Google’s SafetyCore App Secretly Scans All Photos on Android Devices

Recent revelations about Google’s SafetyCore app have ignited a firestorm of privacy debates, echoing Apple’s recent controversy over photo scanning.

The app, silently installed on Android devices via system updates, enables on-device image analysis to detect sensitive content—a feature marketed as privacy-preserving but criticized for its lack of transparency.

This incident underscores growing user unease about behind-the-scenes AI functionalities on personal devices, even when touted as security measures.

The Emergence of SafetyCore and Its Purpose

SafetyCore, introduced as part of Google’s October 2023 system updates, operates as an on-device framework for classifying content such as spam, scams, or explicit material.

Unlike cloud-based scanning, it processes data locally using machine learning models, avoiding server uploads.

Google positions this as a privacy advancement, allowing apps like Messages to flag inappropriate content without compromising user data.

However, the app’s 2GB storage footprint and background operation remained undisclosed until users detected it under “System Apps.”

GrapheneOS, a privacy-focused Android variant, clarified that SafetyCore itself doesn’t report findings to Google but provides tools for apps to analyze content locally, as per a report by Forbes.

Despite this, the absence of open-source models or upfront disclosure fueled skepticism.

The Backlash: Secrecy Versus Security

The backlash mirrors Apple’s June 2025 outcry over Enhanced Visual Search, which uploaded photo fragments to match landmarks.

While Apple’s system anonymized data, critics like cryptographer Matthew Green rebuked its stealthy enablement. Similarly, SafetyCore’s silent installation on Android 9+ devices—without opt-in consent—drew ire.

ZDNet reported that most users only discovered SafetyCore through Reddit and X posts warning of “spyware” harvesting call logs and location data.

Google maintains that SafetyCore activates only when apps request classification, with users retaining control over enabled features.

A spokesperson emphasized that “binary transparency” logs all system APK updates, aligning with Android’s “least privilege” security model.

Yet, as GrapheneOS noted, closed-source code and proprietary models hinder independent audits, leaving users reliant on Google’s assurances.

Navigating the Privacy Paradox

For privacy advocates, the issue isn’t SafetyCore’s functionality but its covert deployment.

On-device processing theoretically enhances privacy, yet secrecy erodes trust—especially given Google’s history of data practices. Tech forums erupted with guides to uninstall SafetyCore, reflecting widespread mistrust.

While Google allows disabling the app via Settings > Apps > System Apps > SafetyCore, many users remain unaware of this option.

The controversy highlights a critical lesson for tech giants: transparency is non-negotiable. Users demand clarity about AI-driven features, particularly those accessing personal data.

Apple’s and Google’s missteps reveal a gap between technical safeguards and communicative accountability.

As Matthew Green argued, “If you want to turn our phones into AI-fueled machines, tell us first”.

Google’s challenge now lies in balancing innovation with consent. The company plans to expand SafetyCore’s role, including sensitive content warnings for Messages.

Proactive communication—detailing updates in release notes or setup prompts—could mitigate backlash.

Meanwhile, open-sourcing SafetyCore’s framework, as GrapheneOS advocates, might reassure the privacy-conscious.

For users, the dilemma persists: embrace on-device AI for its security benefits or distrust opaque systems.

As ZDNet cautioned, “Just because SafetyCore doesn’t phone home doesn’t mean another Google service can’t”.

In an era of heightened privacy awareness, tech firms must prioritize visibility alongside technical safeguards—or risk alienating users already wary of digital surveillance.

Collect Threat Intelligence on the Latest Malware and Phishing Attacks with ANY.RUN TI Lookup -> Try for free