In a new paper, researchers say that Google’s Messages and Phone apps have been collecting data from users and sending it to its servers without telling them or getting their permission, which could violate the European Union’s General Data Protection Regulation (GDPR).
“What Data Do the Google Dialer and Messaging Apps on Android Send to Google?” is the title of a paper by Douglas Leith, a computer science professor at Trinity College Dublin. The apps that send messages and calls have been sending data to Google’s servers without permission from the people who use them.
These apps, on the other hand, keep track of user communications, including an SHA-256 hash of the messages and their timestamps, phone numbers, call logs, and call durations. After that, the data is sent to the company’s servers through the Google Play Services Clearcut logger service and the Firebase Analytics service. The data helps the company figure out who sent the message or who was on the other end of the call.
Only a 128-bit value of the text’s hash can be sent to a Google server. Leith thinks it is possible to reverse the hash for short texts so that you can find out what the text is about. As of now, this is just an assumption and there’s no proof of it.
The research paper says that both of Google’s apps don’t clearly say that they collect data from third-party apps. As it turns out, when someone uses Google Takeout to export the data linked to their account, they can’t even download the data at all. People who use the Google Play Services are told that some data is being collected for security and fraud prevention. However, there is no explanation as to how or why this data is collected.
As many Android phones around the world have the Google Messages app installed, this is a big privacy mistake. Many phones from manufacturers like Xiaomi, Realme, and Motorola have the phone app as the default dialer app. Google has a history of not asking people for permission to use their data. This could be because the company wanted to hide what it was doing with its data.
All this, there is still no clear answer about whether or not Google apps are breaking the GDPR. It’s possible, though, that the company will now be investigated by the GDPR and hit with a fine.
Also See: HOW TO MAKE YOUR PHONE MORE ECO-FRIENDLY