Android telemetry, understood as the data collection and sending of the same to the software developer, it is abundant. And the same can be said of other operating systems, mobile like Apple’s iOS or desktop like Microsoft’s Windows 10.
In an era of total connectivity, telemetry is carried out on any type of device and under any system, in one way or another. The manufacturers explain it with the aim of improving the functioning of the systems, the user experience, and the maintenance and safety of the equipment.
Telemetry does not have to be negative in itself … As long as only technical data is collected, without user identification, the process is carried out in a transparent and previously requesting the user’s authorization and that data is used for the stated reasons. And not others, be it advertising or espionage. The problem is that users are scared by the massive and constant violations of the right to privacy and irresponsible uses (for being soft) by companies.
How far does the telemetry of Android and iOS go?
Researcher Douglas Leith from Trinity College in Ireland has carried out a study on Android and iOS and the conclusions are as expected by those most critical of this telemetry. Android sends 20 times more data to Google than iOS to Apple, he says, although the data collection of both is worrying because it is easily linked to a user’s name, email address, payment card details, and possibly other devices that the user has.
In addition, constant connections to servers back end they necessarily reveal the device’s IP address and, by extension, the user’s general geographic location. Both iOS and Android, the researcher says, transmit telemetry data to their motherships even when a user has not logged in or has explicitly configured privacy settings to opt out of such collection.
Both operating systems also send data to Apple and Google when a user does simple things like insert a SIM card or navigate the phone’s settings screen. Even when they are idle, the devices connect to your server back end every 4.5 minutes on average. In the US alone, Android collectively collects about 1.3 TB of data every 12 hours. During the same period, iOS collects around 5.8 GB.
It’s not just operating systems that collect and send data. Lpre-installed applications or services they also establish network connections, even when they have not been opened or used. While iOS automatically sent data to Apple from Siri, Safari, and iCloud, Android collected data from Chrome, YouTube, Google Docs, Safetyhub, Google Messenger, the device clock, and the Google search bar.
Google and Apple disagree
Google has challenged the study, explaining that you have used faulty methods to measure the collected data for each operating system. The company also argued that data collection is a central function of any device connected to the Internet:
«We identify flaws in the researcher’s methodology for measuring data volume and we disagree with the claims in the article that an Android device shares 20 times more data than an iPhone … Based on our research, these findings are off by an order of magnitude, and we share our concerns about the methodology with the researcher prior to publication »said a Google spokesperson.
‘This research largely describes how smartphones work. Modern cars regularly send basic data about vehicle components, their safety status, and service programs to automakers, and mobile phones work in much the same way. This report details those communications, which help ensure that the iOS or Android software is up-to-date, that the services are working as intended, and that the phone is safe and working efficiently.they explain.
The Apple spokesman was more concise, repeating the usual mantra that always comes out from Cupertino with these issues, in the sense that Apple provides transparency and control for the personal information you collect, that the report is wrong, that Apple offers privacy protections that prevent the company from tracking users’ locations and that it informs users about the collection of location-related data.
Android and iOS telemetry study
Leith performed his measurements using a Google Pixel 2 with Android 10 and an iPhone 8 with iOS 13.6.1. The iPhone was jailbroken using the Checm8 exploit and the Pixel had Google Play services enabled. In total, the study available here measured the amount of data collected by devices in different situations such as:
- on the first start after a factory reset.
- when a SIM card was inserted or removed.
- when the phones were idle.
- when the general system configuration screen was accessed.
- when location was enabled or disabled.
- when the user logged into the pre-installed app store.
You value it. The researcher assures that data collection by both operating systems it’s worrisome and it is easily linked to a user’s name. “Currently, there are few, if any, realistic options to avoid this data sharing”, he concluded.
Only on mobiles?
No. Privacy in Windows 10 was a controversial point since arrival and one of the aspects that limited the extension of the operating system. The first version was terrible and the criticisms were immediate (some furious who spoke directly of ‘big brother’ and spying on everything a user did) for a telemetry that collected a large amount of data and did it without the necessary transparency about the use of that personal information.
Microsoft promised improvements and the truth is that they have been arriving with each update of the system, although the user must get mired in its management as soon as it is installed. Like Google and Apple, Microsoft has a long way to go. Investigators from the official Dutch data regulator released a report identifying “large-scale and covert collection of personal data” in Microsoft’s office suites and Windows 10.
Germany’s Federal Office for Information Security also expressed concern about the data sent by the Windows operating system and some German schools reached Ban the use of Windows 10 and Office 365 for privacy reasons. Today’s data is pure gold and no software or hardware vendor is spared from its collection.
Personally, I do not care about this telemetry as long as it complies with basic rules of use, they are technical and not personal, the user cannot be identified if he does not want it, the process is carried out in a transparent way and previously requesting authorization and the data are used for the stated reasons. Will it ever be possible?
We leave you a couple of practical articles to control and improve (where possible) telemetry:
- 10 tips to improve the privacy of your Android smartphone
- How to view the data your team sends to Microsoft with Windows 10 telemetry