By default, Android's settings are set up to compromise user privacy, forcing individuals to actively opt out of data sharing and tracking features that collect sensitive personal information unnecessarily.
01Turn off Location Services
›Many apps can function normally.
Location services on your phone can identify your position with remarkable accuracy, pinpointing you to within just a few meters. This level of precision is made possible by the "precise location" feature. When disabled, apps and online platforms are limited to estimating locations within a couple of miles.
Related ↗US AI models are being considered for access by trusted partners of the G7 leaders.It seemed reasonable to assume that location services were set as default on most Android devices, but recent experience proved otherwise. A mobile payment app refused to initialize unless I reactivated location sharing, which I had disabled temporarily for a separate test.
It appears that the default setting for location services on Android devices is set to precise, rather than approximate. Consequently, the mobile wallet app had been able to access my exact location at all times. The need for such pinpoint tracking by a financial app seems unnecessary and somewhat unsettling.
Read next ↗Gigabit internet purchase limited by a faulty switch port, restricting speed to 100Mbps unexpectedly.I've made a habit of disabling exact location tracking on my Android gadgets since then. Apps sometimes directly request this permission, allowing you to pick between precise or approximate locations. Typically, though, apps present three options: "Allow all the time," "Allow while using the app," and "Deny." When you grant access, it can pinpoint your exact location unless you manually toggle it off in settings.
Accessing your phone's permission manager is essential to disable precise location tracking. Navigate to Settings > Location > App location permissions by searching the settings app or directly accessing this section. A comprehensive list of apps with access to your location will be displayed. Review each app individually, checking if the "Use precise location" switch is enabled. Disable it for non-essential apps, except for Maps which requires it.
Many handsets feature a Quick Settings switch that enables users to easily toggle location services on or off.
It appears that thedefault setting for location services on Android devices is set toprecise, rather than approximate. Consequently, the mobile wallet app had been able to access my exact location at all times. The need for such pinpoint tracking by a financial app seems unnecessary and somewhat unsettling.
15Disable notification display on lock screen.
›Hide private alerts instantly.
By default, Android displays notification content on the lock screen, making sensitive information visible to anyone viewing the screen, including personal messages, emails, banking alerts and even temporary passwords.
To conceal sensitive alert details, navigate to the Settings menu under Notifications, then Lock Screen. From there, modify the "Notifications to show" option by choosing "Show notifications but conceal content." App-specific notification suppression is also an available feature.
20Disable Gboard data tracking.
›Android users' data exposed by default settings.
The most critical app for users should be the one with the strictest internet restrictions - their keyboard. Google's Gboard poses a significant threat to user privacy due to its inherent design flaw of granting itself full network access on over 1 billion devices. This default setting allows Gboard to transmit data back to Google, raising concerns about user data security and potential misuse.
Google leverages customer typing patterns to improve Gboard's text forecasting capabilities. Consequently, a "Delete learned words & data" option is available within Gboard's settings menu. Your phone's local storage retains a record of your keystrokes, which will be utilized for algorithm training purposes. This stored data fuels the prediction mechanism in Gboard.
A crucial aspect of Android data exposure lies in default settings, which don't transmit raw keystroke history directly to Google servers. Instead, a background app named JobScheduler operates on devices connected to Wi-Fi and charging, downloading an AI model that enables Gboard's local machine learning capabilities. This triggers a training session analyzing logged keystrokes from the day, sending only mathematical weights to Google through "federated training."
Google employs federated learning, ensuring raw keyboard typing data remains on the device, supposedly safeguarding user privacy. However this system has its limitations. By analyzing the training weights sent to Google via Gboard, researchers have successfully reconstructed typed words through reverse engineering.
Gboard's metadata collection goes beyond federated training data, revealing sensitive information about users' typing habits. This includes the specific app being used for typing, the number of words entered, and the duration spent typing within that app. Each log is timestamped, providing a detailed record of user activity. Furthermore, these logs are linked to the device's unique identifier and advertising ID assigned by Google, making them easily traceable back to individual Android devices.
The application requests access to a comprehensive range of user data.
Default settings on Android devices have a built-in tracking mechanism, which automatically enrolls users in logging activities without their explicit consent. To opt out, one must deliberately take action by accessing Gboard's settings through the gear icon on the menu bar and navigating to the Privacy section. Here, it is essential to disable "Share usage statistics," "Personalize for you," and "Improve for everyone" features. Additionally, clearing existing logs requires tapping "Delete learned words and data."
Using Gboard can be a significant privacy risk, prompting me to opt for an offline keyboard that offers comparable functionality without compromising user data. This alternative keyboard boasts advanced features like gesture typing and next-word prediction, which I've found to be highly effective over the past year.
When configuring an Android phone, it's crucial to adjust these three fundamental settings to safeguard online privacy. Among various options available for modification, these are the most straightforward to disable, effectively transforming the device into a more secure platform for users.
Gboard's metadata collection goesbeyond federated training data, revealingsensitive information about users' typing habits. This includes the specific app being used for typing, the number of words entered, and the duration spent typing within that app. Each log is timestamped, providing a detailed record of user activity. Furthermore, these logs are linked to the device's unique identifier and advertising ID assigned by Google, making them easily traceable back to individual Android devices.
The applicationrequests access to a comprehensive range ofuser data.
Using Gboard can be a significant privacyrisk, prompting me to opt foran offline keyboard that offers comparable functionality without compromising user data. This alternative keyboard boasts advanced features like gesture typing and next-word prediction, which I've found to be highly effective over the past year.
