wordpress blog stats
Connect with us

Hi, what are you looking for?

Google has been sending data from calls and messages on Android to its servers, research finds

The data logged by Google can be pieced together to reveal the identities of users in the real world, the paper claimed.

New research has found that Google has been collecting data about calls and text messages through its Android operating system. Google has used Android apps to export data to its servers but without informing users or obtaining their consent, claimed the research paper authored by Professor Douglas J Leith, a researcher at the Trinity College of Dublin.

When an SMS message is sent/received, the Google Messages app sends a message to Google servers recording this event with the time when the message was sent/received and a truncated SHA256 hash of the message text. “The latter hash acts to uniquely identify the text message. The message sender’s phone number is also sent to Google, so by combining data from handsets exchanging messages the phone numbers of both are revealed,” the research paper read.

It also said that when a phone call is made/received through the Google Dialer app, the app logs this event to Google servers together with the time and the duration of the call.

It would be interesting to examine these practices through the lens of existing laws such as the European Union’s GDPR or even India’s impending data protection law.

Data is sufficient to discover real-world identities of people communicating: Research

When the data is sent to Google, it is tagged with the handset Android ID which is linked to the handset’s Google user account, which again is linked to a person’s real identity, the paper revealed.

Advertisement. Scroll to continue reading.

“For example, a working phone number is required to create a Google account, and if the person has paid for an app on the Google Play store or uses Google Pay then their Google account is also linked to their credit card/bank details. In this way real-world identities of the pair of people communicating may be revealed to Google,” it said.

Apart from that, the Google Messages and Dialer apps send messages to Google recording user interactions with the app, the paper said. For instance, when the user views an app screen, an SMS conversation, or searches their contacts, the nature and timing of this interaction are sent to Google allowing a detailed picture of app usage over time to be reconstructed, it added.

The “See caller and spam ID” option is always enabled by default in the Google Dialer app. So, the paper said, when someone gets a call, the app sends the phone number of each incoming call to Google together with the time of the call.

“By combining data from handsets exchanging phone calls the phone numbers of both are therefore revealed. We note that sending of incoming phone numbers to Google is not necessary for call screening,” it said.

Google says it will remove logging of call-related events in Firebase analytics

The research said that Google Messages and Dialer apps send data to Google via two channels — Google Play Services Clearcut logger service and the Google/Firebase Analytics service. The paper noted that the data transmission is “largely opaque, being binary encoded with little public documentation”.

With these findings, the researcher reached out to Google, who said that it —

Advertisement. Scroll to continue reading.
  • Plans to change the app onboarding flow so that users are notified that this is a Google app with a link to Google’s consumer privacy policy. “This will include a new on/off toggle to cover data collection that Google does not consider to be essential for the app to function,” it said.
  • Will halt the collection of the sender phone number and of a hash of sent/received message text by Google Messages (the latter change will be rolled out with version 10.9.160 of Google Messages, the other changes in the next release).

What will be the future of data privacy in India?

Do you want to keep track of data governance in India but don’t have the time? Relying on scattered content from across the web makes it feel harder than it needs to be.

Subscribe to MediaNama and get crisp, timely updates on tech policy developments in India and across the world.

Also Read:

Have something to add? Subscribe to MediaNama here and post your comment. 

Written By

Among other subjects, I cover the increasing usage of emerging technologies, especially for surveillance in India

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



India's smartphone operating system BharOS has received much buzz in the media lately, but does it really merit this attention?


After using the Mapples app as his default navigation app for a week, Sarvesh draws a comparison between Google Maps and Mapples


In the case of the ‘deemed consent' provision in the draft data protection law, brevity comes at the cost of clarity and user protection


The regulatory ambivalence around an instrument so essential to facilitate data exchange – the CM framework – is disconcerting for several reasons.


The provisions around grievance redressal in the Data Protection Bill "stands to be dangerously sparse and nugatory on various counts."

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