Google’s new phones can’t stop phoning home

The call is coming from inside the house.

Cory Doctorow
9 min readOct 8, 2024
A photo of a 1950s-era teen girl lying on a pink bed, holding a Princess phone to her head. Her face has been replaced with the glaring red eye of HAL 9000 from Stanley Kubrick’s ‘2001: A Space Odyssey.’ The phone’s handset, coil and body have been recolored with stripes in Google’s four logo colors. Three Android mascot/robots peek out around her body. Image: Cryteria (modified) https://commons.wikimedia.org/wiki/File:HAL9000.svg CC BY 3.0 https://creativecommons.org/licenses/by/3.0/deed.en

On October 23 at 7PM, I’ll be in Decatur, presenting my novel The Bezzle at Eagle Eye Books.

One of the most brazen lies of Big Tech is that people like commercial surveillance, a fact you can verify for yourself by simply observing how many people end up using products that spy on them. If they didn’t like spying, they wouldn’t opt into being spied on.

This lie has spread to the law enforcement and national security agencies, who treasure Big Tech’s surveillance as an off-the-books trove of warrantless data that no court would ever permit them to gather on their own. Back in 2017, I found myself at SXSW, debating an FBI agent who was defending the Bureau’s gigantic facial recognition database, which, he claimed, contained the faces of virtually every American:

https://www.theguardian.com/culture/2017/mar/11/sxsw-facial-recognition-biometrics-surveillance-panel

The agent insisted that the FBI had acquired all those faces through legitimate means, by accessing public sources of people’s faces. In other words, we’d all opted in to FBI facial recognition surveillance. “Sure,” I said, “to opt out, just don’t have a face.”

This pathology is endemic to neoliberal thinking, which insists that all our political matters can be reduced to economic ones, specifically, the kind of economic questions that can be mathematically modeled and empirically tested. It would be great if all our thorniest problems could be solved like mathematical equations.

Unfortunately, there are key elements of these systems that can’t be reliably quantified and turned into mathematical operators, especially power. The fact that someone did something tells you nothing about whether they chose to do so — to understand whether someone was coerced or made a free choice, you have to consider the power relationships involved.

Conservatives hate this idea. They want to live in a neat world of “revealed preferences,” where the fact that you’re working in a job where you’re regularly exposed to carcinogens, or that you’ve stayed with a spouse who beats the shit out of you, or that you’re homeless, or that you’re addicted to Oxy, is a matter of choice. Monopolies exist because we all love the monopolist’s product best, not because they’ve got monopoly power. Jobs that pay starvation wages exist because people want to work full time for so little money that they need food-stamps just to survive. Intervening in any of these situations is “woke paternalism,” where the government thinks it knows better than you and intervenes to take away your right to consume unsafe products, get maimed at work, or have your jaw broken by your husband.

Which is why neoliberals insist that politics should be reduced to economics, and that economics should be carried out as if power didn’t exist:

https://pluralistic.net/2024/10/05/farrago/#jeffty-is-five

Nowhere is this stupid trick more visible than in the surveillance fight. For example, Google claims that it tracks your location because you asked it to, by using Google products that make use of your location without clicking an opt out button.

In reality, Google has the power to simply ignore your preferences about location tracking. In 2021, the Arizona Attorney General’s privacy case against Google yielded a bunch of internal memos, including memos from Google’s senior product manager for location services Jen Chai complaining that she had turned off location tracking in three places and was still being tracked:

https://pluralistic.net/2021/06/01/you-are-here/#goog

Multiple googlers complained about this: they’d gone through dozens of preference screens, hunting for “don’t track my location” checkboxes, and still they found that they were being tracked. These were people who worked under Chai on the location services team. If the head of that team, and her subordinates, couldn’t figure out how to opt out of location tracking, what chance did you have?

Despite all this, I’ve found myself continuing to use stock Google Pixel phones running stock Google Android. There were three reasons for this:

First and most importantly: security. While I worry about Google tracking me, I am as worried (or more) about foreign governments, random hackers, and dedicated attackers gaining access to my phone. Google’s appetite for my personal data knows no bounds, but at least the company is serious about patching defects in the Pixel line.

Second: coercion. There are a lot of apps that I need to run — to pay for parking, say, or to access my credit union or control my rooftop solar — that either won’t run on jailbroken Android phones or require constant tweaking to keep running.

Finally: time. I already have the equivalent of three full time jobs and struggle every day to complete my essential tasks, including managing complex health issues and being there for my family. The time I take out of my schedule to actively manage a de-Googled Android would come at the expense of either my professional or personal life.

And despite Google’s enshittificatory impulses, the Pixels are reliably high-quality, robust phones that get the hell out of the way and let me do my job. The Pixels are Google’s flagship electronic products, and the company acts like it.

Until now.

A new report from Cybernews reveals just how much data the next generation Pixel 9 phones collect and transmit to Google, without any user intervention, and in defiance of the owner’s express preferences to the contrary:

https://cybernews.com/security/google-pixel-9-phone-beams-data-and-awaits-commands/

The Pixel 9 phones home every 15 minutes, even when it’s not in use, sharing “location, email address, phone number, network status, and other telemetry.” Additionally, every 40 minutes, the new Pixels transmit “firmware version, whether connected to WiFi or using mobile data, the SIM card Carrier, and the user’s email address.” Even further, even if you’ve never opened Google Photos, the phone contacts Google Photos’ Face Grouping API at regular intervals. Another process periodically contacts Google’s Voice Search servers, even if you never use Voice Search, transmitting “the number of times the device was restarted, the time elapsed since powering on, and a list of apps installed on the device, including the sideloaded ones.”

