Xiaomi celebrates Security and Privacy Awareness Month and two Privacy Whites
book* demonstrates its commitment to being the industry's leading safety and security
data protection standards.
Xiaomi organised Security and Privacy Awareness Month at the Xiaomi Science and Technology Park. During its June activities, Xiaomi showcased its information security and privacy practices to employees, industry leaders, industry experts and the public, and published white papers* on security and privacy, in addition to a data security transparency report. The second edition of Xiaomi Security and Privacy Awareness Month was held, this year under the theme "Security is our shared responsibility. Always think before you act". Xiaomi's main objective was to demonstrate its commitment to following industry-leading security and privacy standards and to transparency.
Cui Baoqiu, a Xiaomi alelnöke és a Xiaomi Biztonsági és Adatvédelmi Bizottságának elnöke elmondta: “Vezető Android okostelefon-gyártóként nagy felelősségünk van abban, hogy tájékoztassuk a fogyasztókat arról, hogyan kezeljük személyes adataikat, és mit teszünk azok védelméért. Büszkén mondhatjuk, hogy a Xiaomi világszínvonalú szabványokat tart be a biztonság, az adatvédelem és az átláthatóság terén.”
Protecting users' data and privacy has always been a priority at Xiaomi. Xiaomi established its Security and Privacy Committee in 2014, and in 2016 Xiaomi became the first Chinese company to receive TrustArc certification. Xiaomi has been using the European Union General Data Protection Regulation (GDPR) compliance assessment since 2018. In 2019, Xiaomi's security and privacy practices were certified to ISO/IEC 27001, ISO/IEC 27018 and the first version of the MIUI Security and Privacy White Paper was published.
Az idei egy hónapos program során az alkalmazottak és a látogatók a biztonsággal és az adatvédelemmel kapcsolatos tudásra tehettek szert interaktív módon, ezek között szerepelt az is, hogyan védhetik személyes adataikat. Az alkalmazottak a Xiaomi Biztonsági Akadémiájának óráin is részt vehettek, amelyek különböző részlegeket érintő témaköröket fedtek le, például “Hogyan tartsuk be az adatvédelmet a termékfejlesztés során”, “Általános biztonsági kutatás és fejlesztés”, “Üzleti kockázatok ellenőrzése”, stb. A Xiaomi Cup CTF verseny lehetőséget kínált több ezer mérnöknek, hogy “hackerként” lépjenek fel, és részt vegyenek egy kódolási versenyen az adatvédelmi kihívások megoldására. A vállalat az International Association of Privacy Professionals (IAPP) által tanúsított oktatókat is felkérte, hogy tartsanak szakmai képzést az alkalmazottak számára.
Xiaomi held an IoT security and privacy panel discussion with industry experts on security and privacy. Participants included Margaret Honda, Global Head of Research at IAPP, Brad Ree, Chief Technology Officer at ioXt, David Mudd, Global Director of Digital Product Certification at BSI, Scott Roberts, Director of Android Security Assurance at Google, Richard Watson, Senior Partner at EY APAC Cybersecurity Risk Management, and Paul Breitbarth, Global Director of Policy and EU Strategy at TrustArc.
Richard Watson, Senior Partner at EY APAC Cybersecurity Risk Management, noted that consumers expect their data to be collected and stored securely. The most important factors when sharing personal data with organisations are secure collection and storage processes (63%), control of the data shared (57%) and trust (51%). Paul Breitbarth, Director of Global Policy and EU Strategy at TrustArc, provided advice to organisations on the international transfer of user data and discussed the importance of ensuring that data exporters provide a substantially equivalent level of data protection by complying with international laws
and other verifiable measures.
Two important documents on data protection were published during the month. The MIUI privacy white paper and the Xiaomi loT privacy white paper, which summarises Xiaomi's privacy policies and practices in MIUI and IoT products. They describe what user data is collected and how it is used and protected. These documents are available at Xiaomi's trust center, the https://trust.mi.com/ are available on the website. Xiaomi has also published its 2020 Transparency Report on the https://trust.mi.com/ which details the data requests received from governments and law enforcement agencies around the world and how Xiaomi has responded to these requests.
Transparency, accountability, user control, security and compliance are all part of Xiaomi's privacy principles. Xiaomi complies with local laws in all markets where it does business. It will never stop making safe and reliable products around the world, in order to make life better for everyone through innovative technologies.
*A white paper is a publication that expresses what an organisation/movement/party etc. considers to be an official opinion on a subject.
