Xiaomi Reaffirms Commitment to Data Security and Privacy
Xiaomi, the world's leading consumer electronics and smart manufacturing company, recommitted itself to protecting customer data during its annual Security and Privacy Awareness Month completed today. It held employee training events and expert seminars at the Xiaomi Technology Park in Beijing, China and at Xiaomi's Technology Operation Center in Singapore.
This was the third consecutive year
that it held special classes for its engineers and other employees and
led discussions with industry executives, IT security experts, and the
public about the importance of data security
and user privacy protection. Xiaomi also released updated white papers
on security and privacy along with its annual transparency report
detailing its data security activities.
The purpose of the month-long series of events was to bolster its user security and privacy protection practices and to build trust in Xiaomi’s products through transparency and accountability.
Xiaomi has built a comprehensive
governance structure to protect data security and user privacy. This
involves cooperation between cybersecurity experts, smartphone operating
system engineers, lawyers, and legal compliance
experts. Overseeing these specialists is a Security and Privacy
Committee led by senior executives.
Cui Baoqiu, Xiaomi Vice President and Chairman of the Xiaomi Security and Privacy Committee, called data security and user privacy protection a key to the long-term, sustainable development
of the company's global business. "Protecting the data security and
privacy of our users is the top priority,” he said. “Our customers care
about this issue more than any other. Xiaomi is committed to offering
safe and reliable Android smartphones and IoT
Eugene Liderman, Director of Android Security Strategy of Google, highlighted Xiaomi's contribution to the Android system. "One
of Android's biggest strengths is the diverse ecosystem of
partners. Xiaomi is a great example of this and it's great to see their
continued investment in cyber security hygiene across their product
portfolio", he added.
Professor Liu Yang, School of Computer Science and Engineering, Nanyang Technological University, said, "As the security challenge is becoming the focus of many technology discussions, industry stakeholders attach more importance to the urgency of managing vulnerabilities at hardware, software and even in the massive open source space. Xiaomi has made tremendous effort to address the issue, safeguarding users with technology expertise, and continuously exploring new methods for better data protection."
With the world's largest consumer
IoT platform, Xiaomi is constantly working to improve IoT security and
privacy protections. Xiaomi held its fifth annual IoT security summit on
June 29 and 30 in Beijing. Industry executives
and experts discussed a wide range of issues from data security
governance frameworks and cross-border data transfers to the security of
internet-connected electric vehicles and solutions for software supply
chain security threats.
During the June event, Xiaomi announced that its Electric Scooter 4 Pro obtained
IoT Security Rating Gold level certification from Underwriter
Laboratories Inc, an international safety research institute based in
the U.S. This designation made Electric Scooter 4 Pro the world's first
electric scooter with such a high-level safety
rating. The certificate also indicated that the security baseline of
Xiaomi's IoT product development is in line with international
Xiaomi created its Security and
Privacy Committee in 2014. In 2016, Xiaomi became the first Chinese
company to receive certification from TrustArc. Xiaomi adopted the
General Data Protection Regulation (GDPR) of European
Union compliance assessment in 2018. In 2019, Xiaomi security and
privacy practices were certificated on ISO/IEC 27001, ISO/IEC 27018.
Last year, Xiaomi published its first transparency report, making it the
first Android smartphone brand to do so. Xiaomi
this year obtained the certificate of registration of NIST CSF
(National Institute of Standards and Technology, Cybersecurity
Framework), further strengthening its data security protection