Based on materials from androidauthority.com
Many users are constantly worried about their mobile devices being 'spied' on them. More precisely, of course, huge evil corporations such as Google and Apple are watching. And some people, accordingly, do their best to distance themselves from these companies. In the past, for example, you could choose a Blackberry, but what happens to current Blackberry devices on Android? What are they telling Google? We will not go deep in particular at once. The question of how personal data security and privacy are combined with the use of Android is worth exploring in detail.
Android has been installed on more than two billion devices worldwide, mostly smartphones. This is an incredible amount. Not all of them eavesdrop on us and send information to Google, although they cannot be called completely safe (we will talk about this in more detail later).
The Android, or Android Open Source Project (AOSP), is run by Google, which maintains and develops the codebase as an open source software project. Google is selling its support and development of the project in support of its belief that everyone can and should have access to the Internet.
It sounds altruistic, but it's also a business. Google generates revenue from the fact that people on the web and from mobile devices click on its ads. And that accounts for roughly 90% of parent company Alphabet's income.
AOSP means that everyone – you and me or the future great smartphone brand – can download the source code Android, rework, modify, and use it. Google's approach is very different from Apple, which sells iOS on its devices as an exclusive and closed ecosystem.
It seems to many that Android is slowly turning into a platform that is more accessible on the principle of shared source, rather than open source. As Ars Technica once put it well, 'Android is an open system except for the good parts'
Moreover, Google essentially offers two different experiences related to Android. There is AOSP, which is a pure skeleton: no Google, no Google Play Store, no built-in applications. This is something that all of us or companies that create new devices can use. However, AOSP will almost certainly not be used in a mainstream smartphone, with the possible exception of China, where Google has not always had a legal status and where Chinese applications are more common. Typically, smartphone manufacturers use a different, 'full' Android that generates Google revenue and represents a viable platform for the user.
The 'full fledged' Android that we know and use on our smartphones on a daily basis includes the Google Mobile Services (GMS) add-on. It is sold to most OEMs – companies like Samsung, HTC, LG, Huawei and others. GMS is not open source and is quite different from AOSP, including applications and services known to all of us. The fact that Google is integrating these applications is causing problems: for example, the EU accuses Google of using this full version Android to “maintain and strengthen the dominance of general Internet search.”
Going back to new devices from BlackBerry, they come with pre-installed GMS, and Google apps send reports to the company, but warn about it. A device on Android will not send information to Google until you let it happen by adding your Google Account information and using Google Apps.
Not only does Google receive information about you, your operator does it. It sends data about your location (due to triangulation on the mobile tower), requests for details on the account, all your SMS messages. Politicians are discussing how to improve the situation by limiting the pre-installed apps that spy on the user, but devices still send massive amounts of your data.
Using Android without Google
A situation in which the device works completely without Google's involvement is quite possible. For example, the Chinese Samsung Note 4, which runs on the AOSP version Android and everything in it is more or less replaced by Baidu – accordingly, it sends data not to Google, but to Chinese companies. There are recognized alternatives to Google apps, including obvious options like HERE WeGo and Citymapper instead of Maps, Firefox and Opera for the browser, Blue Mail for mail, and Signal for secure messaging.
But even if you use all of this, there is still a chance that Google will receive your data. And if not, then they will probably get them Facebook due to its huge distribution among popular applications and linking to sites. Obviously, trying to stop your data leak involves deciding what services and benefits you will continue to use.
If you use the Google Play Store to install apps – and you would normally do so because it is most secure – app installs and uninstalls will be tracked. The Play Store also monitors the location, purchases of the user, which is due to 'live' Android, for example, monitors Wi-Fi networks to update applications in the background without wasting mobile traffic.
This is not highly personally identifiable information, but many applications use cookies to activate services such as Google Analytics to track data usage and user data. This data helps the application to 'get an idea' of what is popular, what works and what doesn't.
For example, Citymapper's privacy policy contains the following statement:
'Some of the cookies that our application uses are set by us and some by third party providers of our services. For example, we use Google Analytics to track what users are doing on the app so we can improve its design and functionality. '
On the web, Google, somewhat unexpectedly, offers a plugin to disable Analytics for most browsers, allowing you to opt out of your data being used by Google Analytics. But this is only online, and it is not part of the applications at this level, which means you need to be careful when choosing applications. Very few of them offer the user as transparent an environment as Citymapper.
Go ahead. Hosting can also be a problem. Google Cloud Platform (GCP) hosts websites, applications and acts as an infrastructure for hosting and storing data. It is undersized Amazon by Web Services (AWS), with over 35% of web traffic through its cloud servers (according to Synergy).
Since there are no laws in the States that govern this, both GCP and AWS follow a number of strict EU directives related to data protection.
So how do you avoid Google on Android?
Do you still want to avoid talking to Google? It is possible, but you will have difficulty with normal web browsing. Using a safer browser like Firefox Focus can be a good starting point. And the permanent use of a VPN is not discussed at all. Stop using Google search and use DuckDuckGo, which does not collect any information about the user and does not track IP and other data.
F-Droid is an alternative to the Google Play store that offers a directory of exclusively free, open source applications. Many of them are alternatives to Google apps and they use repositories to update. It's not a very popular app, but it has been around for many years.
Next, another option is to use Tor, which was specifically designed for anonymous communication (and even recommended by Edward Snowden!). It is best known as a web browser, but there are also Project Tor applications for Android.
Another popular way to get rid of all sorts of hidden junk on your Android – device is to install another operating system. For example, LineageOS (based on the old CyanogenOS) gives a stock experience Android, but it is much more closed than other typical OSs on our devices.
You could even try Mission Improbable, a 'hardened' version Android from the Tor developers and the open source community who wanted to show how Android could be made safer. If you have a Pixel or Nexus smartphone, and with Linux you are on 'you', this is literally the ultimate security solution.
If you use your Google Account without disconnecting and using history storage, your location is tracked, your search history is generated, and even the voice commands you gave to the Google Assistant are saved. And here you can be frightened (well, or admire) the entire (and surprisingly complete!) History of your locations.
If you do not use these applications and a Google account, you are left with something like BlackBerry in the past – although even BlackBerry receives some user data, and with almost the same methods, as Google.
Further restrictions while maintaining connection will require a transition to a simple dialer or a change in lifestyle. Just being in touch means that somehow your data will be tracked in a variety of ways. In a sense, the convenience you are used to and attached to can motivate you to share some of your information. Of course, this is what Google is hoping for.
How do you look at this problem, dear readers? Does Google surveillance make you angry and paranoid? And if so, in what ways did you try to avoid it? Share in the comments!