Android Mobile OS Snooping By Samsung, Xiaomi, Huawei and Realme Handsets

The privacy of mobile apps has been extensively studied, but much less attention has been paid to the privacy of the mobile OS itself. A mobile OS may communicate with servers to check for updates, send telemetry and so on. We undertake an in-depth analysis of the data sent by six variants of the Android OS, namely those developed by Samsung, Xiaomi, Huawei, Realme, LineageOS and /e/OS. We find that even when minimally configured and the handset is idle these vendorcustomized Android variants transmit substantial amounts of information to the OS developer and also to third-parties (Google, Microsoft, LinkedIn, Facebook etc) that have pre-installed system apps. While occasional communication with OS servers is to be expected, the observed data transmission goes well beyond this and raises a number of privacy concerns. There is no opt out from this data collection.