A new study has found that Android smartphones from popular vendors in China come preinstalled with spyware applications that collect a wide range of personal data without user consent. 

Researchers Haoyu Liu and Paul Patras of the University of Edinburgh and Douglas Leith of Trinity College in Dublin made the discovery after conducting an in-depth analysis of flagship phones from Xiaomi, Oppo Realme and OnePlus.

The study, “Android OS Privacy Under the Loupe – A Tale from the East,” revealed that the preinstalled apps send large amounts of personally identifiable information to device vendors and Chinese mobile network operators, including those not providing service to the phone. The collected data included persistent device and location identifiers, user profiles and social connections.

Chinese smartphone brands have taken a bigger share of the global market in recent years, with newer models gaining a reputation for being powerful yet affordable. With the study results, the researchers are calling for “tighter privacy controls to increase the ordinary people’s trust in technology companies,” highlighting that many are “partially state-owned.”

Based on the findings, the phones sold in China have three to four times more preinstalled third-party apps with eight to 10 times as many permissions than phones distributed in other countries.

The list of questionable apps included a variety of navigation and input apps, as well as various news, video streaming and online shopping apps that came with the Chinese firmware out of the box.

The study’s authors point out that users in China have virtually zero privacy and anonymity considering every phone number in the country is registered with a citizen ID. The researchers also warned of potential tracking, even if users travel abroad.