The dialer apps – that is, the phone – and Google’s messages are spying on users, according to a recent study published by Douglas Lith, a computer science lecturer at Trinity College Dublin.
Lith examined the information that the apps, which are installed on many millions of devices sold every year (in fact, they come with almost every Android smartphone sold in the world today, including those of Samsung, Shiomi, and more), collect and send to Google, and found that it is valuable information.
For example, the phone app sends the company information about each incoming or outgoing call, including the phone numbers of the caller and recipient, the time and duration of the call, and the messaging app sends not only the sender number, recipient number, and time but also an encrypted version of the message itself. This is in addition to data such as the time of use of the applications themselves and various actions the user performs on the content.
This is serious not only due to the fact that these are the most basic apps on any smartphone, which are found on almost every device, but also because neither has a privacy policy where users can read about the information they collect, nor even have the ability to stop collecting information. Even a user who wants to see the information collected about him will not find it in Google’s Takeout service, which guarantees a file with all the information the company has collected about the user but does not include the information from the two mentioned apps.
Lith told the British Register website that the lack of privacy policy and the ability to control the collection of information for both apps is likely a breach of European Privacy Law (GDPR), and that the information could even be used to crack users’ messages, since encryption can be engineered, at least Of short messages, by powerful computers. “I was surprised to see that this information was collected by these Google apps,” he said.
Lith posted his conclusions to Google in November, along with 9 recommendations for change. The company, for its part, has so far made six changes: an alert at the beginning of the use of apps with a link to Google’s general privacy policy; Stop collecting the text of the message and the telephone number of the sender; Stop collecting call information; Changing the way information is entered for temporary identification, which is very difficult to associate with a specific user; And clarification about when smart caller detection and active spam blocking and how to turn them off.
Google told the site that “We welcome collaborations – and responses – from academics and researchers, including those at Trinity College. We have worked constructively with this team to address their responses, and will continue to do so.”
Lith, for his part, claims he’s not sure Google’s promises help at all. “They say they will display a switch within the messaging app to allow users to turn off information collection, but that it will not be valid for information that Google defines as essential – meaning they will continue to collect certain information even if users turn it off. “And so the information I reported was already defined as vital by Google. I think we’ll have to wait and see.”
He added that the even more disturbing thing is that Google’s store services are linked to the user’s account, which is linked to his real identity, and there “we know very little about the types of information sent by Google Play services and the reasons for it”
.Following the publication of the story, Google stressed that the information was collected “for analysis purposes”, which helps ensure that the apps are working properly, and not for advertising purposes.
GIPHY App Key not set. Please check settings