GDPR compliant version still phones home

I just tested AOMEI Backupper Free For GDPR Compliance (what a name!).

So, basically, this is just Backupper v4.1.0 Standard, with some nonsense about the GDPR. All the info that's included has no real meaning to the end user. QtNetwork4.dll and QtWebKit4.dll are included just to be able to show this "information":
AOMEI's mission is "Always Keep Global Data Safer". Data security and its protection are our priority. We are committed to providing users with products and services that are ready to be used in accordance with GDPR.
  * Examine our products and websites, and change the way of personal data collecting.
  * Ensure the appropriate, transparent and plain contractual privacy statement is in place.
  * Continue to invest in our infrastructure against security breaches.
  * Monitor the guidance around GDPR compliance and adjust our privacy if it changes.
The real difference is in the form of two sentences in the User Agreement, stating that the User Experience Program is optional. However, there is no way whatsoever to check whether the UX program is enabled or disabled from within Backupper, even though the User Agreement states that it should be possible to enable/disable this at any time. The file other.ini does include the setting
[UserExperience]
ExperienceValue=0
However, this exact value is also present in AOMEI Backupper Standard (non-GDPR) and there is no way to check if this setting is actually honored.

What's more, at every start-up, AOMEI Backupper still tries to phone home, even if "Check for updates automatically" is disabled (which can be configured from within Backupper, or in the file backuprecovery.ini via
[CheckUpdate]
AlwaysCheck=0

Conclusion

As far as I can see, there is no actual difference between Backupper Standard and the GDPR Compliance version, other than some vague statements in a dialog. Backupper GPDR still connects to the AOMEI servers at start-up and there is no new or improved way to control what is being sent. All this, combined with the fact that they're dedicating a whole page to these separate versions (and the accompanying publicity it got) makes it seem like it is merely a publicity stunt, without the actual implementation of changes towards the betterment of the end user's privacy.

Another possible explanation is that versions after v4.1.0 have new telemetry / data collection methods implemented, and that this older version is simply the only version that is still agreeable to be used by users in the European Union.

Comments

  • Hi, the GDPR version won't collect any user data.
  • edited December 2018
    1. If the GDPR version won't collect any data, why does it phone home, even when update checks are disabled?
    2. Why does the user agreement state that the UX program can be toggled on or off?
    3. Why is the GDPR version not the current version?
    4. What has changed in the later versions concerning data collection?
    5. What if a European user has the Pro version of Backupper, or even the more recent Standard version, (how) can they manage privacy settings?
  • Would you please respond?
  • Please check BackupRecovery.ini in "C:\ProgramData\AomeiBR".
    You can disable the UX program in Menu-->Settings.
    We haven't updated the GDPR version yet. If you disable the UX program in Pro version, it won't collect user data either.
  • Thanks for the response. Ah, this was some confusion on my end then: I take it the UX program can be turned off in the UI in versions newer than v4.1.0 (I'm still using v4.1.0 Pro) and indeed, the GDPR version is still at v4.1.0 (or v4.1.1).

    What still remains is that the program always phones home on start-up, even when both "Check for updates" and the UX program are disabled. Could you explain why?
  • How do you know it phones home on start-up?
  • Because the firewall blocks a connection by backupper.exe to 104.25.132.107:80 every time.

  • OK, we will test the issue, thank you for your feedback.
  • Thanks, really appreciate it! Would you please keep me posted here or at least mention any changes concerning this in the changelog? :)
  • @admin I would really appreciate some feedback. Have the latest versions been improved in this matter? How about a new GDPR version, too?
  • No, haven't been improved in this matter.
Sign In or Register to comment.