I truly don't understand, from a security and privacy perspective, why would anyone outside of China would voluntarily choose to run closed-source software from a company that's subject to domestic laws and regulations in China. The MSS is no joke.
https://www.google.com/search?client=firefox-b-d&q=china+mss...
This is the same reason that Zoom is banned at my workplace and many other partner companies.
You've actually got two problems here. One is the commercial advertising/for-profit related data sharing problem described in the article. The second is that Xiaomi, as a company with that collected data resident in China on its servers, is obliged to provide a pipeline for a copy of their database to the MSS upon request.
I agree with your statement, but I'd like to get it a bit further. Why run any closed-sourced software from (or have servers in) countries that can request you data without a fair trial (e.g. secret courts). I feel just as uncomfortable about national security letters and the NSA/CIA as the MSS, this from someone who is not living in China or the US.
I do think this shows the perks of open source software and being able to self-host or federated solutions.
Can you tell me which countries definitely won't force you to secretly do things you don't want to in matters of national security?