Study reveals scale of data-sharing from Android mobile phones (Positive press for /e/OS )

Even when minimally configured and the handset is idle, with the notable exception of e/OS, these vendor-customized Android variants transmit substantial amounts of information to the OS developer and to third parties such as Google, Microsoft, LinkedIn, and Facebook that have pre-installed system apps. There is no opt-out from this data collection.

PDF of study is available at the bottom of the article.

11 Likes

Link? :wink:

chars chars

Ooops yeah it’s there now.

[2109.13722] Are iPhones Really Better for Privacy? Comparative Study of iOS and Android Apps – [2109.13722] Are iPhones Really Better for Privacy? Comparative Study of iOS and Android Apps

Konrad Kollnig, Anastasia Shuba, Reuben Binns, Max Van Kleek, Nigel Shadbolt

Download PDF

While many studies have looked at privacy properties of the Android and Google Play app ecosystem, comparatively much less is known about iOS and the Apple App Store, the most widely used ecosystem in the US. At the same time, there is increasing competition around privacy between these smartphone operating system providers. In this paper, we present a study of 24k Android and iOS apps from 2020 along several dimensions relating to user privacy. We find that third-party tracking and the sharing of unique user identifiers was widespread in apps from both ecosystems, even in apps aimed at children. In the children’s category, iOS apps used much fewer advertising-related tracking than their Android counterparts, but could more often access children’s location (by a factor of 7). Across all studied apps, our study highlights widespread potential violations of US, EU and UK privacy law, including 1) the use of third-party tracking without user consent, 2) the lack of parental consent before sharing PII with third-parties in children’s apps, 3) the non-data-minimising configuration of tracking libraries, 4) the sending of personal data to countries without an adequate level of data protection, and 5) the continued absence of transparency around tracking, partly due to design decisions by Apple and Google. Overall, we find that neither platform is clearly better than the other for privacy across the dimensions we studied.

Subjects: Cryptography and Security (cs.CR); Computers and Society (cs.CY)
Cite as: arXiv:2109.13722 [cs.CR]
(or arXiv:2109.13722v1 [cs.CR] for this version)

Submission history

From: Konrad Kollnig [view email]
[v1] Tue, 28 Sep 2021 13:40:32 UTC (186 KB)

Wish I could get my family to read this.

1 Like

fyi, while also interesting, the arxiv link is a different study with a iOS/Android Appstore comparison (surveying integrated SDKs in 24k apps). The parent post is comparing within Android instead. Douglas Leith, one of the coauthors did some studies on default connection behavior of Androids in the past.

Direct link here: https://www.scss.tcd.ie/Doug.Leith/Android_privacy_report.pdf

1 Like

Time to contact again privacytools.io
/e/OS is not exactly LineageOS :smiley:

1 Like

May I ask you what “opt-out” actually means?

Optional out
Opposite oft opt-in

Means, for example, tracking is on per default and you have to turn it off.
Instead to turn it on.

And mostly it is not possible to turn it oft because they give you no way to do it…
Don’t be evil LOL…

1 Like

Someone says this is bad article smearing LOS and mentioning e/os stealing code for microG while only donating after backlash, this article is not very well written

/e/ is listed as official sponsor on official microG homepage.
https://microg.org/

I would like to add my opinion about the article. I think it is biased.
In their tests, they used LineageOS with GApps, so obviously data is sent to Google… Without GApps I guess LineageOS is as clean as /e/.
If I install facebook on my smartphone, well I expect to send data to facebook too.
And concerning Huawei, I think it’s a pity that the tests weren’t done on HarmonyOS. (but I don’t know if the code has been made public yet)
Anyway, a whole article just to say that a smartphone with google services and pre-installed apps transmits data. Nothing new :slight_smile:

I just had to share this :sunglasses: :+1:

3 Likes

From the study, that’s the LineageOS they were looking at:

“Google Pixel 2/Android 10 (LineageOS build 17.1-20210316, opengapps 10.0-nano-20210314)”

There is Google stuff in LineageOS which isn’t in /e/, and they would have seen that I suppose, but they actually installed Open GApps Nano on LineageOS … here’s what it installs: https://github.com/opengapps/opengapps/wiki/Nano-Package.

What is this trying to achieve?
Either they should have installed the Open GApps stock package (they even mention in the study that nano is different from the stock Androids and there are other Open GApps packages including “stock”), or they shouldn’t have installed Open GApps at all.

in principle, they have compared “Äpfel mit Birnen” :wink:

Under the title above, a very significant summary paper on LWN, whose last sentence is no less than the following :

Notably, /e/OS sends no information to Google or other third parties and sends essentially no information to the /e/OS developers.

– and clearly all others are far worse :wink:

H.
…waiting impatiently for the retyrn of /e/ Fairphones+ (to buy a second one!)
Regain your privacy! Adopt /e/ the unGoogled mobile OS and online servicesphone

You 're the second today to start a topic about this…
Now there are allready 4 topics in total. :pensive:

2 Likes

Sorry, I didn’t detect the other one. But mine comes from LWN, which is almost more of a reference than the original paper…
So please don’t comment here but in the post above.

That seems to be a valid point. Since this is a scientific article that made some waves it should be addressed by the authors.

1 Like