The ultimate Android privacy guide

December 23, 2024

On the surface, Android and privacy might not seem like the most natural of bedfellows. Google is known for its advertising business, after all — it’s how the company makes the lion’s share of its money — and it can be tough to square the notion of data collection with the concept of carefully controlled information.

In actuality, though, Google gives you a good amount of authority over how and when it taps into your Android-associated info. (And even at its worst, the company never shares your data with anyone or sells it to third parties, despite some broad misconceptions to the contrary.) Ultimately, it just comes down to a matter of educating yourself about the possibilities and then determining what balance of privacy and function makes the most sense for you.

And you’d better believe the onus falls squarely on you to do that. By default, most Google privacy valves are opened up to the max — to the setting that allows the most feature-rich and ad-supporting experience and that uses your data in the most free-flowing manner possible. That isn’t necessarily a bad thing, but it may or may not be what you want, particularly from a professional perspective. And navigating the layers of settings, not only with Google itself but also with the various third-party services that interact with your phone, is often easier said than done.

Well, consider this your guide to the labyrinth. I’ll take you through a series of 18 Android privacy adjustments, starting with the easiest and most broadly advisable tweaks and ending with higher-level tactics for the most privacy-minded users. Along the way I’ll explain what each setting accomplishes, how long it should take to implement, and how much inconvenience it’ll cause.

Make your way through the list and think thoroughly about each item’s pros and cons — and before you know it, you’ll have a deliberate Android privacy plan that’s less about defaults and more about your own preferences.

Section I: Easy Android privacy adjustments that are advisable for anyone

1. Uninstall unused apps

Time required: 2 minutes

Inconvenience level: 0/10

This first Android privacy step is a no-brainer and something everyone should do periodically: Look through all of the installed apps on your phone and remove anything you haven’t used in the past month or two (so long as it isn’t required by your IT department, of course!). Unused apps not only take a toll on your device’s resources; they also have the potential to leave open doors to sensitive info that’d be better off closed.

So open up your app drawer and mull over every icon you see there. If you haven’t used an app in a while, press and hold its icon and select “Uninstall” — or, if you don’t see that as an option, select “App info” and then find the Uninstall button. On certain Android versions, you might have to drag the app toward the top of the screen to access those same options; once you see them appear at the top of your display, drag the app up to that area and then release it.

With apps that came preinstalled on your phone out of the box, you may not always be able to uninstall but can often disable them — with the option to do so appearing either in that same long-press menu or within the aforementioned “App info” screen. That won’t get the app off your device entirely but will stop it from running and actively accessing any of your information.

2. Check on apps with access to your Google account

Time required: 2 minutes

Inconvenience level: 0/10

In addition to the phone-specific permissions, apps and services can request access to certain types of data within your Google account — things like your contacts, your Gmail messages, or even your Google Drive storage. Again, such access may be completely warranted and no cause for concern (and it’d be present only if you explicitly authorized it at some point), but once you’re no longer actively using the associated app, you don’t want to leave that pathway open.

Luckily, it’s an especially easy one to close — and another painless privacy step worth performing periodically. Just open up the Google account connections page and look over everything in the list. For any items you no longer use or don’t recognize, click their title and then click the “Delete all connections” option on the screen that comes up next.

Clamping down on third-party app access to your Google account is a simple way to secure forgotten pathways and strengthen your privacy.
JR Raphael / IDG

Click “Confirm” on the confirmation box that pops up after, then rest easy knowing that teensy crack into your data is closed up and patched over.

3. Revisit your Android app permissions

Time required: 5 minutes

Inconvenience level: 0/10

Now that we’ve taken care of apps you’re no longer using, let’s think about the ones you are still actively engaging with — because even those may have permissions you once granted but no longer require.

So open up the Security & Privacy section of your system settings and tap “Permission Manager.” Depending on your specific software and device, you might have to first tap a line that says “Privacy” or “Privacy controls” before you see it. (If you don’t see anything like that, try searching your system settings for the word permission to find the closest equivalent.)

Then, one by one, tap on each permission type in the list, look over the apps that have access to it, and consider whether each app’s access still strikes you as being necessary.

If you see something that seems questionable, tap the name of the app and then change its setting to “Deny.” There’s a chance the app will stop being able to perform one of its functions as a result, but at worst, it’ll prompt you to re-enable the permission at some future moment and you can then reconsider it.

