Saturday, February 15, 2025
HomeSecurity NewsGoogle Collects Android Users Location Even though you have Turnoff Location Services

Google Collects Android Users Location Even though you have Turnoff Location Services

Published on

SIEM as a Service

Follow Us on Google News

Android phones collecting users location data even when you are offline and send it back to google once you have connected to the Internet. Even though if you have turned off Location services or removed SIM card.

Starting from 2017 Android phones started collecting address of nearby cellphone towers even if you turn off location services and send back to Google once you come online, according to Quartz investigation.

Quartz contacted Google and they confirmed the practice. According to Google Spokesperson Google uses to manage push notifications and messages on Android phones for the past 11 months. He also added they never used or stored data.

Devices that connected to mobile data or WiFi use to send data to Google whenever they come across with a new cell tower. Quartz observed even after default factory reset and apps with location service disabled it continues to send nearby cell tower address to Google.

It is still unclear how the cell tower address transmitted as a data string will improve the message delivery and not limited to any particular type of Android phone or tablet; Google was apparently collecting cell tower data from all modern Android devices before being contacted by Quartz.

The practice is annoying and it breaks the user’s privacy. Anyway the data sent is encrypted, but still, it can be potentially used if the device is compromised with Spyware.

Also Read Interesting to See How Google Recognize Traffic Condition

Nowadays it is not a surprise to see a malicious app on Google play store, hackers continued to deceive the Google safety checks even after Google play protect implementation.

Google’s privacy policy says that they can collect the information from devices that use services, but not indicates they can collect even if the location sharing is disabled.
When you use Google services, we may collect and process information about your actual location. We use various technologies to determine location, including IP address, GPS, and other sensors that may, for example, provide Google with information on nearby devices, Wi-Fi access points, and cell towers.

There is no way for users to turn off the collection of cell tower data, according to Google they are to end the practice by end of this month and Android phones will no longer send cell-tower location data to Google.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Fake BSOD Attack Launched via Malicious Python Script

A peculiar malicious Python script has surfaced, employing an unusual and amusing anti-analysis trick...

SocGholish Malware Dropped from Hacked Web Pages using Weaponized ZIP Files

A recent wave of cyberattacks leveraging the SocGholish malware framework has been observed using...

Lazarus Group Targets Developers Worldwide with New Malware Tactic

North Korea's Lazarus Group, a state-sponsored cybercriminal organization, has launched a sophisticated global campaign...

North Korean IT Workers Penetrate Global Firms to Install System Backdoors

In a concerning escalation of cyber threats, North Korean IT operatives have infiltrated global...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

New FUD Malware Targets MacOS, Evading Antivirus and Security Tools

A new strain of Fully Undetectable (FUD) macOS malware, dubbed "Tiny FUD," has emerged,...

Google Blocks 2.28 Million Malicious Apps from Play Store in Security Crackdown

In a continued commitment to enhancing user safety and trust, Google has outlined significant...

Hackers Exploiting DNS Poisoning to Compromise Active Directory Environments

A groundbreaking technique for Kerberos relaying over HTTP, leveraging multicast poisoning, has been recently...