Apple of course is famous for storing your location data and sending it to an Apple server every ten minutes whether the phone is in use or not. It sends the data to Apple servers in the USA. Android sends stuff to Google, also in the USA. Unless you bought an off-shore phone.
Kryptowire, the security firm that discovered the vulnerability, said the Adups software transmitted the full contents of text messages, contact lists, call logs, location information and other data to a Chinese server. The code comes preinstalled on phones and the surveillance is not disclosed to users, said Tom Karygiannis, a vice president of Kryptowire, which is based in Fairfax, Va. "Even if you wanted to, you wouldn't have known about it," he said.
Security experts frequently discover vulnerabilities in consumer electronics, but this case is exceptional. It was not a bug. Rather, Adups intentionally designed the software to help a Chinese phone manufacturer monitor user behavior, according to a document that Adups provided to explain the problem to BLU executives. That version of the software was not intended for American phones, the company said.
Sure. "...was not intended for American phones..." Uh huh. If you believe that, I can get you a deal on this nice bridge in Brooklyn NY.