And provided you’re using 2019’s Android 10 version or higher — and if you aren’t, you’ve got far bigger privacy problems to ponder! — pay extra attention to the “Location” section of permissions. As of that release, you can get more nuanced with that setting and allow an app to access to your location all the time or only when the app is actively in use, which gives you a lot more flexibility than the traditional all-or-nothing approach.

With 2020’s Android 11 version and higher, you can also grant apps access to your location, camera, and microphone only on a limited, single-session basis — meaning the permissions will expire and have to be requested anew each time, whenever you exit the app and move on to something else.

And with 2021’s Android 12 software and up, you can specify whether you want an app to have access to your precise location or only your approximate location, too.

Android lets you get incredibly granular about what data different apps can access, but it’s up to you to check up on it and make any necessary changes.
JR Raphael / IDG

For even more insight, look for the “Privacy dashboard” option within that same section of your system settings (or “Permissions used in last 24 hours,” for the closest equivalent in Samsung’s heavily modified version of the operating system). That’ll let you see exactly which apps have accessed different permission-requiring areas over the past 24 hours in a visual timeline view.

4. Put invisible app tracking on notice

Time required: 2 minutes

Inconvenience level: 1/10

Aside from their actual system-level permissions, apps on Android are able to track your activity in a variety of ways and then share that data elsewhere — provided they have access to the internet (which itself is a system-level permission).

Often, this is nothing nefarious. Lots of apps rely on these sorts of mechanisms to monitor performance and spot possible bugs, while others use technology considered “trackers” as part of the advertising that allows them to be monetized and continue offering you ongoing services for little to no ongoing expense.

Even so, you can take control of this type of tracking and make yourself aware of what, exactly, apps are doing in the background — and put a stop to it, if you want.

The key to making this happen comes in the unlikely-seeming spot of an Android web browser called DuckDuckGo. But you don’t need to do anything related to the actual browser function of the app to tap into it (though you certainly can, if you’d like!).

Instead, install the app, then open it up, make your way through its welcome screens, and once you see the main web browsing interface, tap the three-dot menu icon in the upper-right corner. Select “Settings,” then “App Tracking Protection.”

Flip the toggle at the top of the next screen into the on position, confirm that you want to activate the feature, and then keep an eye on your notifications.

There, DuckDuckGo will show you exactly what trackers it’s finding and blocking in apps on your device. You can also always see that same info by going back to that same settings screen within the browser.

DuckDuckGo’s App Tracking Protection feature gives you rare insight into — and control over — the typically-invisible ways apps track your activity.
JR Raphael / IDG

Now for the asterisk here: Since most of this activity isn’t actually anything to worry about, it’s possible that seeing this data will (a) cause you unnecessary stress and waste your time and (b) potentially cause some functions within apps to stop working properly — since DuckDuckGo is blocking mechanisms that may be crucial to an app’s operation.

But that same area of the browser’s settings make it easy to enable or disable the blocking on an app-by-app basis, so you can fine-tune and adjust things as you see fit.

Whether you ultimately decide to peek at the info for a while and then disable the feature or keep it running and blocking indefinitely, it’s a valuable bit of knowledge — and, optionally, power — to have.

5. Clamp down on your lock screen privacy

Time required: 1 minute

Inconvenience level: 1/10

By default, Android is typically set to show all of your notification content on your lock screen — and that means if someone else picks up your phone, they might see sensitive info without even having to put in a PIN, pattern, or passcode.

Change that by opening up the Display section of your phone’s settings, selecting “Lock screen,” then selecting “Privacy” and switching the setting to either “Show sensitive content only when unlocked” or “Don’t show notifications at all,” depending on your comfort level. (On a Samsung phone, you’ll instead open the Notifications section of the system settings and then tap “Lock screen notifications” to find a similar set of options.)

6. Opt out of Samsung’s data-sharing systems and consider avoiding its apps

Time required: 5 minutes

Inconvenience level: 1/10

If you have a Samsung phone, listen up: The company is quite possibly selling your data — not just using it internally and privately but outright selling it to third parties (and without being even remotely up-front about what’s going on).

As I’ve reported before, Samsung’s Galaxy phones have a disconcertingly intricate system for collecting different types of data from people who use its devices and then generating extra revenue by selling that data to other companies. And clearly, that’s not what you want to have happening.

