An October 2021 study has disclosed some of the biggest brands to be snooping on user privacy. The study is titled “Android Mobile OS Snooping By Samsung, Xiaomi, Huawei, and Realme Handsets.” It has been published by the University of Edinburgh, UK, and Trinity College, Dublin, Ireland.
According to the study, phones with vendor-customized Android OS send huge amounts of data to the phone makers as well as third parties. There are also alternatives like LineageOS, and /e/OS that share limited or no data.
Vendor-customized phones include Samsung, Xiaomi, Huawei, and Realme. All of these phones run a custom user interface like the One UI (Samsung) or MIUI (Xiaomi) on top of Android OS. The study points out that users can’t even opt-out of data sharing on these phones.
Phones With Worst Android Privacy Settings
The above diagram from the study explains how phone manufacturers collect and link various data markers.
To start with, the study assumes a “privacy-conscious but busy/non-technical user”. It means the users who have opted out of diagnostic statistics sharing but left the phones on their default settings. It found that by default, Samsung, Xiaomi, Huawei, and Realme phones were transmitting a “substantial volume of data to their respective OEMs (i.e. Samsung, etc.) and to third-party parties that have pre-installed system apps (including Google, Microsoft, Heytap, LinkedIn, Facebook).”
These are apps that are already loaded on your phones and you can’t uninstall them. It means even if you don’t allow Microsoft or Facebook to track you, they still do it through this data. The study also points out “Re-linkability of advertising identifiers” as one of the privacy threats on these phones.
Re-linkability of advertising identifiers means even if you reset your Google advertising ID, you can’t get a clean slate. Theoretically, resetting your Google advertising ID (GAID) erases your link to the current data about you. However, phone manufacturers can link your new GAID to your phone’s IMEI number and relink that data to you. So there’s nothing you can do to avoid these companies from linking that data.
It is also important for your phone to share some of this data with the manufacturer. The study says the risk of tracking and de-anonymity is also reduced if there is a large number of handsets. In simple terms, if a company is selling a large volume of handsets, the changes of pinpointing a single user based on the collected data are reduced.
Sharing some of this data is required to get software updates. Beyond that, the study says the”extensive data collection by a mobile OS is neither necessary nor essential, but rather a choice made by the OS developer”.
Android Phones With Maximum Privacy
The study is titled around big manufacturers that sell a customized version of Android. However, it also mentions two Android variants that have airtight privacy. /e/OS and LineageOS are also Android variants but with limited data collection.
While LineageOS shares data with Google, it doesn’t collect anything other than that. Coming to /e/OS, the study finds it to be the most private Android variant. Out of the 6 data markers above, you can see that /e/OS collects no data at all.
There’s an official list of /e/OS supported phones and you can check if your phone is on it. On the other hand, we’ve also compiled a list of privacy-focused apps for Android and iOS that you can start using right away.