According to the study, proprietary variants of Google’s Android system developed by popular vendors like Samsung, Xiaomi, Huawei and Realme send “substantial amounts” of information to these manufacturers as well as third party firms whose apps come pre-installed in these devices.
In the study, which was published on Monday, researchers from Trinity College Dublin and the University of Edinburgh found that the data silently collected by these companies was linked to “long-lived identifiers” like the device’s IMEI code (the unique number linked to a device’s SIM card slot) and other hardware serial numbers. In some cases, the MAC address generated by the user’s WiFi network was also transmitted.
As well, the manufacturers and Google reportedly collect a list of all the apps installed on the handset, raising privacy concerns since this is potentially sensitive information that can reveal “user interests and traits,” for instance, the use of a mental health application or a political news app.
The study noted that such apps may be unique to a small number of handsets – meaning they could act as a “device fingerprint” when combined with widely-collected hardware configuration data. This data collection occurs even if users enable privacy settings.
Raising concerns about a “data ecosystem” where information collected from a handset by different companies is shared and cross-linked, the researchers found that Samsung, Xiaomi, Realme and Google also collect advertising identifiers – such as Google’s Advertising ID – that are “user-resettable.”
This “largely undermines” the privacy benefits supposedly enjoyed by Android users pressing the ‘reset’ button to opt out of personalized ads on their devices – since the new identifier can apparently be “trivially re-linked back to the same device.” For example, during a test on a Samsung handset, the researchers found that the device’s Google Advertising ID had been stored on Samsung servers.
In addition, pre-installed software like the GApps package – which includes Google Play Services, Google Play store, Google Maps and YouTube, among others – send a “considerable volume” of data back to Google. The study notes that the content of this information is “unclear [and]not publicly documented” with the tech giant confirming that there is “no opt out” from this data collection. Similarly, Facebook and Microsoft apps (like LinkedIn) come pre-installed in most Android devices.
Some device vendors also collect user interactions with the handset with Xiaomi receiving details of all app windows viewed by a consumer, including when and how long they used. Brinkwire Summary News. For more information, search on the internet.