Most smartphones even without the additional bloatware have pre-installed apps like Google’s suite of apps and Microsoft apps. These apps sit inside the read-only memory (ROM), and cannot be deleted. What usually happens is that these apps are left unused but even when idle, these devices continue to send data, the researchers said. And this is even when you’ve never opened any of the apps.
With firms like Google and Apple continuously offering new tools to secure user data, privacy and security have become more recognisable terms. However, loopholes are still uncovered from time to time, and a recent one claims that Android phones monitor you even after you’ve switched off all trackers. The data-sharing practises of several custom Android versions on Samsung, Xiaomi, Huawei, and Realme smartphones were studied by Trinity College Dublin researchers. The researchers discovered that these devices transfer data to both the OS developers and chosen third parties such as Google, Microsoft, LinkedIn, and Facebook on a regular basis. Users do not have the ability to opt out of this. The major perpetrators are behi.
Companies like Realme, Samsung, Xiaomi and Google collect long-lived device identifiers such as the hardware serial number, and advertising IDs. As for apps that may have been used once in a while, data like timestamps of when you used the app and the duration are shared with Google Analytics. This was found in the case of apps like Samsung Pass, Game Launcher and Bixby, and even the Google Messages app on Xiaomi phones. Researchers also found another popular pre-installed app ‘SwiftKey’ that sent details of when the keyboard was used in another app or anywhere else on the device with Microsoft. In addition to device and app data, user interactions with the device are also sent to Samsung, Xiaomi and Huawei. And out of all the OEMs, Xiaomi collects the most extensive data on user handset interactions with apps.
According to responses shared by Google and Huawei to this research, most of the user data shared doesn’t mean a breach of privacy and instead helps with software updates. Also, if the data is common to many handsets it cannot be linked back to a specific device or user. But the collection of such data can reveal the time and duration of phone calls or when messages are sent and received. The list of apps installed on the devices can also reveal the user’s preferences and traits, and this list of apps can act as a handset fingerprint which can then be used for tracking. The only way to delete these pre-installed apps is to root your device which isn’t a convenient solution for all users. So meanwhile such data will continue being sent to manufacturers and third parties with potential risks of the data being used to track users.