Are the new Google Pixel phones spying on you?

Google Pixel 9 Pro XL in hazel color showing cameras and Google G logo
(Image credit: Google)

The new Google Pixel series landed on the market at the end of August, filling aficionados with excitement. Google Pixel 9 comes with a sleek new design, advanced cameras, and overall improved performance, all while bringing the best of Google AI to your fingertips. However, experts warn it may come at the cost of your privacy – and not even the best VPN apps can help.

According to a Cybernews report published on October 9, the shiny new phone allegedly sends a huge amount of your private data (like location, network status, phone number, and app list) every 15 minutes to the Big Tech giant's servers. Researchers even claim it potentially has remote management capabilities without user awareness or approval.

Google has denied all the allegations, saying that some data transmission is essential to offer its services. The company has also accused Cybernews' report of lacking "crucial context" while misinterpreting technical details.

Keep reading as I try to shed some light on the matter while walking you through my top security tips to boost your mobile privacy.

Data privacy and security claims

The Cybernews report makes a lot of claims about the extent of Google's surveillance within its latest flagship smartphone series.

As mentioned earlier, the manufacturer allegedly sends the user's personally identifiable information in the background every 15 minutes to various Google endpoints, including Device Management, Policy Enforcement, and Face Grouping. This data includes their email address, phone number, location, app list, and other telemetry and statistics.

Google Pixel 9 supposedly requests a 'check-in’ endpoint around every 40 minutes, too, listing low-level features enabled on the phone. These include data such as whether the device is connected to Wi-Fi or using mobile data, the SIM card carrier, and so on.

Researchers also claim the Google Pixel 9 initiates communication with services the user didn’t explicitly consent to, including its Photos app and Voice Search feature.

At the same time, the device supposedly shows signs of some remote management and control capabilities. During the research, it periodically calls out to a Staging environment service (‘enterprise-staging.sandbox’) and attempts to download assets that do not yet exist. According to Cybernews experts, this might suggest the capability of remotely installing new software packages.

All the tests were carried out on a new Google Pixel 9 Pro XL after installing Magisk, a free and open-source software used to root Android devices. This methodology disabled AI features, however, and researchers explain that this mean that it didn't allow for the capture of complete traffic.

Nonetheless, "The amount of data transmitted and the potential for remote management casts doubt on who truly owns the device," said Aras Nazarovas, a security researcher at Cybernews. "Users may have paid for it, but the deep integration of surveillance systems in the ecosystem may leave users vulnerable to privacy violations."

Google dismissed the allegations

Google firmly rejects Cybernews' allegations. The company explains that these types of data transmission are necessary for all mobile devices.

"This report lacks crucial context, misinterprets technical details, and doesn't fully explain that data transmissions are needed for legitimate services on all mobile devices regardless of the manufacturer, model, or OS, such as software updates, on-demand features, and personalized experiences," a Google spokesperson told Cybernews.

Google also expressed some perplexities around the methodology researchers used, noting the difficulty in recreating exact scenarios when the device is modified (rooted).

"User security and privacy are top priorities for Pixel. You can manage data sharing, app permissions, and more during device setup and in your settings," said a Google spokesperson, while adding that Pixel users need to explicitly consent to sensitive permissions such as location, background apps, and usage data.

Cybernews researchers believe the potential benefits of using a Google Pixel 9 phone outweigh the potential risks.

On the other hand, Cybernews stands by its findings and maintains that certain data collection and usage aspects raise valid concerns regarding privacy and transparency.

Despite some of the observed data transmissions being necessary to provide built-in services, Nazarovas told me the research points out that these data transmissions are enabled by default or strongly suggests that the user enables them through "dark patterns" practices. "Additionally, we believe the same functionality can be provided by transmitting less sensitive and private data and using anonymized identifiers," he added.

Yet, at the same time, Cybernews researchers believe the potential benefits of using a Google Pixel 9 phone outweigh the potential risks. "However, as the technology evolves, it is imperative that companies ensure transparency, safeguarding, and user controls," Nazarovas told me.

I recommend checking for yourself what data is collected by Google's services to know exactly what information you might be sharing with the provider.

