It is a fact – Google spying. If you paddle in Google’s pool via Android, Search, Assistant, Home, Gmail, Calendar, Chrome, Docs, Groups, Maps, Flights, Hotel Finder, Flights, YouTube et al. … then Google knows all.

The Australian Competition and Consumer Commission (ACCC), is investigating claims by Oracle that Android devices send Google information that you pay for via data charges. This information includes searches, what you view, and location data, even if location services are turned off.

Oracle’s claim is both self-evident and self-serving. Self-evident – well ‘dur’ almost every device connected to the internet sends some form of telemetry back to the maker’s cloud, and we use data and pay for it.

And self-serving it that Oracle’s cloud does a similar thing. It offers Data as a Service (DaaS) that aggregates, and analyses consumer data across channels and devices to create cross-channel consumer understanding. In other words, to serve targeted advertising.

But this telemetry issue (a euphemism for spying) is far larger than you think

Every Android/iOS/other smartphone has a unique phone number and IMEI. That forms part of the universal key to tying together your profile.

Your Telco knows where you are all the time

Telcos use both the 3/4G network as well as broadband data to gather ‘telemetry’. At worst it triangulates your smartphone signal to cell towers. At best it accesses your GPS chip.

Under the guise of ‘call charge records’ (CCR) it knows every word you speak, every number you call, every search you make, every text you send … It keeps logs for two years that are accessible by law enforcement and others with a warrant.

But it can also aggregate data from other sources to build a better profile to ‘better serve you’. What this means is it can both buy and sell data to provide highly targeted advertisements.

There has been a lot of discussions to expand the scope of the CCR well beyond its original use of call billing. This includes co-tracking of in-store and shopping centre location beacons. Even enabling tracking of phone use in cars and by traffic and speed cameras.

But it gets worse. Every ‘two-bit’ MVNO (mobile virtual network operator – do you trust them?) has access to CCR as well. And all operators know your HLR (Home Location Register) and VLR (Visiting Location Register). We need to regulate Telcos and MVNOs.

Apple also track every iPhone with location, use and much more

Apple iPhone calls home every time you use the device or an app, text etc. It uses this for things like ‘find my phone’ as well as to develop highly targeted advertising. It can sell such data to third-parties.

Both Apple and Android share this data, intentionally or otherwise, with app developers too. Every approved app, should it wish to, can use Apple/Android APIs to identify the location, make/model of phone, phone/IMEI number and much more.

Let’s move to the desktop

Apple Mac/iPad and Microsoft Windows can identify any user connected to the internet (as for the most part they must log in). Also, these use a reverse IP Lookup to get the location (at least of the router) and machine details.

Later model laptops and tablets have location chips, and some have 4G LTE sims as well. If you use the companies cloud-based mail/calendar or productivity software, then your data is exposed to them.