So at the very least, opt of this obnoxiousness everywhere you can — most importantly by searching your system settings for customization service and then making sure the associated option is off everywhere it appears, including within the settings for the Samsung Calendar app, Samsung Clock app, Samsung Gallery app, and Samsung My Files app as well as within the “General management” settings and the settings for your Samsung account.

And if you really want to be proactive about your privacy, just ditch Samsung’s default apps altogether. You’ll get better all-around experiences by turning to other Android apps for those same purposes, anyhow, and you’ll have an easier time syncing or moving your data to non-Samsung devices now and in the future, too. And, y’know, you won’t be subjecting yourself to sneaky selling of your personal and/or company information with no discernible benefit to you.

Section II: Moderately advanced Android privacy modifications some people may want to perform

7. Turn off Google’s ad personalization system

Time required: 2 minutes

Inconvenience level: 2/10

Google makes its money by showing ads around the internet — that’s no secret. And it uses data about you to select ads that are, in theory, catered to your interests and more likely to be relevant to you. It never shares your data with advertisers, as mentioned at the top of this story, and all of the matching happens within Google and in a completely automated, machine-driven sense.

At the end of the day, you’re bound to see some of those ads no matter what you do — so there’s an argument that having the ads be catered to your interests at least creates the potential for them to be appealing as opposed to just random. But if you’d rather not have your data used for that purpose, you can turn the personalization system off.

Just head into the Google section of your system settings, tap your name and account name at the top, then tap “Manage your Google Account.”

Next, tap the Data & Privacy tab, scroll down to the “Personalized ads” section, and tap “My Ad Center” — then turn off the toggle at the top of the screen that comes up and confirm you want to make the change.

Google lets you opt out of its ad personalization system entirely, if you’re so inclined.
JR Raphael / IDG

If you’d rather take a more measured approach, you can also tap on any individual parts of your Google profile on that same screen to disable ad personalization based only on those specific variables — for instance, your gender, age, and marital status.

And one more thing to check: Make your way back to the Google settings menu where we started and tap your name and account name there one more time. If you see any additional Google accounts show up as options, be sure to tap them and follow the same steps we just went over for each subsequent account. Every Google account has its own separate settings, so you’ll have to make sure your ad personalization preferences are adjusted everywhere for them to become truly universal.

8. Reset or erase your Android advertising ID

Time required: 2 minutes

Inconvenience level: 2/10

As an alternate path to the full ad personalization opt-out, you can also now reset or erase something known as your “advertising ID” on Android.

That ID is a unique string of numbers specific to your phone that apps can use to identify you. They may not know your name or anything personal about you — unless you choose to share such info — but that advertising ID lets them learn about your interests and behaviors, even so, and then use that data to show you ads that are allegedly more likely to be up your alley.

When you reset or delete that ID, all of that data is lost — and apps have no way to connect your behavior to any consistent identifier associated with you. Again, just like with our last item, that doesn’t mean you won’t see ads within apps or around the web anymore. It just means those ads won’t be programmatically selected based on your ongoing activities and what those suggest about your interests.

Here, too, there’s some nuance available: If you reset the advertising ID, you’ll basically give yourself a fresh start and eliminate any data that’s been associated with your activity up until that moment. If you delete the ID, you’ll make it impossible for apps to identify you entirely (again, unless you choose to provide them with identifying info).

Either way, you can find the option by looking in the Security & Privacy section of your system settings, then tapping either “Privacy Controls” or “More Privacy Settings” followed by “Ads.” You’ll find both possible paths in that area, along with options to see and customize exactly which subject areas apps currently have associated with your ID, to see and customize if and how apps are able to use that data to control ads in other environments, and to opt in or out of allowing advertisers to request info that’d help them measure their ad performance over time.

Android’s advertising ID options are an untapped gold mine of privacy choices.
JR Raphael / IDG

9. Start using a VPN

Time required: 5 minutes

Inconvenience level: 2/10

If you’re using a company-connected phone, there’s a decent chance your employer is already providing you with a corporate VPN (virtual private network). But if not, it may be worth your while to set one up on your own.

A VPN, in short, keeps all the data you send and receive on your phone encrypted, private, and secure. Without it, someone could snoop on your connection and intercept sensitive info without your knowledge. (It’s an especially common concern when public Wi-Fi networks are involved.)

