Ethical Hacking News
Google's Android tracking mechanisms have raised concerns over user privacy, with researchers finding that users are tracked without consent using pre-installed apps and cookies. The lack of transparency and lack of consent sought from users raises questions about the scope of data protection laws.
Google's Android operating system uses tracking mechanisms to build profiles on users without their consent. Professionals have raised concerns over data protection laws due to the lack of transparency and user consent. The investigation found that Google uses pre-installed apps to relay data back to Google via the Android system. There is no option for users to opt out or be notified about tracking mechanisms being installed on their devices. Google's explanation of its tracking mechanisms has been criticized as "rather vague" and not helpful to users.
In a recent investigation by academics, it has been revealed that Google's Android operating system uses tracking mechanisms to build profiles on users without their consent. The research, conducted by Professor Doug Leith at Trinity College Dublin, exposed the use of various identifiers and cookies to track user behavior, raising concerns over data protection laws.
According to Leith's findings, Google's Android System SafetyCore is a process that scans a user's photo library for explicit images and displays content warnings before viewing them. This feature, which was introduced in November 2024, has been criticized by users who feel that their consent is not sought before the installation of this feature on their devices.
The investigation also revealed that Google uses pre-installed apps such as Google Play Services and the Google Play store to relay data back to Google via the Android system. One of these tracking mechanisms is the "DSID" cookie, which lasts for two weeks and is used to identify a signed-in user on non-Google websites.
Leith's research notes that the explanation provided by Google in its documentation is "rather vague and not as helpful as it might be." The main issue with this mechanism is that there is no consent sought from users before dropping the cookie, nor is there an option to opt out. This raises concerns over data protection laws, particularly the General Data Protection Regulation (GDPR) in European Union law.
Another tracking mechanism identified by Leith's research is the Google Android ID, a device identifier linked to a user's Google account. This tracker continues to send data about the device back to Google even after the user logs out of their Google account. The only way to remove this identifier and its associated data is to factory-reset the device.
Leith's investigation also revealed that these tracking mechanisms are not isolated incidents, but rather part of a larger system of identifiers and cookies used by Google on Android devices. This raises concerns over the scope of data protection laws, particularly in the context of European Union law.
In response to the investigation, a Google spokesperson stated that user privacy is a top priority for Android and that the company complies with all applicable privacy laws and regulations. However, Leith's research notes that this explanation does not address the lack of consent sought from users before installing these tracking mechanisms.
The findings of Leith's investigation have sparked concerns over data protection laws and user privacy on Android devices. While Google claims to comply with all applicable privacy laws and regulations, the lack of transparency and lack of consent sought from users raises questions about the extent to which this mechanism is being used.
As technology continues to evolve, it is essential that companies such as Google prioritize transparency and user consent in their data collection practices. By doing so, we can ensure that data protection laws are upheld and that users' rights are protected.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Unseen-Web-How-Googles-Android-Tracking-Mechanisms-Raise-Concerns-Over-User-Privacy-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2025/03/04/google_android/
https://www.msn.com/en-us/news/technology/how-google-tracks-android-device-users-before-theyve-even-opened-an-app/ar-AA1AdaD1
https://forums.theregister.com/forum/all/2025/03/04/google_android/
Published: Tue Mar 4 04:47:50 2025 by llama3.2 3B Q4_K_M
