Data Harvesting by Most Phones
Espionage Data Harvesting
[https://apnews.com/828aefab64d4411bac257a07c1af0ecb/AP-Exclusive:-Google-tracks-your-movements,-like-it-or-not AP Exclusive: Google tracks your movements, like it or not]:
<blockquote>Google wants to know where you go so badly that it records your movements even when you explicitly tell it not to.
An Associated Press investigation found that many Google services on Android devices and iPhones store your location data even if you’ve used a privacy setting that says it will prevent Google from doing so.
Computer-science researchers at Princeton confirmed these findings at the AP’s request.</blockquote>
Quote <ref name=research-paper-one>
The research paper https://www.scss.tcd.ie/Doug.Leith/pubs/contact_tracing_app_traffic.pdf is about contact tracing apps but the analysis of Google Play Services which runs by default on all stock android devices applies with or without any installed contact tracing apps.
<blockquote>Google therefore gathers detailed, fine-grained information on how the handset is being used and can link this data to the handset hardware, SIM and user email. When combined with the fine-grained location tracking via IP address made possible by the frequent nature of the requests Google Play Services makes to Google servers its hard to imagine a more intrusive data collection setup.</blockquote>
In research paper [https://www.scss.tcd.ie/Doug.Leith/Android_privacy_report.pdf Android Mobile OS Snooping By Samsung, Xiaomi, Huawei and Realme Handsets] lots of default data harvesting has been observed even if users use the highest privacy settings.
<div class="use-2-columns strict-list-columns mw-collapsible-content">
* what apps are used and when,
* what app screens are viewed,
* a time history of the app windows viewed
* timing and duration of phone calls, SMS texts
* logs when the keyboard is used within an app
* <u>undeletable apps:</u> some non-essential apps are undeletable.
* <u>forced autostart:</u> some non-essential apps are automatically started in the background without user consent or awareness. <ref>
<blockquote>It is worth noting that much of the functionality of the Android OS3 is provided by so-called system apps. These are privileged pre-installed apps that the OS developer bundles with the OS. System apps cannot be deleted (they are installed on a protected read-only disk partition) and can be granted enhanced rights/permissions not available to ordinary apps such as those that a user might install. It is common for Android to include pre-installed third-party system apps, i.e. apps not written by the OS developer. One example is the socalled GApps package of Google apps (which includes Google Play Services, Google Play store, Google Maps, Youtube etc). Other examples include pre-installed system apps from Microsoft, LinkedIn, Facebook and so on. We intercept and analyse the data traffic sent by the Android OS, including by pre-installed system apps, in a range of scenarios.</blockquote>
** Examples: Google Play Services, Google Play store, Google Maps, Youtube, etc. Other examples include pre-installed system apps from Microsoft, LinkedIn, Facebook.
** <u>These forcibly autostarted and undeletable applications into the background are phoning home to their vendor and leaking data.</u>
* <u>hardware identifiers:</u> IMEI, the hardware serial number, the SIM serial number, the WiFi, MAC address, and the user email address. These are all long-lived hardware identifiers that do not change between reinstalls of the app or even factory reset of the handset.
* <u>The list of installed apps:</u> <blockquote>Potentially sensitive information since it can reveal user interests and traits, e.g. a muslim prayer app, an app for a gay magazine, a mental health app, a political news app.</blockquote>
* <u>Unknown data harvesting:</u> <blockquote>On all of the other handsets the Google Play Services and Google Play store system apps send a considerable volume of data to Google, the content of which is unclear, not publicly documented and Google confirm there is no opt out from this data collection.</blockquote>
* <u>Extend of data harvesting intentionally hidden from researchers through code obfuscation:</u> <blockquote>This has also been observed in other recent studies [https://www.scss.tcd.ie/Doug.Leith/pubs/contact_tracing_app_traffic.pdf (6)], which also note the opaque nature of this data collection (no documentation, binary encoded payloads, obfuscated code).</blockquote>
Quote <ref name=research-paper-one />:
<blockquote>Recall that as far as we can tell this data collection is enabled simply by installing Google Play Services, even when all other Google services and settings are disabled.</blockquote>
Apple iPhone iOS also harvests lots of private information. See research paper [https://www.scss.tcd.ie/doug.leith/apple_google.pdf Mobile Handset Privacy: Measuring The Data iOS and Android Send to Apple And Google].
<blockquote>the lack of an opt out from this data collection seems in conflict with GDPR.</blockquote>
* https://therecord.media/google-collects-20-times-more-telemetry-from-android-devices-than-apple-from-ios/
* https://digitalcontentnext.org/blog/2018/08/21/google-data-collection-research/
* https://digitalcontentnext.org/wp-content/uploads/2018/08/DCN-Google-Data-Collection-Paper.pdf
Inescapable Data Harvesting
<blockquote>No opt-out. As already noted, this data collection occurs even though privacy settings are enabled. Handset users therefore have no easy opt out from this data collection.</blockquote>
The study was run under fair conditions. Quote:
<blockquote>We assume a privacy-conscious but busy/non-technical user, who when asked does not select options that share data but otherwise leaves handset settings at their default value. This means that the user has opted out of diagnostics/analytics/user experience improvement data collection and has not logged in to an OS vendor user account. The user also does not make use of optional services such as cloud storage, find my phone etc. Essentially, the handset is just being used to make and receive phone calls and texts. This provides a baseline for privacy analysis, and we expect that the level of data sharing may well be larger for a less privacy-conscious user and/or a user who makes greater use of the services on a handset.</blockquote>
Phones operating systems should be providing privacy by default. The user shouldn't be required to choose the right option for best privacy for lots of questions during the first time setup. But even if users choosing the the best privacy settings, lots of data harvesting was found.
extensive data collection is unnecessary
Extensive data collection by a mobile operating system is neither necessary nor essential. Quote:
<blockquote><code>/e/OS</code> collects almost no data</blockquote>
<blockquote>However, it is hard to justify the necessity of such data collection, i.e. that users should have no opt-out, when two mobile OSes adopt an opt-in approach.</blockquote>
<blockquote>Finally, it is worth noting that it is hard to see why data collection for diagnostics cannot be carried out in a fully anonymous manner, without any use of long-lived identifiers.</blockquote>
This is not an endorsement because <code>/e/OS</code> has not been fully reviewed on this wiki yet. See also [[Mobile_Operating_System_Comparison#/e/|/e/]].