Bottom line

At this point, you might be wondering if there are more secure smartphone alternatives to a Google Pixel 9 when it comes to privacy protection. For instance, iPhone devices are often considered more secure than Android phones thanks to, among other things, Apple's focus on privacy and security features.

If you already got yourself a Pixel 9, don't worry – Nazarovas nonetheless believes that Google Pixel phones are the most private and secure Android on the market right now. Competitors typically send similar amounts and types of data to Google as well, he told me, while collecting some user data themselves. "The general community consensus is that iPhones also collect the same types of data as Google Pixel phones," he added.

Revise Google's default settings to manually opt out of some services that send data in the background

The good news is that you can take more agency over your data when using your shiny new Google Pixel 9 device. Nazarovas recommends revising Google's default settings to manually opt out of some services that send data in the background.

"That being said, we believe it was the correct decision to test the phone using the default and suggested settings, as historically, most people use their devices and software in such default configurations," he added.

Another thing to keep in mind is that any smartphone can be vulnerable to hackers, viruses, or malware infections.

I also suggest taking a proactive approach to phone hacking prevention, including keeping your device always up-to-date, managing all your app's permission, and using reliable security software like virtual private networks and antivirus services.

TOPICS
Chiara Castro
News Editor (Tech Software)

Chiara is a multimedia journalist committed to covering stories to help promote the rights and denounce the abuses of the digital side of life – wherever cybersecurity, markets, and politics tangle up. She writes news, interviews, and analysis on data privacy, online censorship, digital rights, cybercrime, and security software, with a special focus on VPNs, for TechRadar and TechRadar Pro. Got a story, tip-off, or something tech-interesting to say? Reach out to chiara.castro@futurenet.com

Read more
Photograph of a hand holding a smartphone with two googly eyes
Every tap, every message – how to stop your smartphone spying on you
A man holds a smartphone iPhone screen showing various social media apps including YouTube, TikTok, Facebook, Threads, Instagram and X
Which apps were most hungry for your data in 2024?
Photograph of a woman looking at map on a smartphone
How to use location apps without leaving a trail of data and getting followed everywhere you go
Young woman holds a smartphone with a beam of light obscuring her eyes
Privacy powerhouses: 5 apps to take your online security to the next level
 In this photo illustration a Google Play logo seen displayed on a smartphone.
Why is there so much spyware hidden in the Play Store?
Biometric identification of a woman face on a pink background
I spent 7 days on a data detox – here's what I learned
Latest in Phones
Three iPhone 16 handsets on show
Apple could launch an iPhone 17 Ultra this year – but we've heard these rumors before
Man using iMessage on an iPhone
Apple will finally enable encrypted RCS messages between iOS and Android, and it's about time
Android 16 logo on a phone
Android 16 Beta 3 has arrived – here are the 4 features I think will be the most useful
Apple iPhone 16e on blue background with big savings text overlay
Total Wireless' latest iPhone 16e deal gets you $300 off plus a cheap plan for a year
Apple iPhone 16e REVIEW
Some iPhone 16e owners are reporting Bluetooth audio issues that could be an iOS problem
The Apple iPhone 16e held at a slant at a window
From iPhone to Android and (almost) back again – the iPhone 16e failed to lure me back to iOS
Latest in Features
Disappointed by The Electric State? Here's 4 reasons you should watch Tales From the Loop on Prime Video
Close up of PS5 DualSense controller leaning on a PS5
5 reasons your PS5 needs a VPN
Warhammer 40,000: Space Marine 2
With discounts of up to 95%, these are the biggest deals I've managed to find in the Steam Spring Sale
The cast of The Parenting
The Parenting is Max's #1 most-watched movie but it has frightening reviews – here are 3 better horror films with over 90% on Rotten Tomatoes
Dr. Peter Zhou, President of Huawei Data Storage Product Line
Why AI commonization is so important for business intelligent transformation and what Huawei’s data storage has to offer
Asif Ali Saagar Shaikh and Poorna Jagannathan stand in line with a convenience store backdrop. Poorna is standing at the front with her arms on her hips in Deli Boys.
Hulu has 36 new shows this month – here are 3 you should watch this weekend with over 89% on Rotten Tomatoes