> Google's own recording of your location, for their purposes, cannot be turned off.
Citation needed. Android even lets you turn off AGPS, which collects anonymous location data to update itself. As far as I know, this is not even possible on iOS.
On Android, I noted before that when I turned on and off location services, the GPS lock was near instantaneous (i.e. when I turned on location, Google Maps located me with GPS precision immediately. There could be other ways of how this happens, it was noted in another post of mine, but that had still had me a bit suspicious. I replaced Google Play Services with microG recently (https://lineage.microg.org/). I then saw that it was MicroG, NOT the OS, that had control over my location, and MicroG still tracks my location when Location is off(https://github.com/microg/android_packages_apps_GmsCore/wiki...).
While none of this conclusively points to Google Play Services tracking me when it is off, the way that Android is set up makes me very strongly suspect that's what they did.
It's been acquired from a range of sources. Most notably, Google Streetview cars collected a very large initial data set. Once you have that, it's quite easy to maintain an up-to-date dataset by verifying new routers picked up against nearby known routers (as well as verifying against GPS sensor data obviously).
This tech is not only in Android phones, but also every Chrome browser, so that's a lot of incoming data. The API used to be used by iOS and Safari (before Apple Maps) and Mozilla Firefox (before they launched their own WiFi and cell network database; theirs is released under CC0 though so I'm sure Google use their data too).
There are also other competitors to Google, Apple, Mozilla here with their own databases, like Skyhook, Navizon, AlterGeo.
That's a great question. I cannot conclusively say that Google Play Services does that, but I cannot think of another reason for why Android would be set up that way.
Quite possibly for sensor fusion. E.g., combine with WiFi triangulation, accelerometer deltas from last fix, etc.
Play Services has a lot of stuff in it because it's easy for Google to upgrade it without going through phone vendors or carriers. It was a way to counteract the effects of many phones being on old versions of Android.
You can just go to active services and check for yourself. Of course it is possible to end the google location service. It will be back in a few seconds. In case you try too hard random pop ups start on your home screen effectively making the phone unusable.
Google's biggest trick is that it made people feel like everything is in their hands (including and especially developers which is really sad).
To get around this, ad networks can often buy location data directly from cell carriers themselves. While Google may not sell this, Sprint and others will for the right price and conditions.
Yes, but not through GPS, or the location information compiled about my logins would be way more accurate than it is (often off by 100-200 km in any direction). Probably IP based geo location (that would naturally trigger with VPNs that give you an IP in $whereever).
That has nothing to do with the GPS setting of your phone.
That's picking a nit. GP or whatever said "GPS", but does it matter which technology is used to track your location? Clearly not. And many users say "GPS" to mean all location technologies too, so this doesn't seem like a useful nit to pick, honestly.
Every time you load a web page they can see your IP address, and IP addresses can be mapped back to rough locations. Sometimes people use "GPS" to also include things like your phone figuring out where it is based on what WiFi names it can see, but I don't think I've ever seen it for IP-based geolocation.
Right. There's the IP address, cell tower location, wifi name location, and GPS. People don't care which it is, except they want it (because then they want precision).
Stop communicating silently with your servers. Do it. Ask for each and every call to them unless the communication is already confirmed by users. Make all http* communication go trough http proxy which logs all the traffic in clearly visible form and only than make https. Show the data sent, make google play and framework open source. Enable users to see your hidden syncs (oh yeah those with asterisks infront (you DO know about them, right?) and disable them and keep their settings after updates instead of resetting them. Explain why with microg, the battery and network usage drops for 1/3. And I am not using any of your "services", no maps, no gmail, dns (oh yeah my rom is modified, a lot) nothing. Stop bubbling! Stop corelating order of pages visited to fingerprint users (and I know you are doing this), stop using cell towers to get location even if gps is turned off. Stop giving ISPs your boxes which makes spying on users local on ISP level.
Either you have no clue about what is going on in your company or you are here as a PR guy.
I really hope that GDPR will hit you hard, as far as I am concerned you are far worse than Facebook, more harmfull than Monsanto, you have opened Pandoras box of user tracking and becoase of you now every single company is doing it. And just so you know, by writting this, my karma will fall for at least 10 points as your fanbase (which typically doesnt even understand what I have written) will downvote me a lot. I am telling you this just for you to understand how very pissed off on behaviour of your company some people are. The only thing that is into your favor was actually your biggest mistake - you have mistakenly made android open source which makes it far more feasible to silence it down to the point where it no longer communicates with your domains. This was maybe when you were still having the "don't be evil" attitude, at least as form of PR.
The complaint above was about login screens "knowing" about people's locations.
When you log in to a service (eg. Google), the device doesn't "silently" communicate with the servers, you asked it to. It sends a request with credentials, as it should. That request naturally comes with an IP address, which can be mapped to a rough location with no further information by the client.
I don't think anyone mentioned anything about GPS until now. We're talking about Google recording your location, which can be inferred from a number of sources, including GPS, WiPS/WFPS, IP, and others. WiPS/WFPS is the most commonly used by Google.
I guess I was unclear: that could probably be reworded to say "I don't think anyone specified GPS"
That ggp prefixed that line on AGPS with "even"; they were asking for citation that Google persistently tracks location, and just used AGPS as one example.
The point being, saying Google allows you to disable GPS is a world away from saying Google allows you to disable location tracking. And I'm not talking about IP geolocation.
I don't even know if they do completely respect your choice to disable GPS (citation needed indeed here), but I do know that they persistently track you via WiPS/WFPS at the very least, if not other methods.
On Android, I noted before that when I turned on and off location services, the GPS lock was near instantaneous (i.e. when I turned on location, Google Maps located me with GPS precision immediately. There could be other ways of how this happens, it was noted in another post of mine, but that had still had me a bit suspicious. I replaced Google Play Services with microG recently (https://lineage.microg.org/). I then saw that it was MicroG, NOT the OS, that had control over my location, and MicroG still tracks my location when Location is off(https://github.com/microg/android_packages_apps_GmsCore/wiki...).
While none of this conclusively points to Google Play Services tracking me when it is off, the way that Android is set up makes me very strongly suspect that's what they did.