Google has found itself under investigation in Australia after allegations made by Oracle that they have been illegally collecting user data from millions of Android smartphone users.
The allegations stemmed from an investigation carried out by Oracle into the impact that Google and Facebook have on the Australian advertising market. Following that investigation, Oracle made a presentation to The Australian Competition and Consumer Commission (ACCC) that made some remarkable revelations.
What data has Google been collected?
They revealed that all Android devices were sending detailed information about online searches and internet activity back to Google. But this is just the tip of the iceberg.
Oracle also revealed that the devices were also sending Google precise location details. This information was being transmitted if the device had location services switched off and even if the device had no apps installed or no sim card inside.
Google is able to gather this information because they have mapped IP addresses, Wi-Fi connection points and mobile towers across Australia, originally as part of its Street View project.
Android devices even enable Google to figure out which floor of a multi-storey building a user is on. They can do this because Android devices are fitted with barometric devices which can measure the air pressure around the device to make this determination.
Google has denied that they collect location data without user’s permission and has made the rather controversial claim that every Android user has consented to them collecting data in this way.
Does Google have user consent?
Their updated policy, which comes into force on May 25thto coincide with the new General Data Protection Regulation coming into force in the EU, does mention Android devices but provides little detail of precisely what data they are collecting.
There is also a big question mark over whether including such information in the small print of an Android device constitutes receiving valid consent from users. Many Android users will just accept terms and conditions without reading them closely and most will therefore not know that they are sending this information to Google.
To add further insult to injury, it also appears that Google may even be making users pay for unknowingly sending their personal information. Some reports have suggested that sending this information back to Google will use up data allowances in packages bought from telecoms providers and ISPs.
There has been no independent verification of the claims made by Oracle yet. But there is no obvious reason for them not to be telling the truth on this matter.
In Australia, the ACCC has confirmed that they are investigating the claims. But the question many readers will be asking is whether this practice is confined to Australia.
How widespread is Google Android data harvesting?
It seems unlikely that Google would just be collecting data from Android users in one country. While Oracle’s investigation was confined to Australia alone, these practices they have uncovered appear to be universal.
It, therefore, seems probable that Android users around the world could be sharing all their online data with Google and could perhaps be paying for the privilege too.
So, what can they do about it? Encrypting your online activities to stop prying eyes from seeing what you are doing is the usual recommendation and using a VPN such as IPVanish or ExpressVPN is the best option to do this.
But if the data is being leaked directly from your device, it is not clear how effective even a VPN would be in securing it.
The ACCC investigation is ongoing and their findings will be made public in due course. But for anyone who is determined that Google should not have access to their online data, the best option, for now, would appear to be switching to a non-Android device as soon as possible.