are actively turned away by customer support. They also do not have a webpage showcasing where to download source code.

====Qolsys====
Most of Qolsys's products run Android, however when asking customer support for the source code for the IQP4, they actively refused to provide it. When pressed they will ignore you. They also do not have a webpage showcasing where to download source code.

====Xiaomi====
[[Xiaomi]]'s devices are running Android, which is built on top of the [https://kernel.org Linux kernel]. The Linux kernel is licensed under the [https://www.gnu.org/licenses/old-licenses/gpl-2.0.en.html GPLv2],<ref>[https://github.com/torvalds/linux/blob/master/COPYING "Linux Copying Terms"] - github.com - accessed 2025-01-29</ref> which requires the source code of derivative works to be made available.<ref>[https://www.gnu.org/licenses/old-licenses/gpl-2.0.en.html "GNU GPL Clause 3a"] - gnu.org - accessed 2025-01-29</ref> Xiaomi does release the kernel sources for many of their devices in their [https://github.com/MiCode/Xiaomi_Kernel_OpenSource GitHub repository], but not for all.

The kernel sources for some Xiaomi devices are unavailable, they include:

*Redmi Note 13 4G/NFC
*Redmi 13C 4G
*Poco M5
*TODO: add more items

This, along with [[Xiaomi Phone unlock requirements and procedure]] prevents custom ROMs from being made for these devices.

==Good Examples==

===Google===
https://source.android.com/opensourcerequest

===Samsung===
https://opensource.samsung.com/uploadList?menuItem=mobile

==References==
<references />
[[Category:Xiaomi]]

Xiaomi

2025-09-07T17:38:37Z

Tenkuma: remove ']' typo

{{InfoboxCompany
| Name = Xiaomi Corporation
| Type = Public
| Founded = 2010
| Industry = Consumer Electronics Computer Hardware Automotive
| Official Website = https://www.mi.com/
| Logo = Xiaomi logo (2021-).png
}}

[[wikipedia:Xiaomi|'''Xiaomi Corporation''']] is a Chinese multinational corporation and technology company headquartered in Beijing, China. It is best known for its consumer electronics, software, and electric vehicles. As of 2021, it is the second largest phone manufacturer in the world.<ref>{{Cite web |last=Pendlebury |first=Ty |date=16 July 2021 |title=Xiaomi overtakes Apple as the world's No. 2 smartphone-maker |url=https://www.cnet.com/tech/mobile/xiaomi-overtakes-apple-as-the-worlds-number-two-smartphone-maker/ |access-date=15 Mar 2025 |website=CNET}}</ref>

==Controversies==

===Kernel disclosure issues===
{{Main|Xiaomi's disclosure of kernel sources}}
Although Xiaomi's devices run on an operating system based on the [https://en.wikipedia.org/wiki/Linux Linux] kernel, which is licensed under [https://www.gnu.org/licenses/old-licenses/gpl-2.0.en.html GPLv2], the company does not disclose all of their operating system source code on GitHub, as required by GPL terms.

===Unlocking restrictions===
{{Main|Xiaomi Phone unlock requirements and procedure}}
Phones manufactured come with an unlockable bootloader, however the unlocking process is heavily restricted.

===Certain repairs require an '''authorized service Mi Account'''.===
For devices with a broken bootloader, recovery typically involves '''reflashing firmware''' through '''[[wikipedia:Qualcomm_EDL_mode|Emergency Download (EDL) mode]]''' (for Qualcomm-based devices) or '''Download Mode''' (for MediaTek-based devices). While '''Qualcomm''' and '''MediaTek''' provide software for these modes, they are only distributed internally to repair centers. However, '''open-source alternatives exist''' that can perform similar functions.

Despite this, '''Xiaomi has implemented additional restrictions''' by requiring '''online authentication''', which is exclusively provided to '''authorized repair centers'''. This prevents users from restoring their own devices in cases of severe software failure.<ref>{{Cite web |last=Siddiqui |first=Aamir |date=29 Feb 2020 |title=Xiaomi needs a better way to unbrick its devices instead of Authorized Mi Accounts |url=https://www.xda-developers.com/xiaomi-edl-unbrick-authorized-mi-accounts/ |access-date=15 Mar 2025 |website=XDA}}</ref>

===Electric vehicle conditional serialization===
Owners of the electric vehicle [[Xiaomi SU7]] report authentication errors after replacing parts such as headlights. Officials have said the Xiaomi SU7 can not complete over the air software updates unless upgradeable parts have Xiaomi approved identification keys.<ref>{{Cite web |last=Andrews |first=Mark |date=8 Aug 2024 |title=Xiaomi SU7 cannot do OTA due to changed lights, and owners worry about flooding their frunk |url=https://carnewschina.com/2024/08/08/xiaomi-su7-cannot-do-ota-due-to-changed-lights-and-owners-worry-about-flooding-their-frunk/ |access-date=15 Mar 2025 |website=CarNewsChina}}</ref><ref>{{Cite web |last=建嘉 |date=8 Aug 2024 |title=小米：SU7所有可升级件都有认证秘钥换副厂件后可能无法OTA |trans-title=Xiaomi: All upgradable parts of SU7 have authentication keys After replacing the analog parts, OTA may not be possible |url=https://news.mydrivers.com/1/996/996066.htm |access-date=15 Mar 2025 |website=Mydrivers |language=zh}}</ref>

