updated 07:00 pm EDT, Fri April 22, 2011
Google denies Android secretly collecting location
Google in a statement on Friday refuted assertions that Android devices were archiving identifiable location data without users' explicit knowledge just like iOS hardware. It contended that users always had to give permission to send map positioning out to Google and were notified when a location request came. Data was also masked on its way out, Google told TechCrunch, preventing a link between a person or an individual phone and the location.
"All location sharing on Android is opt-in by the user," the full statement began. "We provide users with notice and control over the collection, sharing and use of location in order to provide a better mobile experience on Android devices. Any location data that is sent back to Google location servers is anonymized and is not tied or traceable to a specific user."
The statement is largely accurate. All Android Market apps automatically include notices of what they will do to the user before they agree to the download, making it possible to spot "stealth" apps that might try to get information in secret. Google asks new activations to volunteer location data to help improve its software, but the information is again supposed to be anonymous.
Its information may nonetheless clash with observations by security analyst security analyst Samy Kamkar that devices were sending more information than necessary. His study given to the WSJ showed Android not only sending position in the background, expected under normal conditions, but the location and quality of nearby Wi-Fi connections as well as a hardware identifier.
Google was quick to note the identifier wasn't an IMEI, a number used to recognize specific phones for activation and carrier services. The information nonetheless posed a possible danger as it could help an intruder or an unscrupulous app developer recognize an individual, even if making use of it was difficult.
Apple inadvertently started the controversy earlier in the week when it was found that iOS was keeping an unsecured log file archiving position data from several months or more. Government officials have been making preliminary investigations into whether or not the data would create a reason for alarm, but detailed looks so far have downplayed the risk. The archived info isn't believed to be sent out to Apple or anyone else and is a Core Location cache meant to help speed up position locks on follow-up visits.
Some information may also be missing or well off the mark, since it usually corresponds to cellular triangulation and not precise GPS data.