Android users be warned: Google Chrome is harvesting sensitive data without user awareness. Even worse, the data is free-for-all. Any mobile website on Chrome can access the smartphone's device sensors.
Google is the most popular web browser in the world. It is also the largest digital advertising platform that controls 75 percent of web traffic. One reason for its massive success is possibly its efficiency as a data harvester.
The tech giant has a long history of security and privacy issues. Just last month, Google warned its 2.6 billion users about zero-day exploits and four "high" rated vulnerabilities. Keep in mind Google is both a search engine and a web browser, so it has access to user data on both ends.
Google Android: User Data Exposed by Default
The latest Google privacy breach can be summarized in one statement: Chrome gives out your sensor data for free. This means any website running on Chrome can access and harvest data from the smartphone's sensors.
Cybersecurity experts from Forbes recently discovered the privacy breach when browsing in Chrome. They said Google used the information "for measuring ad interactions, verifying ad impressions, and tracking devices. Our analysis uncovered several scripts that are sending raw sensor data to remote servers."
Unlike Apple, which asks for user permission to activate the sensor, Google turns the function on by default. Chrome settings "recommends" leaving it on, which is why all websites in the platform gain free access.
When The Sun asked Google about the issue, their spokesperson said, "We intentionally limit the resolution of motion sensors in Chrome, and since 2019 we've had controls that allow users to block websites from accessing a device's motion sensors altogether. We take user security and privacy seriously, and we're always working on new ways to improve security and privacy in Chrome."
Here is the key takeaway on the issue: users have the freedom to disable the data tracking function. However, until they do so, all phone motion data is for open access to anybody in the internet.
How to Improve Google Cybersecurity
The best solution to resolve this issue is to delete Chrome and move out to a different browser. However, for users who want to stick with Chrome, they can manually turn off the site permissions.
Here are the following steps to check on Chrome's data sensor activity and to disable it:
- Open Google Chrome on Android
- Click on the "three dots" to open more settings
- Scroll down and click "Settings"
- Under "Advanced" click on "Site Settings"
- Open the "Motion Sensors" and toggle it off
Unfortunately, users have to repeat this procedure with every website they visit to ensure maximum security. For reference, Twitter user Mysk posted a quick video guide on how to turn it off.
Dear #Android users,— Mysk 🇨🇦🇩🇪 (@mysk_co) October 29, 2021
Chrome shares your motion sensor with all the websites you visit by default.
This video shows how you can disable it. Please do it now.
You can learn more about this here:https://t.co/zMbPpuX3VH#CyberSecurity #Privacy pic.twitter.com/riWNQUfxKB