Android location data is anonymous and held only one week according to Google

May 10, 2011 | by Chris Smith

Google Android


With the current iPhone location data debacle that hit the tech sites and even the mainstream news within the last couple weeks, the US Congress has decided to ask some questions about how the big mobile players keep their devices’ location data.

Today in a Senate Judiciary Committee hearing, Alan Davidson the director of public policy at Google remarked:

“The location information sent to Google servers when users opt in to location services on Android is anonymized and stored in the aggregate and is not tied or traceable to a specific user. The collected information is stored with a hashed version of an anonymous token, which is deleted after approximately one week.”

After this Davidson spoke about the Google Location Server which manufacturers and third-parties can use to take advantage of Google’s servers for location based services. This application estimates the current location of the user and just like the native location data that is stored, this data is supposedly anonymous and private in nature.

One thing that Davidson did admit to was that Google doesn’t do anything with this info, but that sometimes can’t stop third party apps from taking advantage of it:

“If the user chooses to trust an application with location information by proceeding with the installation after viewing the location-related permissions, then that application could potentially store this location information on the device or transmit the information off the device if the application also has the Internet access permission.”

Basically, if you are installing applications that want to access your location data and other information on your phone, it is sort of fair game considering that the Google Market’s app restrictions are so lenient. I’m not saying that Google would think it’s OK to have “rogue” apps in the Market that steal user information, but I am saying that this could happen as we have seen in the past. Rather than vet the apps first, Google allows most applications in the Market and then removes them later after there has been some sort of malicious report. Of course this could prove to be too late for some users.

Word to the wise: if you are extremely concerned about your location data being accessed by someone else then you probably shouldn’t be using location services. It’s extreme, I know, but it appears that both iOS and Android have some issues that they need to get through to make their location information more secure.

Via PCMag