Google has recently come under fire for its new flagship model Pixel 9 Pro XL. According to Cybernews researchers, the smartphone was found to be sending an excessive amount of personal data to the company's servers, raising concerns about user privacy.
An analysis by Cybernews experts showed that every 15 minutes the device sends packets of data to Google servers. . Information sent includes location, email address, phone number, network status, and other telemetry data. What's more, the phone periodically tries to download and run new code, which can pose security risks.
The researchers used a “man-in-the-middle” approach to intercept traffic between the phone and Google's servers. The phone was found to be transmitting Personally Identifiable Information (PII) to various endpoints such as Device Management, Policy Enforcement and Face Grouping. The smartphone also sent location data even when GPS was turned off, relying on data from nearby Wi-Fi networks.
200% Deposit Bonus up to €3,000 180% First Deposit Bonus up to $20,000Another interesting finding was that the phone contacted services without the explicit consent of the user. For example, it activated the Face Grouping feature in Google Photos, although the researchers did not interact with the application. This raised concerns about the processing of biometric data. The Voice Search function also sent various data, such as the number of device reboots and the list of installed applications.
The smartphone regularly checked the connection with Google servers for possible downloads of new software packages. This suggests that the device has the ability to remotely install software, which raises the question of user control over the device.
Although the phone did not transmit data to third parties during surveillance, it regularly requested number updates, according to’ related to fraud, probably for the call screening function. “The amount of data transferred and the possibility of remote control raise doubts about who actually owns the device”, — said Aras Nazarovas, a researcher at Cybernews.
At the time of publication, Google had not yet commented on these findings.