With widespread improvements to web security over the past several years, there’s now some debate as to whether a VPN is actually needed in most professional scenarios — especially outside of countries where authoritarian control over internet access is an issue.

Still, as long as you’re using a trustworthy and reputable provider, there’s certainly no harm in having that extra layer of protection in place. And if you’re working with sensitive company data in particular, there may be some significant benefits.

So where to begin? If you’re using a Google Pixel phone, you’ve got a VPN built right into your device and ready to roll without any expense. Just look for the “VPN” option within the Network & Internet section of your system settings, then tap the “VPN By Google” line to get it set up.

If you’re using a non-Pixel phone with the Google Fi wireless service, you also have access to a similar sort of built-in always-on VPN option. Like the Pixel VPN path, it’s free, secure, and as simple as can be to use. You can activate and manage it by tapping your name and then selecting “Privacy & security” within the Google Fi Android app. Look for the line labeled “Protect your online activity” to get started.

If you’re using any other phone and carrier, you’ll need to turn to a third-party provider to get that same sort of functionality. In its latest rankings, our sister publication, PCWorld, recommends ExpressVPN and NordVPN as its top two choices. Both have been consistently well-reviewed for years now.

Both are also minimal hassle once set up on your phone and shouldn’t change much about the way you work, but they do require an ongoing payment — roughly 13 bucks a month for either, with discounts available if you pay for a year or more up front — hence the inconvenience level score. But they’re absolutely more advisable to use than most free or dirt-cheap VPN options you’ll encounter, as those frequently mishandle data and stick you with unreasonably low usage limits in order to make up for their low costs.

10. Add extra encryption onto especially sensitive files

Time required: 3 minutes

Inconvenience level: 3/10

Give sensitive files on your phone an extra layer of encryption with Solid Explorer, which costs $3 after a two-week trial. The app lets you encrypt any file so it can be accessed only after your personal password or biometric authentication has been applied. That does mean you’ll have to unlock the file every time you want to view or share it, which can be mildly annoying — but depending on what type of material you have on your device, it might be worth it for the added peace of mind.

Solid Explorer lets you add an extra layer of encryption onto especially sensitive files.
JR Raphael / IDG

11. Find your Private and/or Safe Space

Time required: 3 minutes

Inconvenience level: 3/10

As of 2024’s Android 15 release, Android offers a native way to separate out sensitive apps and add in an extra layer of authentication to protect the information within them. The system also optionally allows you to hide those apps entirely and make ’em visible only after said authentication.

If your device is running Android 15 or higher, you can get started by searching your phone’s settings for Private Space and then selecting the “Private Space” option that shows up in the results.

Samsung devices also offer a similar feature called Secure Folder that’s available even on earlier Android builds. Search the system settings of any Galaxy gizmo for Secure Folder to find that.

And, no matter what type of Android device you’re carrying, you can find similar systems for keeping both files and photos out of sight and password-protected within the Google Files and Google Photos Android apps, respectively. Those systems don’t involve encryption, like our last measure, but they do make it far more unlikely for sensitive files and photos to be found in the first place — should anyone else ever have their hands on your device.

You can find ’em by looking for the “Safe Folder” tile on the Files app’s main screen and the “Locked” option at the bottom of the Photos app’s Collections tab.

12. Rethink your browser setup

Time required: 4 minutes

Inconvenience level: 4/10

Google’s Chrome Android browser has all sorts of impressive features, but many of them inherently require some manner of privacy tradeoff in order to work. For instance, you can easily find any page you visited on any device with a super-fast search — but in order for that to happen, Google has to maintain a cross-device record of every site you visit.

Only you can decide whether the conveniences outweigh the privacy tradeoffs, but if you want to make your Android web browsing as private as possible, Mozilla’s Firefox Focus app is hands-down the simplest, most minimal-effort way to make it happen.

Firefox Focus is designed at its core to provide an ephemeral, single-session-only sort of Android browsing experience: No history, cookies, or passwords are ever saved, and the app automatically blocks trackers and ads across the web. When you’re done with a page, you tap a trash can icon in the corner of the screen, and poof: It’s gone for good.

