A couple of days ago, Cybernews published a report that claimed that the Pixel 9 Pro XL shares personal info with Google every 15 minutes, before even setting up the device. This includes your location, your email address and phone number, app list and other telemetry.
However, the developers behind the privacy-focused Android fork called GrapheneOS point out that this is not unique to the Pixel 9 Pro XL – it is standard Android behavior. And not just that, they point out that iOS collects pretty much the same information.
There’s a highly inaccurate article about Pixels from Cybernews making the rounds everywhere in privacy communities. It gets the details nearly completely wrong and thoroughly misrepresents things like the optional network-based location used nearly everywhere as Pixel specific.
— GrapheneOS (@GrapheneOS) October 9, 2024
Any non-Pixel device with the standard Google Play integration has similar Google service integration doing the same things. You don’t avoid it at all by using a non-Pixel, but you do end up with a device that’s far less secure and adds OEM services with their own privacy issues.
— GrapheneOS (@GrapheneOS) October 9, 2024
It goes through connections for the Google Play network-based location that’s offering as an option during the initial setup wizard, the optional Google Play account-based device management, Google Play feature flags, Google Play telemetry, etc. It gets a lot of details wrong.
— GrapheneOS (@GrapheneOS) October 9, 2024
iOS has direct equivalents to everything that’s covered.
If what people take from the article is that they should use a non-Pixel Android device with Google Play, they’ll have a dramatically less secure device with the same privacy issues and additional ones from OEM services.
— GrapheneOS (@GrapheneOS) October 9, 2024
Cybernews had reached out to Google before publishing the report and this was the response from Mountain View:
“User security and privacy are top priorities for Pixel. You can manage data sharing, app permissions and more during device setup and in your settings. This report lacks crucial context, misinterprets technical details and doesn’t fully explain that data transmissions are needed for legitimate services on all mobile devices regardless of the manufacturer, model or OS, such as software updates, on-demand features and personalized experiences,” a Google spokesperson said.
Additionally, Google has been making changes to make Android more private. Late last year, it announced that it will be moving the Your Timeline feature (a detailed track with your location history) on your device. Previously, it was stored in the cloud.
If you haven’t already, you will soon receive an email asking you to change your settings – you can move location history on device or switch on the auto-delete option (which automatically wipes the data in 3 or 18 months, depending on preference).
Timeline data is now stored on your device
You can learn more about what data is collected by Google and why on this page about the Google Play Services.