Key Takeaways
- An investigation raised alarms about the Pixel 9 Pro XL potentially sharing sensitive user data with Google, even before apps are installed.
- Researchers found that the phone sends personal info, like location and email, to Google every 15 minutes using a technique that intercepts data flow.
- Google denies the claims, asserting that the report is misleading and emphasizes that data sharing is necessary for essential device functions like updates and personalized features.
A recent investigation into Google’s Pixel 9 Pro XL has sparked privacy concerns that may have worried a number of users. Despite the phone’s impressive AI and hardware features, researchers at Cybernews found troubling patterns of data transmission and remote access. According to their findings, the Pixel 9 Pro XL might be sharing sensitive user info with Google, even before any apps are installed. This raises questions about how much control users really have over their devices. Google, however, strongly denies the claims, calling the report misleading and inaccurate.
Cybernews’ report suggests that the Pixel 9 Pro XL sends a data packet to Google every 15 minutes, sharing personal information like location, phone number, email, and network status. Using a “man-in-the-middle” technique, researchers intercepted the data flow between the phone and Google’s servers. They discovered that this personal info gets sent to a Google endpoint called “auth.”
Related
Google Pixel 9 Pro XL review: The best big Android phone
Google’s big flagship earns its $100 price bump and then some.
The report also highlights that the phone regularly checks in with Google, sharing details like firmware version, network type (Wi-Fi or mobile), carrier info, and the user’s email. Interestingly, even without opening the Photo app, the phone connects to Google Photos’ Face Grouping feature without asking for user permission. Another concern is the Pixel 9 Pro XL’s habit of downloading and running new code, which could open the door to security risks.
While the report raises some serious concerns, it seems to miss some key context. The data-sharing practices it describes aren’t unique to Pixel devices; they’re common across all Android phones and even iOS devices. Developers of GrapheneOS point out that Apple devices also send similar data to the Cupertino-based tech giant (via 9to5Google).
The report’s main concern is that users aren’t clearly giving consent for their personal data to be sent to Google. It also takes aim at the large volume of data being shared and notes that it doesn’t seem to follow the usual rules for anonymization.
Google denies that the Pixel 9 Pro XL is sharing too much data
In response to the report, Google stressed its dedication to user security and privacy, pointing out the different settings available for managing data sharing and app permissions. The company argued that the report misses crucial context, misinterprets technical aspects, and overlooks the need for data transmission for essential device functions like software updates, on-demand features, and personalized experiences—practices that are standard across all mobile devices, no matter the brand or operating system.