The app also offers a host of “enhanced tracking protection” features that make it incredibly easy to block scripts, cookies, and other forms of tracking, too. You can also configure it to require authentication every time you open it or switch to it from another app, in case you have a browsing session active and want to be sure no one else who holds your phone could possibly find it.

The downside, of course, is that there’s no syncing whatsoever — no ability to access or revisit your browsing history and also no way to find recently opened tabs from within the same browser on another device. Beyond that, aggressive blocking of cookies and other script-oriented elements on the web can often break websites and cause key functions to fail, without any obvious outward indication to you of what’s happening or why. (Believe me, I troubleshoot this stuff with people all the time!)

So if you’d rather stick with Chrome, there are things you can do to crank up its privacy protection and create a happy-medium of sorts for yourself. Start in the Sync section of the app’s settings, where you can scale down or even completely disable how different forms of your browsing data are shared with Google. Just remember that the more you disable, the more sacrifices you’ll make in terms of convenience — particularly when moving from your phone to your computer and maintaining a common collection of settings and history.

Firefox Focus and Chrome both offer a fair amount of privacy-related options, depending on which path you prefer.
JR Raphael / IDG

Other places to look include:

The app’s Google Services section, where you can stop Chrome from sending your browsing data back to Google for different reasons

The Search Engine section, where you can select any default search service you want

The Payment Methods section, where you can tell Chrome not to save or store any of your payment info

The Addresses and More section, where you can turn off Chrome’s on-by-default habit of saving your address and other such details and then offering to fill that in for you in the future

The Privacy and Security section, where you can control what info sites are allowed to see about you when serving you ads as well as prevent sites from detecting if you have payment info saved, opt out of having Chrome preload pages for faster browsing, and activate an option to lock any incognito tabs every time you exit the app

And the Site Settings section, where you can prevent all sites from accessing your location, camera, and microphone as well as control if and how cookies are allowed

13. Disable Android’s location history feature

Time required: 3 minutes

Inconvenience level: 4/10

By default, Google keeps track of everywhere you go with your Android phone in tow. That allows the software to proactively give you traffic and commute alerts for places you commonly visit and lets your phone make more intelligent suggestions based on your behavior — but it also, of course, gives Google quite the docket of data on your day-to-day whereabouts. (Again, the company doesn’t actually share that info with anyone but does use it to determine what ads are shown to you in certain places.)

If you want to turn off the system-level location tracking, open the Google section of your system settings, tap your name and account name at the top of the screen, then tap the Manage Your Google Account button. Next, tap the Data & Privacy tab and select “Location History” within the “History settings” section. (Note, too, that Google is in the midst of renaming this feature to “Timeline,” so the branding around it may change at some point before long.)

Tap the “Turn off” button on the screen that appears next and select either to turn the system off or turn it off and delete any activity that’s already been stored at the same time — and, either way you go, that’s it: Your phone won’t keep track of your treks anymore.

With a couple quick taps, you can stop Google from keeping track of your location — and optionally also eliminate all the existing data it’s stored.
JR Raphael / IDG

For a more nuanced option, look instead at the “Auto-delete” section directly beneath that button within the same Google account settings screen. There, you can instruct your phone to automatically delete all location data on a rolling three-month, 18-month, or 36-month basis — for a middle-ground possibility that’ll give you some of the standard location-oriented advantages without having quite as much data at play.

Here, too, by the way, settings are controlled on an account-by-account basis, so you’ll want to repeat this process as many times as needed for however many Google accounts you have associated with your device.

Section III: High-level Android privacy enhancements that won’t be for everyone

14. Ditch Gmail or Outlook for a more privacy-conscious email setup

Time required: 4 minutes

Inconvenience level: 6/10

If you’re really serious about privacy, ProtonMail is the inbox you want to use. ProtonMail applies end-to-end encryption to every message you send, which makes sure no one other than its intended recipient can ever set eyes on it. It’s a whole other level of protection from what you get with Gmail’s encryption or the encryption provided by most third-party mail servers.

The downside is that you have to either use a special ProtonMail.com address with the service or set up your own domain to work with ProtonMail’s servers — and anytime you’re emailing someone who isn’t a fellow ProtonMail user, you’ll have to encrypt your message with a password and a hint that they’ll then need in order to open it. That isn’t exactly easy, and it requires you to forfeit a fair amount of Gmail’s flexibility and power, but it does give you an awful lot of added privacy in return.

