For one, the report notes that the Tecno Y2, in particular, is shipped to East Africa with pre-installed apps that users cannot always uninstall. Its version of Android, which is from 2013, no longer receives security updates, and contains more than 200 known vulnerabilities, according to the report released on August 12.
The phone also comes with pre-installed apps that the users cannot uninstall. What this means is that the privacy and security of people using Tecno’s Y2 phones can be at risk.
In the report, Caitlin Bishop, the project lead of Privacy International’s work on low-cost technology, notes that it is unacceptable that Tecno are selling phones that expose users to significant risks.
“Tecno should ensure that the phones they are selling don’t come with antique operating systems, and that customers know when their phone will stop receiving security support. Tecno should stop putting users’ privacy and security at risk,” he says.
Privacy International is a London-based charity that campaigns against companies and governments which exploit data and technologies. Tecno is a phone manufacturer based in Shenzhen, China and hold a 47 per cent market share in East Africa. They are subsidiary of Transsion Holdings and also sell phones under the Itel and Infinix brands.
Grace Mutung’u, a research fellow with the Centre for Intellectual Property and Information Technology Law at Strathmore University, Kenya, further observes; “Having conducted research on privacy and data protection practices of digital lending apps, we also noted that phones for the African market come with pre-installed apps. From a data protection law perspective, users should not be opted into third-party apps that possibly collect data for commercial purposes,” she says.
Meanwhile, Dorothy Mukasa, the executive director of Unwanted Witness, says Tecno users deserve better. “They deserve devices that are secure, rather than ones that put their privacy and security at risk. Tecno need to make clear to consumers what they’re buying, including if it’s an old, out-of-date, and insecure phone,” she says.
The report also contains several recommendations for Tecno, which include shipping phones with a supported version of the Android operating system, support the longevity of their devices and, therefore, combat e-waste.
“They must tell consumers, at the point of sale, how long their device will be supported, provide regular updates to the device, and notify users when continuing to use a device poses a risk to their privacy or security,” the report says.
“Tecno should minimise the amount of bloatware, superfluous apps and other extras that come pre-installed on their phones. Whenever bloatware is included, it should exist in the user partition and, therefore, be visible to and removable by the user.”