Personal phone data distribution is cause for worry
We tested various phone location settings to see what data an Android phone sends to Google beyond what the phone displays openly.
See the story: Secret phone data reveals every move
ABOUT THE PROJECT (Q&A)
What was the experiment?
We tested various phone location settings to see what data an Android phone sends to Google beyond what the phone displays openly.
What did we find?
We found location data was sent with location history set to OFF and incognito mode in Google Maps set to ON. We believe the public would expect to travel anonymously with these settings.
What else did we find?
One experiment involved travelling with these settings (location history OFF and incognito mode ON) in a car while performing voice turn-by-turn navigation with Google Maps.
The resulting data stream not only included location data but also voice recordings of the directions that Google Navigation spoke en route. I could play back all the turn-by-turn voice recordings sent with the data stream.
The phones also collected details of Wi-Fi routers in the vicinity, such as router network names (SSIDs) and equipment identifiers (MAC addresses). The stream included details of dozens of Wi-Fi routers in an apartment building, and routers at a work location.
How is the data collected?
Software was installed on two phones that would “tap” this extra stream of data sent to Google, and send the data to a server in the US operated by Oracle. The server was programmed to unravel this stream of data into its component parts.
We set up experiments, varying the settings between phones to see how each setting affected the data stream. We could access and analyse the data in a human-understandable form through this US software/server set-up.
Why undertake this?
Android users implicitly accept that they offer their data to Google for advertising purposes in return for a free operating system for their phone. However, the use of personal data generated by phones nowadays is distributed to many more agencies than advertisers, with brokers selling it to police forces, governments and spy agencies. It is likely that criminal organisations can also tap into this data. More and more agencies and people are getting access to your phone data.
Is the concern just the data sent to Google?
No. If a company such as Oracle can unravel this data, other organisations can too, by getting you to install apps and access your personal, phone and location information through them.
Copilot a time saver but workers at odds over who benefits
Microsoft’s AI assistant saves workers an average of about 20 hours a month allowing them to concentrate on important work. But a debate has emerged about how to share those time savings.
Regulators ‘overlap’ in scam prevention draft
The draft Scam Prevention Framework could penalise telcos for abiding by one code while breaking another, the Communications Alliance has warned.