All of this is without any consent. Or rather, without any consent beyond the “revealed preference” of just buying a phone from Google (“to opt out, don’t have a face”).

What’s more, the Cybernews report probably undercounts the amount of passive surveillance the Pixel 9 undertakes. To monitor their testbench phone, Cybernews had to root it and install Magisk, a monitoring tool. In order to do that, they had to disable the AI features that Google touts as the centerpiece of Pixel 9. AI is, of course, notoriously data-hungry and privacy invasive, and all the above represents the data collection the Pixel 9 undertakes without any of its AI nonsense.

It just gets worse. The Pixel 9 also routinely connects to a “CloudDPC” server run by Google. Normally, this is a server that an enterprise customer would connect its employees’ devices to, allowing the company to push updates to employees’ phones without any action on their part. But Google has designed the Pixel 9 so that privately owned phones do the same thing with Google, allowing for zero-click, no-notification software changes on devices that you own.

This is the kind of measure that works well, but fails badly. It assumes that the risk of Pixel owners failing to download a patch outweighs the risk of a Google insider pushing out a malicious update. Why would Google do that? Well, perhaps a rogue employee wants to spy on his ex-girlfriend:

https://www.wired.com/2010/09/google-spy/

Or maybe a Google executive wins an internal power struggle and decrees that Google’s products should be made shittier so you need to take more steps to solve your problems, which generates more chances to serve ads:

https://pluralistic.net/2024/04/24/naming-names/#prabhakar-raghavan

Or maybe Google capitulates to an authoritarian government who orders them to install a malicious update to facilitate a campaign of oppressive spying and control:

https://en.wikipedia.org/wiki/Dragonfly_(search_engine)

Indeed, merely by installing a feature that can be abused this way, Google encourages bad actors to abuse it. It’s a lot harder for a government or an asshole executive to demand a malicious downgrade of a Google product if users have to accept that downgrade before it takes effect. By removing that choice, Google has greased the skids for malicious downgrades, from both internal and external sources.

Google will insist that these anti-features — both the spying and the permissionless updating — are essential, that it’s literally impossible to imagine building a phone that doesn’t do these things. This is one of Big Tech’s stupidest gambits. It’s the same ruse that Zuck deploys when he says that it’s impossible to chat with a friend or plan a potluck dinner without letting Facebook spy on you. It’s Tim Cook’s insistence that there’s no way to have a safe, easy to use, secure computing environment without giving Apple a veto over what software you can run and who can fix your device — and that this veto must come with a 30% rake from every dollar you spend on your phone.

The thing is, we know it’s possible to separate these things, because they used to be separate. Facebook used to sell itself as the privacy-forward alternative to Myspace, where they would never spy on you (not coincidentally, this is also the best period in Facebook’s history, from a user perspective):

https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3247362

And we know it’s possible to make a Pixel that doesn’t do all this nonsense because Google makes other Pixel phones that don’t do all this nonsense, like the Pixel 8 that’s in my pocket as I type these words.

This doesn’t stop Big Tech from gaslighting* us and insisting that demanding a Pixel that doesn’t phone home four times an hour is like demanding water that isn’t wet.

*pronounced “jass-lighting”

Even before I read this report, I was thinking about what I would do when I broke my current phone (I’m a klutz and I travel a lot, so my gadgets break pretty frequently). Google’s latest OS updates have already crammed a bunch of AI bullshit into my Pixel 8 (and Google puts the “invoke AI bullshit” button in the spot where the “do something useful” button used to be, meaning I accidentally pull up the AI bullshit screen several times/day).

Assuming no catastrophic phone disasters, I’ve got a little while before my next phone, but I reckon when it’s time to upgrade, I’ll be switching to a phone from the @calyxinstitute@mastodon.social. Calyx is an incredible, privacy-focused nonprofit whose founder, Nicholas Merrill, was the first person to successfully resist one of the Patriot Act’s “sneek-and-peek” warrants, spending 11 years defending his users’ privacy from secret — and, ultimately, unconstitutional — surveillance:

https://www.eff.org/deeplinks/2013/03/depth-judge-illstons-remarkable-order-striking-down-nsl-statute

Merrill and Calyx have tapped into various obscure corners of US wireless spectrum licenses that require major carriers to give ultra-cheap access to nonprofits, allowing them to offer unlimited, surveillance-free, Net Neutrality respecting wireless data packages:

https://memex.craphound.com/2016/09/22/i-have-found-a-secret-tunnel-that-runs-underneath-the-phone-companies-and-emerges-in-paradise/

I’ve been a very happy Calyx user in years gone by, but ultimately, I slipped into the default of using stock Pixel handsets with Google’s Fi service.

But even as I’ve grown increasingly uncomfortable with the direction of Google’s Android and Pixel programs, I’ve grown increasingly impressed with Calyx’s offerings. The company has graduated from selling mobile hotspots with unlimited data SIMs to selling jailbroken, de-Googled Pixel phones that have all the hardware reliability of a Pixel, coupled with an alternative app suite and your choice of a Calyx SIM and/or a Calyx hotspot:

https://calyxinstitute.org/

Every time I see what Calyx is up to, I think, dammit, it’s really time to de-Google my phone. With the Pixel 9 descending to new depths of enshittification, that decision just got a lot easier. When my current phone croaks, I’ll be talking to Calyx.

Tor Books just published two new, free “Little Brother” stories: “Vigilant,” a about creepy surveillance in distance education; and “Spill,” about oil pipelines and indigenous landback.

If you’d like an essay-formatted version of this post to read or share, here’s a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:

https://pluralistic.net/2024/10/08/water-thats-not-wet/#pixelated

--

--