Firmware analysis reveals 24 hardcoded telemetry endpoints including config.samsungads.com, analytics.samsungknox.com, samsung.telemetry.eyeo.com, log-ingestion.samsungacr.com, and devicelog.samsungcloudsolution.net. These endpoints are built into the operating system and cannot be disabled by the user without root access or DNS-level blocking. Additionally, Google telemetry endpoints (play.googleapis.com, app-measurement.com, firebaselogging-pa.googleapis.com) and Facebook endpoints (graph.facebook.com, mqtt-mini.facebook.com) are hardcoded alongside Samsung's own. The Samsung Customisation Service is enabled by default and tracks app usage frequency, time, and duration.

The Doubao Phone, built by ByteDance and ZTE (Nubia M153), uses system-level INJECT_EVENTS permission — normally reserved for the operating system itself — to simulate human taps across any app on the device. The AI can read screens, press buttons, navigate apps, and execute actions as if it were you. It maintains a "global memory" tracking all device activity. WeChat forcibly logged out Doubao Phone users. Alipay and banking apps blocked it. ByteDance temporarily suspended the AI's access to banking and payment functions. 30,000 units sold out immediately. An AI with the same permissions as the operating system, touching your banking app, reading your messages, pressing buttons on your behalf.

Google Play Services (com.google.android.gms) runs as a privileged system process with 56 permissions including ACCESS_BACKGROUND_LOCATION, READ_SMS, READ_CALL_LOG, READ_CONTACTS, RECORD_AUDIO, CAMERA, BODY_SENSORS, READ_LOGS, and PACKAGE_USAGE_STATS. This service CANNOT be uninstalled, disabled, or permission-restricted by the user. It starts at boot (RECEIVE_BOOT_COMPLETED) and ignores battery optimization (REQUEST_IGNORE_BATTERY_OPTIMIZATIONS). The "choice" Google offers does not extend to the most invasive data collection channel on the device.

Firmware contains 9 hardcoded tracking/analytics endpoints including tracking.miui.com, data.mistat.xiaomi.com, sdkconfig.ad.xiaomi.com, and api.ad.xiaomi.com. Trinity College Dublin research confirmed these endpoints receive IMEI, hardware serial number, and installed app lists — persistent hardware identifiers that cannot be anonymized and survive factory resets. Even with analytics opted out, core telemetry continues.

Apple's law enforcement guidelines (updated October 2025) confirm Apple can provide to law enforcement: iCloud account data, iCloud backups, device registration, Apple ID purchase history, and connection logs. Advanced Data Protection (which would prevent this) is opt-in and most users never enable it. Apple complied with 93% of government data requests in H2 2020. In 2022 Apple admitted providing user data to hackers who forged emergency law enforcement requests. Default iCloud backups contain messages, photos, health data, and location history — all accessible to Apple and law enforcement.

OPPO is a subsidiary of BBK Electronics (Guangdong), which also owns OnePlus, Vivo, and Realme. All four are subject to China's National Intelligence Law Article 7 and Data Security Law. BBK's corporate structure obscures the shared ownership.