New research shows that Google has been collecting extremely detailed data about the calls you make via the Phone app and the text messages exchanged on your Android phone. Google used these Android apps to export massive amounts of data to its servers, and it did so without informing users or obtaining consent. This sort of behavior might go against privacy protections that should exist in Android by law in some markets (like the EU’s GDPR policies). It could be seen as spying on users.
Google might have valid reasons for wanting to collect call and message data from phones to improve those services. It might also want to offer features that might improve the user’s privacy. But this doesn’t change the fact that Google amasses all that call and text data without obtaining explicit permission from the user to do so.
Does Google track Android phones?
Long-time Android users already know the trade-off they make when they use Google’s “free” operating system. They pay with their data for all of the software that Google creates. Yet Android keeps getting tracking users one way or the other. It might not be about location data this time around. But the new Messages and Phone privacy implications are just as significant. And they come at a time when Google keeps trying to convince users that user privacy is important.
But while Android users willfully agree to Google tracking them and collecting personal data that it can turn into ads, they’ve never explicitly told Google that it could collect sensitive phone and text data.
What Messages data did Google collect?
“The data sent by Google Messages includes a hash of the message text, allowing linking of sender and receiver in a message exchange,” the paper says. “The data sent by Google Dialer includes the call time and duration, again allowing linking of the two handsets engaged in a phone call. Phone numbers are also sent to Google.”
Hashes scramble the actual content Google gets, making it nearly impossible to access it. In this case, Google might be getting shorter hashed versions of the texts you sent and received in Messages. But it can’t see the actual text, as they’re turned in alphanumeric gibberish. Still, given enough computing resources and time, someone might decode some of the shorter messages.
Leith told as much to The Register. “I’m told by colleagues that yes, in principle, this is likely to be possible,” he said. “The hash includes a hourly timestamp, so it would involve generating hashes for all combinations of timestamps and target messages and comparing these against the observed hash for a match – feasible I think for short messages given modern compute power.”
Similarly, the phone app logs incoming and outgoing calls, the time, and the call duration.
The apps do not disclose these data collection practices. But Google requires Android developers to inform users about the kind of data their apps collect.
One could argue that all this metadata from the Phone and Messages app would allow Google to track Android users. Each app has about a billion users, which makes the data collection all the more impressive.
Why is Google spying on your calls and texts?
Google offers a few smart features in the Phone and Messages apps that might require such data tracking. The Phone app can prevent spam calls, but to do it, it needs to collect data, as 9to5Google reports.
Google also explained it uses texts hashes to ensure that the incoming and outgoing messages appear in the correct order. Furthermore, the collection of messages might help Google protect one-time password messages. Similarly, Google might need SIM card IDs data to power Google Fi features.
How is Google fixing the Messages and Phone app privacy issue?
Last November, Leith has informed Google of his findings. He had several conversations with the company on the matter. The researcher offered nine suggestions that can improve the privacy of Android users relying on the stock Phone and Messages app to communicate. Google already implemented six of them.
App updates released since February have started deploying fixes to Phone and Messages.
Now, Google will inform users about these data collection practices. And users can opt out to some extent. However, the company will continue to grab call and text data from handsets.
“In particular, they say they will introduce a toggle within the Messages app to allow users to opt out of data collection but that this opt out will not cover data that Google considers to be ‘essential’ i.e. they will continue to collect some data even when users opt out,” the researcher told The Register. “In my tests I had already opted out of Google data collection by disabling the Google ‘Usage and diagnostics’ option in the handset Settings, and so the data I reported on was already judged to be somehow essential by Google. I think we’ll have to wait and see.”
Additional privacy worries remain
Leith’s research only covers the Phone and Messages app. But Google might have to address other data collection issues in Android. The researcher identified two such problems in the Google Play Service app.
“The first is that the logging data sent by Google Play Services is tagged with the Google Android ID which can often be linked to a person’s real identity – so the data is not anonymous,” he said. “The second is that we know very little about what data is being sent by Google Play Services, and for what purpose(s). This study is the first to cast some light on that, but it’s very much just the tip of the iceberg.”
Finally, it’s unclear what the newly revealed Android privacy issues mean when it comes to laws and regulations, especially in markets like the European Union.