IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Google accused of “illegally” tracking Android users

The AAID is unique to all Android devices and can be shared with third parties for more effective targeted advertising

Renowned privacy activist and lawyer Max Schrems has accused Google of tracking Android users without their consent. 

Schrems has filed a complaint with the French data protection regulator that accuses the tech giant of infringing the privacy rights of the more than 300 million European citizens who use Android phones by generating unique advertising codes for each user. 

These Android Advertising Identifiers (AAIDs), according to Schrems’ organisation Noyb (None Of Your Business), allows both Google and third-party developers and advertisers to track users’ browsing behaviour to more effectively target them with ads. 

Android creates AAIDs without the user’s knowledge or their consent, the complaint claims, meaning that Google contravenes the 2002 ePrivacy Directive, also known as the cookie law, according to Schrems. This regulation is separate from GDPR and in the process of revision.

“Imagine having coloured powder on your feet and hands that marks your every step and action: everything you touch within the mobile ecosystem,” said privacy lawyer at Noyb, Stefano Rossetti. 

“And you can’t remove it - you can only change it to a different colour. This is what the Android Advertising ID is all about – a tracker that marks your every action within and beyond the mobile ecosystem.

“The extent of this case is bewildering. Almost all Android users seem to be affected by this technology. We, therefore, hope that the French CNIL will take action.”

According to the complaint, Android creates the AAID without consent and it serves as a license plate that uniquely identifies the phone. Google, as well as third parties, can then access the code to track user behaviour, elaborate consumption preferences and fine-tune targeted advertising. 

Google not only installs the AAID without consent, Noyb claims, but also denies users the option of deleting it. As the organisation demonstrated in a previous complaint, users can only ‘reset’ the code and are forced to generate a new tracking AAID to replace the original.

Related Resource

IT Pro 20/20: Meet the companies leaving the office for good

The 15th issue of IT Pro 20/20 looks at the nature of operating a business in 2021

IT Pro 20/20: Leaving the office for goodDOWNLOAD NOW

Filing the complaint under the ePrivacy Directive versus GDPR also means the French regulator, CNIL, will make a decision on its own, rather than needing to liaise with its European counterparts as would be required under GDPR.

This latest complaint follows a similar charge levied against Apple for a tool included with iOS 14 that tracks iPhone user behaviour without their consent. The group claimed that Apple’s IDFA stores behavioural data that operates in exactly the same way as the Android tracker the Noyb has launched its most recent complaint about.

Schrems has a track record of success when making such complaints, having previously been responsible for the complaint which invalidated the primary EU-US data-sharing mechanism, known as the Privacy Shield.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Most Popular

Former Uber security chief to face fraud charges over hack coverup
data breaches

Former Uber security chief to face fraud charges over hack coverup

29 Jun 2022
Macmillan Publishers hit by apparent cyber attack as systems are forced offline
Security

Macmillan Publishers hit by apparent cyber attack as systems are forced offline

30 Jun 2022
FCC commissioner urges Apple and Google to remove TikTok from app stores
data protection

FCC commissioner urges Apple and Google to remove TikTok from app stores

29 Jun 2022