Quote [https://www.scss.tcd.ie/Doug.Leith/Android_privacy_report.pdf Android Mobile OS Snooping By Samsung, Xiaomi, Huawei and Realme Handsets]:
<blockquote>Recording of user interactions with handset. System apps on several handsets upload details of user interactions with the apps on the handset (what apps are used and when, what app screens are viewed, when and for how long). The effect is analogous to the use of cookies to track users across web sites. On the Xiaomi handset the system app com.miui.analytics uploads a time history of the app windows viewed by the handset user to Xiaomi servers. This reveals detailed information on user handset usage over time, e.g. timing and duration of phone calls. Similarly, on the Huawei handset the Microsoft Swiftkey keyboard (the default system keyboard) logs when the keyboard is used within an app, uploading to Microsoft servers a history of app usage over time. Again, this is revealing of user handset usage over time e.g. writing of texts, use of the search bar, searching for contacts. Several Samsung system apps use Google Analytics to log user interactions (windows viewed etc). On the Xiaomi and Huawei handsets the Google messaging app (the system app used to send and receive SMS texts) logs user interactions, including when an SMS text is sent. In addition, with the notable exception of the /e/OS handset, Google Play Services and the Google Play store upload large volumes of data from all of the handsets (at least 10× that uploaded by the mobile OS developer). This has also been observed in other recent studies [https://www.scss.tcd.ie/Doug.Leith/pubs/contact_tracing_app_traffic.pdf (6)], which also note the opaque nature of this data collection.</blockquote>
<blockquote>Details of installed apps. Samsung, Xiaomi, Realme, Huawei, Heytap and Google collect details of the apps installed on a handset. Although less worrisome than tracking of user interactions with apps, the list of installed apps is potentially sensitive information since it can reveal user interests and traits, e.g. a muslim prayer app, an app for a gay magazine, a mental health app, a political news app. It also may well be unique to one handset, or a small number of handsets, and so act as a device fingerprint (especially when combined with device hardware/system configuration data, which is also widely collected). See, for example, [https://www.usenix.org/system/files/sec19-pham.pdf (9)], [https://dl.acm.org/doi/10.1145/3387905.3388594 (10)] for recent analyses of such privacy risks and we note that in light of such concerns, Google recently introduced restrictions on Play Store apps collection of this type of data4 , but such restrictions do not apply to system apps since these are not installed via the Google Play store.</blockquote>
<blockquote>Who Is Collecting Data?
1) Mobile OS Developers: We observe that Samsung, Xiaomi, Realme and Huawei all collect data from user handsets, despite the user having opted out of data collection/telemetry/analytics and making no use of services offered by these companies. This data is tagged with long-lived identifiers that tie it to the physical device, including across factory resets.</blockquote>
<blockquote>2) Pre-installed Third-Party System Apps: System apps are pre-installed on the /system partition of the handset disk. Since this partition is read-only, these apps cannot be removed. They are also privileged in the sense that they can be assigned permissions without needing user consent, be silently started, etc.</blockquote>
<blockquote>The Samsung handset studied also contains pre-installed system apps from Microsoft that send handset telemetry data to mobile.pipe.aria.microsoft.com, app.adjust.com (a third-party analytics company17) and use Firebase push messaging. A LinkedIn (now owned by Microsoft) system app also sends telemetry to www.linkedin.com/li/track. This third-party data collection occurs despite no Microsoft/LinkedIn apps were ever opened on the device, and no popup or request to send data was observed.</blockquote>
<blockquote>In addition to mobile operator system app sharing data on the Xiaomi handset, a pre-installed Facebook app collects data.</blockquote>
<blockquote>3) Google System Apps (GApps):</blockquote>
<blockquote>It is known that Google Play Services and the Google Play store send large volumes of handset data to Google and collect long-lived device identifiers, although until recently there has been a notable lack of measurement studies (see [https://www.scss.tcd.ie/Doug.Leith/pubs/contact_tracing_app_traffic.pdf (6)], [https://www.scss.tcd.ie/doug.leith/apple_google.pdf (16)]). Other Google apps such as YouTube and Gmail also send handset data and telemetry to Google. It is worth noting that the volume of data uploaded by Google is considerably larger than the volume of data uploaded to other parties.</blockquote>
<blockquote>Recall that this is despite the “usage & diagnostics” option being disabled for Google services on all handsets (and also the diagnostics/analytics options also being disabled for the mobile OS developers, see Section IV-B). Note however that from a privacy viewpoint it is not the volume of data that is primarily of concern, but rather the contents of that data and the frequency with which it is sent.</blockquote>
'''Figure:''' ''Data harvesting with settings already configured for highest privacy''
[[File:data collection summary.jpg]]
With such an extreme amount of data harvesting ongoing that cannot be disabled it was difficult for the author of this wiki page to decide which quotes are the most most relevant and intrusive. The reader might enjoy reading the research paper [https://www.scss.tcd.ie/Doug.Leith/Android_privacy_report.pdf Android Mobile OS Snooping By Samsung, Xiaomi, Huawei and Realme Handsets] for themselves for more detail.
or create an account