Trinity study says Google sending device identifiers, ad cookies via native apps
Fresh data protection concerns have been raised by a Trinity College Dublin study about storage of cookies, identifiers, and other data on Android phones by Google Play Services, the Google Play store and other pre-installed Google apps.
A study by Prof. Doug Leith, Professor of Computer Systems at Trinity’s School of Computer Science & Statistics, found that advertising and tracking cookies and other device and user identifiers are being sent by Google servers and stored on a handset, even when no Google apps have ever been opened by the user.
The study also found that analytics cookies used for A/B testing of changes to Google apps are downloaded and stored on the handset by Google Play Services and then transmitted alongside app telemetry data to Google servers, and that multiple other cookies and identifiers which can act to uniquely identify the handset and/or user are also downloaded and stored on the handset.
Prof Leith said: “We all know that our consent is needed before a website stores advertising and tracking cookies when we visit it. The same EU cookie law, the e-Privacy Directive, also applies to apps running on mobile phones. Cookies stored by apps have received far less attention than Web cookies, partly because they are harder to detect, and a closer look at them is long overdue.
“Google Play Services and the Google Play store are pre-installed on almost every Android phone. This study shows that they silently store advertising and other tracking cookies and data on people’s phones. No consent for this is sought by Google, and there is no way to block these cookies.
“This study is a wake-up call to the Irish Data Protection Commissioner, to enforce EU data protection rules and start properly protecting Irish and EU users of Android phones.”
TechCentral Reporters
Subscribers 0
Fans 0
Followers 0
Followers