The Lithuanian government’s recommendation that its citizens throw away Chinese smartphones, singling out devices from Xiaomi Corp for their censorship capabilities, raises a red flag for the continued business expansion of these tech companies across Europe, according to analysts.
Last week, a report by the Lithuanian defence ministry’s National Cyber Security Centre (NCSC) alleged that Xiaomi’s Mi 10T 5G smartphone, which is widely sold in Europe, has a built-in ability to detect and censor terms such as “Free Tibet”, “Long live Taiwan independence” or “democracy movement”.
“If the issue is contained in Lithuania, then the impact is small [for Xiaomi],” said Dan Baker, senior vice-president at Morningstar Research Services. “Lithuania only has around 3 million people.”
He indicated, however, that “if other countries, or even the EU, come to similar conclusions then the impact would be more significant for Xiaomi and the other key Chinese smartphone manufacturers”.
Following the Lithuanian government’s findings, Germany’s cybersecurity watchdog the Federal Office for Information Security, known as BSI, said it has already started technical examination on a smartphone model from Xiaomi, according to a report by Reuters on Wednesday.
“Political tensions between China and the West play a critical role” in the cybersecurity investigations of Lithuania and Germany,” said Linda Sui, senior director of smartphone research at Strategy Analytics.
Tensions between Vilnius and Beijing have simmered since the Baltic country’s decision in July to allow self-governing Taiwan to open an office in its capital under its own name. Ties between Germany and China, meanwhile, are seen heading into the unknown, as chancellor Angela Merkel steps down from office this year.
The stakes are high for Xiaomi to overcome the negative impact from Lithuania and Germany’s investigation of its flagship devices. The Beijing-based company aims to surpass Samsung Electronics to become the world’s largest smartphone vendor in three years.
Xiaomi has denied censoring users of its smartphones. “Xiaomi has never and will never restrict or block any personal behaviour of our smartphone users, such as searching, calling, web browsing or use of third-party communications software,” a company statement released last week said.
The NCSC’s report, which also analysed Huawei Technologies Co’s P40 and OnePlus’ 8T 5G smartphones, said the list of terms which could be censored by the Xiaomi smartphone’s system apps, including the default Mi Browser, currently includes 449 terms in Chinese and is continuously updated.
The function at the centre of that report, however, is advertising management software, which is used to shield users from unwanted content including pornography, violence and hate speech, according to a Xiaomi spokesman. It is “common in the smartphone and internet industry worldwide”, the spokesman said.
Earlier this week, Xiaomi said it has engaged an independent third-party expert to assess the points raised by the Lithuanian government’s report about the censoring feature on its smartphone.
“As long as the US government does not put Xiaomi and other Chinese brands on its Entity List, unlike what Huawei and ZTE have experienced, the impact [of the cybersecurity investigations] would be manageable,” Sui from Strategy Analytics said.
The US government removed ZTE from its trade blacklist in March 2017, while Huawei has been under US sanctions since May 2019.
Although “filtering advertisements is a more logical conjecture” in the case of the Xiaomi management software in question, “we need more prudence and investigation to determine what the [prohibited terms] list was actually used for”, said Tony Chen, a veteran programmer of Android smartphone systems.
It is also not logical for Chinese smartphone makers to develop censorship functions, according to Chen. “It’s kind of meaningless because the Great Firewall of China is already doing its job [of censorship]. I don’t think smartphone makers have any reasons to invest time and resources on this,” he said. Still, a number of Chinese mobile browsers have restricted user access to online content that are not covered by the Great Firewall.
The cybersecurity investigations by Lithuania and Germany also show that different countries have different compliance requirements. There will be differing opinions on smartphone functions from different groups within all countries, including China, according to Baker from Morningstar.
Germany is Xiaomi’s second-largest market in Europe, according to data from tech research firm Canalys. The country made up 10 per cent of Xiaomi’s total market share in Europe, with 9.2 million smartphones shipped in the first half this year.
In the same period, Xiaomi had a 45 per cent share of Lithuania’s smartphone market, according to Canalys. It said Lithuania accounted for just 0.4 per cent – about 400,000 smartphone shipments in the first half – of Xiaomi’s total European business.
“There is a stereotype that Chinese brands haven’t done enough in data privacy or protecting consumer rights, which cannot be solved in a short period of time,” said Nicole Peng, vice-president of mobility at Canalys. She indicated that the major Chinese smartphone vendors still do not have the long experience that the likes of Samsung and Apple have in doing business with highly regulated enterprises such as banks.
“Putting more effort into the enterprise sector, which usually means coordinating with governments, may help these consumer electronic brands get an understanding of how to operate in a highly regulated environment and build trust,” Peng said.