The scale of surveillance of Android smartphones for users turned out to be enormous

An in-depth analysis of a number of popular Android mobile phones has revealed that huge amounts of data from devices are constantly leaking to the Web. Moreover, the user cannot prevent this in any way. About this in a new studyAndroid Mobile OS Snooping By Samsung, Xiaomi, Huawei and Realme Handsets written by scholars from Trinity College Dublin and the University of Edinburgh.

Professor Doug Leith from Dublin, along with Dr. Paul Patras and Haoyu Liu from Edinburgh, studied the data, sent by six variants of Android OS developed by Samsung, Xiaomi, Huawei, Realme, LineageOS and e / OS. They found out that even when the phone is idle and has a minimum setting, the versions adapted by the manufacturers Android shares a significant amount of information with the OS developer and third parties such as Google, Microsoft, LinkedIn and Facebook.

Study authors writethat such data transfer goes far beyond standard user agreements and raises a number of privacy concerns.

Paul Patras noted that the laws on the protection of personal information, adopted in the EU member states, Canada and South Korea, today practically do not work. Data on smartphones is collected “under the hood” without the knowledge of users and without available means to disable this feature.

Except for e / OS, all tested firmwares collect a list of applications installed on the phone. This is potentially confidential information, as it can reveal the interests of the user, his health, orientation, religion or political affiliation.

• Xiaomi phones send detailed information to the company about all the app screens the user views, including when and how long each app is active. This shows, for example, the time and duration of phone calls. The effect is similar to the use of cookies to track people's activity as they navigate between web pages. This data appears to be sent to Singapore.
• On Huawei phones, the Swiftkey sends application usage information to Microsoft. It shows, for example, when a user enters text, uses the search bar, and searches for contacts.
• Samsung, Xiaomi, Realme, and Google collect device identifiers such as hardware serial numbers, as well as user-resettable ad IDs. This means that the new ID value can be easily re-bound to the same device.
• Third party system applications such as those from Google, Microsoft, LinkedIn and Facebook, pre-installed on most mobile phones, also continuously collect data without output any notifications.

Scientists suggest that there may be a whole ecosystem of data in which all the information collected from smartphones is connected into a single whole.