ProtonMail is free at its most basic level, which includes one address and 1GB of storage. If you need more storage or want any extra features — such as unlimited folders and labels and support for custom domains — you’ll have to subscribe to a paid plan, which starts at $48 a year for individuals or $84 per user per year for teams.

15. Encrypt your calls and messages

Time required: 4 minutes

Inconvenience level: 6/10

For full encryption on the calling and messaging front, Signal is the service you want. It adds end-to-end encryption only when you’re communicating with other Signal users, however — which severely limits its usefulness — and it doesn’t allow you to send and receive text messages from your computer, as most regular messaging apps now do.

Signal is free to use.

16. Consider other privacy-minded app alternatives

Time required: 4 minutes

Inconvenience level: 6/10

If you’re really concerned about maximizing your privacy, you don’t have to stop with swapping out your email, calling, and messaging tools. There’s a whole host of standard Android app alternatives — and also supplements — that offer extra privacy assurances at varying convenience-oriented costs.

Take a peek at my separate list of exceptional Android privacy and security apps for a bunch of possibilities worth exploring — such as:

Notesnook, a privacy-first note-taking app that adds end-to-end encryption into your virtual notebook

Cryptee, a fully encrypted vault for word processing as well as photo and general file storage

Simple Keyboard, an Android keyboard app with absolutely no internet access or data collection

These options won’t be right for everyone, and they require at times significant quality-of-life sacrifices compared to the standard Google equivalents. But if privacy is paramount, they’re well worth your while to weigh out.

17. Disable your Google Web & App Activity

Time required: 2 minutes

Inconvenience level: 7/10

By default, Google keeps track of what you do on the web and within its apps, whenever you’re signed into your account (as you generally are while using an Android device). It uses that info to serve up those targeted ads we keep coming back to, of course, but it also uses it to power personalization, results, and recommendations in places like Search, Maps, and also Google Assistant — in the places where that service is still active. Without it enabled, in fact, some of Assistant’s most useful commands won’t work — whether you’ve still got Assistant present on your phone or you’re interacting with it on other Assistant-connected devices.

If you want to disable that tracking, though, you can: Just head back to the Google section of your system settings, tap your name and Google account name once more, and then tap the Manage Your Google Account button followed by “Data & privacy.”

Find and tap “Web & App Activity,” then tap the Turn Off button and decide if you want to simply turn the system off or turn it off and simultaneously delete any already-collected data within it.

Once again, just like with the location history, you can also get more nuanced and instead ask Google to automatically delete this data on a rolling three-, 18-, or 36-month cycle. And you can specify certain areas of data that you do and don’t want included, too.

Deep within your Android device settings are all sorts of options for disabling or just scaling back the amount of activity Google stores about you.
JR Raphael / IDG

18. Disable your device backups

Time required: 2 minutes

Inconvenience level: 9/10

Last but not least, Android has the ability to back up your system data and then restore much of your system setup when the need arises. That’s a supremely handy option to have — but it invariably requires some of your information to be stored within Google Drive in order to work.

Specifically, Google maintains a record of what apps you have installed along with a limited amount of app setting data. It also stores your call history, phone settings, and in some cases your SMS messages for future use.

Disabling Android’s automatic backups will make your life significantly more difficult the next time you move to a new phone or reset your current phone, as everything from your previous setup will essentially be lost (or will need to be moved over manually, which is a pretty massive hassle).

If you’d rather reclaim the privacy required by this feature, however, you can turn the feature off by opening up the System section of your phone’s settings, tapping the Backup option, and flipping the toggle next to “Backup by Google One” into the off position.

On Samsung phones, the option is located within the Accounts and Backup section of the settings, under “Back up data” — beneath the “Google Drive” heading. Samsung also maintains its own separate and redundant backup system, which you’ll also see in this same settings section and can also disable, if you so choose.

As with any of these areas, only you can weigh out the added privacy against the lost convenience and figure out what arrangement makes the most sense for you. But now you know where to look — and you can make your own educated decisions.

This article was originally published in June 2020 and updated in December 2024.

Source:: Computer World

No comments

You must be logged in to post a comment.
REGISTER NOW FOR YOUR PASS
 
To ensure attendees get the full benefit of an intimate technology expo,
we are only offering a limited number of passes.
 
Get My Pass Now!