A new study by IIT Delhi highlights privacy risks from Android app location permissions using AndroCon. The study found apps can access more information than users realize, exposing sensitive data.
Privacy Concerns in Location Data
Researchers Soham Nag and Smruti R. Sarangi demonstrated that Android apps with precise location permissions can exploit fine-grained GPS data. This allows for detailed environmental inferences without using traditional sensors like cameras or microphones.
- AndroCon interprets GPS data to assess user environments.
- Potential inferences include room size, user posture, and location.
Detection and Accuracy
The study claims AndroCon can achieve 99% accuracy in detecting surroundings and 87% accuracy in recognizing human activities. Parameters like Doppler shift and signal power contribute to these assessments.
- Data reveals if rooms are crowded or empty.
- Distinguishes activities like sitting, standing, or lying down.
Implications for Android Users
Published in ACM Transactions on Sensor Networks, this research raises caution for Android users about potential data exposure. Allowing location permissions could unintentionally share sensitive activity and environment details.
The research spans 40,000 sq km over a year using multiple phone models, indicating broad applicability and implications for Android device users worldwide.
