wordpress blog stats
Connect with us

Hi, what are you looking for?

Google has been sending data from calls and messages on Android to its servers, research finds

The data logged by Google can be pieced together to reveal the identities of users in the real world, the paper claimed.

New research has found that Google has been collecting data about calls and text messages through its Android operating system. Google has used Android apps to export data to its servers but without informing users or obtaining their consent, claimed the research paper authored by Professor Douglas J Leith, a researcher at the Trinity College of Dublin.

When an SMS message is sent/received, the Google Messages app sends a message to Google servers recording this event with the time when the message was sent/received and a truncated SHA256 hash of the message text. “The latter hash acts to uniquely identify the text message. The message sender’s phone number is also sent to Google, so by combining data from handsets exchanging messages the phone numbers of both are revealed,” the research paper read.

It also said that when a phone call is made/received through the Google Dialer app, the app logs this event to Google servers together with the time and the duration of the call.

It would be interesting to examine these practices through the lens of existing laws such as the European Union’s GDPR or even India’s impending data protection law.

Data is sufficient to discover real-world identities of people communicating: Research

When the data is sent to Google, it is tagged with the handset Android ID which is linked to the handset’s Google user account, which again is linked to a person’s real identity, the paper revealed.

Advertisement. Scroll to continue reading.

“For example, a working phone number is required to create a Google account, and if the person has paid for an app on the Google Play store or uses Google Pay then their Google account is also linked to their credit card/bank details. In this way real-world identities of the pair of people communicating may be revealed to Google,” it said.

Apart from that, the Google Messages and Dialer apps send messages to Google recording user interactions with the app, the paper said. For instance, when the user views an app screen, an SMS conversation, or searches their contacts, the nature and timing of this interaction are sent to Google allowing a detailed picture of app usage over time to be reconstructed, it added.

The “See caller and spam ID” option is always enabled by default in the Google Dialer app. So, the paper said, when someone gets a call, the app sends the phone number of each incoming call to Google together with the time of the call.

“By combining data from handsets exchanging phone calls the phone numbers of both are therefore revealed. We note that sending of incoming phone numbers to Google is not necessary for call screening,” it said.

Google says it will remove logging of call-related events in Firebase analytics

The research said that Google Messages and Dialer apps send data to Google via two channels — Google Play Services Clearcut logger service and the Google/Firebase Analytics service. The paper noted that the data transmission is “largely opaque, being binary encoded with little public documentation”.

With these findings, the researcher reached out to Google, who said that it —

Advertisement. Scroll to continue reading.
  • Plans to change the app onboarding flow so that users are notified that this is a Google app with a link to Google’s consumer privacy policy. “This will include a new on/off toggle to cover data collection that Google does not consider to be essential for the app to function,” it said.
  • Will halt the collection of the sender phone number and of a hash of sent/received message text by Google Messages (the latter change will be rolled out with version 10.9.160 of Google Messages, the other changes in the next release).

What will be the future of data privacy in India?

Do you want to keep track of data governance in India but don’t have the time? Relying on scattered content from across the web makes it feel harder than it needs to be.

Subscribe to MediaNama and get crisp, timely updates on tech policy developments in India and across the world.

Also Read:

Have something to add? Subscribe to MediaNama here and post your comment. 

Written By

Among other subjects, I cover the increasing usage of emerging technologies, especially for surveillance in India

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.

Views

News

Studying the 'community' supporting the late Sushant Singh Rajput (SSR) shows how Twitter was gamed through organized engagement

News

Do we have an enabling system for the National Data Governance Framework Policy (NDGFP) aiming to create a repository of non-personal data?

News

A viewpoint on why the regulation of cryptocurrencies and crypto exchnages under 2019's E-Commerce Rules puts it in a 'grey area'

News

India's IT Rules mandate a GAC to address user 'grievances' , but is re-instatement of content removed by a platform a power it should...

News

There is a need for reconceptualizing personal, non-personal data and the concept of privacy itself for regulators to effectively protect data

You May Also Like

News

Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...

Advert

135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...

News

Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...

News

By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Name:*
Your email address:*
*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