===Advertisements in system apps===
[[File:Mi Video Scareware.jpg|thumb|268x268px|A scareware advert is shown in Mi Video when media playback is paused]]
Xiaomi devices come with several pre-installed first-party apps that contain advertisements, including full-screen deceptive scareware ads urging users to install malware. Workarounds exist to disable ads in some apps, including Mi File Explorer, Mi Browser, MIUI Downloads, MIUI Security, Mi Music, Mi Video and MIUI Themes.<ref>{{Cite web |last=jihad.ptk1 |date=1 Mar 2021 |title=Turn off ads on Xiaomi smartphones & MIUI using simple settings |url=https://c.mi.com/bd/post/10086 |access-date=15 Mar 2025 |via=Xiaomi Community}}</ref> In many of their phones such as cheaper Poco phones, a system app that can't be normally searched upon normal means called "MSA" should also be revoked or uninstall via ADB as it introduces ads most of the time a user opens up the phone.<ref>https://www.reddit.com/r/miui/comments/15jadut/revoking_msa_is_the_best_decision_in_my_phone/</ref>

Most of the aforementioned apps can be substituted for FOSS alternatives, but they cannot be uninstalled without advanced methods such as ADB.

===Sending user's browsing history to China===
In 2020, it was revealed that Xiaomi phones send vast amount of data to Xiaomi, including browsing history, folders opened and many other things users do on their phones. Xiaomi insists that privacy is not affected, but none of their statements really contradict the allegations of vast data collection.<ref>{{Cite web |last=Iyer |first=Kavita |date=2020-05-02 |title=Xiaomi Refutes Claims Of Secretly Sending Its User Data To China |url=https://www.techworm.net/2020/05/xiaomi-secretly-sending-user-data-china.html |access-date=2025-03-10 |website=Techworm}}</ref>

Most of the data is sent to servers in Singapore which belong to Chinese tech giant Alibaba Cloud. Users can verify themselves which connections are made by using the connection log feature in an app such as No Root Firewall, NetGuard or [https://f-droid.org/packages/net.kollnig.missioncontrol.fdroid/ Tracker Control]. This shows the phones sometimes suddenly getting really "chatty", at times in the middle of the night.

The only way to mitigate this is to [[Bootloader unlocking|use a custom ROM]] such as [https://www.e.foundation /e/] or [https://www.lineageos.org LineageOS]. Users who do not have the technical skill to do this should use an app like [https://f-droid.org/packages/net.kollnig.missioncontrol.fdroid/ Tracker Control] from the F-Droid store to limit connections and use an alternate browser such as Firefox (Google Play Store) or [https://f-droid.org/de/packages/org.mozilla.fennec_fdroid/ Fennec] (F-Droid store). Built-in applications should be avoided as much as possible.

===Links to the Chinese government===
As a Chinese company, Xiaomi is under direct control of the Chinese government. China is an autocratic dictatorship and a surveillance state, which users should take into consideration when using internet connected software and hardware products from the region. The company cannot deny requests from the Chinese state for user data and must collaborate unconditionally in state espionage cases. This law also applies extraterritorially and thus user data worldwide is affected.

Some phone models display a cartoon of Mitu, the Xiaomi mascot bunny performing maintenance on the iconic Android logo robot when booted into fastboot mode by holding down the corresponding button combination, which differs between phone models. This mascot is wearing an olive green fur hat that is part of the communist pioneer uniform and bears the characteristic red star on its front, emphasizing the patriotic stance of the company.<ref>{{Cite web |last=Ravichandran |first=Sudarshan |date=2021-11-25 |title=Xiaomi removes Mi Bunny from MIUI fastboot screen |url=https://www.gizmochina.com/2021/11/25/xiaomi-removes-mi-bunny-from-miui-fastboot-screen/ |access-date=2025-03-10 |website=Gizmochina}}</ref>

===Preinstalled bloat on smartphones===
Xiaomi smartphones out of the box run on their custom version of Android known as HyperOS (formerly MIUI) which comes bundled with a plethora of preinstalled first and third party apps. The preinstalled third party apps can be easily uninstalled with a few clicks whereas the same is not applicable for the preinstalled first party apps. The option to uninstall them is either greyed out or just outright missing, requiring advanced methods such as ADB to uninstall.

===Xiaomi Home===
Xiaomi's ecosystem of smart home devices is primarily managed through the '''Xiaomi Home''' (formerly Mi Home) application. Xiaomi does not provide a browser-based control panel for managing devices. Users must install the proprietary Xiaomi Home app on their smartphones. For desktop usage, the only workaround is to run an Android emulator, as there is no official native application for Windows, Linux, or macOS.<ref>{{Cite web |last=Chin |first=Sam |date=29 Aug 2025 |title=Which platforms does the Mi Home/Xiaomi Home APP support? |url=https://www.mi.com/global/support/faq/details/KA-515616/ |access-date=15 Mar 2025}}</ref>

===Xiaomi Fitness bands===
Xiaomi has a series of smart watches and fitness bands. While watches are expected to be used alongside a phone, requiring Bluetooth synchronization therefore activation, fitness bands such as the Mi Band series or Redmi Band series could be expected not being used with a phone for sports functions such as heart rate monitoring, steps counting and more. But they need pairing to be first turned on. Pairing requires installing the Mi Fitness app, agreeing to its terms and services and creating an account in order to use the device.

==References==
<references />
[[Category:Xiaomi]]