Monday, November 27, 2017

Google is Being Questioned by Regulators Over Location Data Collection on Android Phones

Location services have been a part of Android since its original release. This has always involved a little controversy on the privacy aspect of such services, because if a user keeps location enabled on an Android smartphone, the device's cell tower location is being continuously sent to Google.

For privacy-focused users, this hadn't been a huge issue as Android always had a toggle to switch location off in the settings menu. This supposedly meant that the device would not send any location data to Google.

This was the assumption up till now. But a Quartz report published a few days ago shows that the assumption is false. Even if a user disables location on his device, it will still keep sending the addresses of nearby cell tower address in the form of Cell ID codes if the phone is using Google's Firebase Messaging push service. Google has been collecting Cell ID data since the beginning of 2017. The company confirmed that the location data was being collected, but claimed that "it had never been used or stored". The issue is severe enough to even affect users who did not have a SIM card in their devices.

Simply put, this is an invasion of privacy. If a user disables location on his device, then there remains no grounds for Google to keep collecting the location data at all. We previously noted that as of now, the only option to be sure that Google is not collecting location data from your phone is to completely remove Google services from your device.

Now, a report by CNNMoney states that Google is facing scrutiny for reportedly collecting data about the location of smartphone users without their knowledge. Firstly, the report says that regulators in South Korea summoned Google representatives this week to question them about the Quartz report.

The head of Korea Communications Commission (KCC)'s privacy infringement division told CNNMoney: "KCC is carrying out an inquiry into the claims that Google collected users' Cell ID data without consent even when their smartphone's location service was inactive."

The report added that UK data protection officials are also looking into the matter. A spokesperson for the Information Commissioner's Office told the publication: "Organizations are required by law to be transparent with consumers about what they are doing with personal information. We are aware of the reports about the tracking system and are in contact with Google."

For its part, Google told CNNMoney that the data was collected to improve notifications and message delivery, and claimed that it was not stored on Google servers. It further claimed that Android phones are no longer requesting Cell ID codes, and stated that collection should be phased out this month. A Google spokesman stated: "In January of this year, we began looking into using Cell ID codes as an additional signal to further improve the speed and performance of message delivery." As Google says that it never incorporated the data into its system, "that data was immediately discarded, and we updated [the network system] to no longer request Cell ID," the spokesman added.

The CNNMoney report notes that as Google has collected Cell IDs without consent, the company may have violated South Korea's Location Data Protection Act. This would be the case regardless of whether the data was stored on Google's US servers or not, according to an official with KCC's commission's privacy infringement division. The official added that as of yet, an official investigation has not been launched, and "more information will likely need to come from Google's U.S. headquarters".

It is clear that Quartz' discovery has far-reaching implications. It is imperative that Google should completely stop collecting location data without users' consent as soon as possible. If the company does not do so, the consequences may prove to be severe.

Source: CNNMoney



from xda-developers http://ift.tt/2AcSqw0
via IFTTT

No comments:

Post a Comment