Google’s Private Data Retention

Ein Artikel von , veröffentlicht am 01.07.2016

Google apparently stores phone numbers, calling-party numbers, duration of calls, and many other telephony metadata when people place and receive calls using Android phones. Peter Schaar, former German federal commissioner for data security, has severe doubts that this practice is legal and asks for the EU commission to step in immediately

Yesterday, we reported (German language article only) that Google in its privacy policy informs Android users that “When you use our services or view content provided by Google, we automatically collect and store certain information in server logs. This includes: […] telephony log information, such as your phone number, calling-party number, forwarding numbers, time and date of calls, duration of calls, SMS routing information and types of calls.”

What specific data Google stores is not clear since it is encrypted on the Android device. We did find out though that immediately after a call was made the phone established a connection to Google’s servers and transmitted data.

A spokesperson for Google Germany did not answer questions concerning which data the company collects and why. He did claim that Google has the right to store the data based on the consent given by Android users, who need to accept Google’s privacy policy to be able to use Android. Peter Schaar, former German federal commissioner for data security and chairman of the ARTICLE 29 Data Protection Working Party of the EU, says this is not the case and Google’s practices may even violate fundamental rights.


mobilsicher.de: Mr Schaar, Google says it stores “telephony log information, such as your phone number, calling-party number, forwarding numbers, time and date of calls, duration of calls, SMS routing information and types of calls” when making phone calls using an Android device. Data protection rules allow users to agree with informed consent to data storage and processing by private companies. Fair enough?

Schaar: Not at all. Companies need either a legal authority or consent if they want to process personal data. In this case, I do not see a legal basis for the comprehensive processing of the data concerned. Data may be used if it is necessary to establish a connection. To do this, it needs not be transferred to a Google server.

At the same time I see no valid consent to a general transmission of the data to Google. Firstly, most users do not expect that all of their personal data and that of the calling-party is stored by Google. This absence of clarity means that a general transmission of data cannot be justified.

Additionally, consent means a “freely given specific and informed indication of his wishes by which the data subject signifies his agreement to personal data relating to him being processed.” We can hardly assume this consent here if the alternative to consent is that you cannot use your phone to make calls in case you don’t agree that all this data ends up on Google’s servers.

mobilsicher.de: What about the fact that Google says it stores the data of people calling Android phones, not using Android phones themselves?

Schaar: If that is really the case, it's just another reason why this alleged agreement cannot be effective. We’re talking about third-party data here. It is evident that I cannot effectively consent to Google storing data of a third party, say someone who calls me or someone I call from an Android phone.

mobilsicher.de: So if we cannot assume effective consent, what then?

Schaar: That depends on which data is collected and processed. Do you know what Google collects?

mobilsicher.de: No, we could not yet find out, because the data is encrypted on the device. Data is being transferred, but we do not know which. When asked what data they collect, Google declined to answer.

Schaar: If Google really collects all the traffic data generated by a call this would violate privacy regulations. It might even be a criminal offense. It must be examined to what extent Google is bound to the secrecy of telecommunications, given that the company is party to providing telecommunications services. In that case the data processing without a legal basis could be a criminal offense. In addition, it needs to be clarified if data is illegally processed for commercial purposes without the knowledge of the data subject. That could constitute a criminal privacy violation under German law.

mobilsicher.de: What does all this mean for users?

Schaar: Google has an obligation to immediately tell us what data it stores, for what purpose, for how long it stores the data, where it is stored and how it is used. This is the only way the company can counter accusations that this – again – is an enormous breach of users’ trust.

Using piecemeal tactics, conceding only what can no longer be denied, as it has been the case in the covert acquisition of wireless data as part of the Street View programme, would be unbearable. The issue here has a new, much larger dimension. We’re talking about the secrecy of telecommunications here, not - as in the Wi-Fi scan case – about signals that everyone could have collected in the streets.

If it turns out Google actually learns about who calls whom when and for how long, this would have further consequences. German law provides for privileged communications of certain professions that are bound to secrecy: doctors, employees of addiction counselling centres, lawyers and social workers.

They would be liable to prosecution if they disclose protected information without authorization to third parties. So if Google should learn about the communication between a patient and a doctor because the doctor uses an Android phone, the doctor can be accused of committing an unlawful disclosure. Lawyers, doctors, priests and journalists could not legally use Android phones any more.

mobilsicher.de: So who needs to step up now?

Schaar: This is an issue for the data protection authorities - not just in Germany. We have to find out which data has actually been processed. If it is true what you suspect, based on the available information, this would entail a dimension that also needs the EU Commission to step up.

Google has a very strong, possibly dominant position in the smartphone market with its Android operating system. This is the reason why European Commission is investigating Google in an antitrust case. If Android is used to collect confidential data of European citizens and transmit it to the US, then this could constitute a violation of fundamental rights.

We also need to take into account the on-going discussion about Safe Harbor and Privacy Shield, regulating the transmission of data to the US. The EU Commission must get a clear picture of what is happening here as soon as possible. Moreover, US authorities need to get into the game, the Federal Trade Commission in particular.

Der Autor






D6DF 3C0E 2F0A 3EC6 1FE0 BA54 2E96 8D2E A92D 8822

Matthias Spielkamp

Matthias Spielkamp ist geschäftsführender Redakteur bei mobilsicher.de. Er berichtet seit langem über Themen an der Schnittstelle von Recht und Digitalisierung und versucht seit 15 Jahren, Menschen davon zu überzeugen, ihre E-Mails zu verschlüsseln.

Weitere Artikel


So finden Sie Android-Version und Modellnummer (Android 5)

Es gibt viele Situationen, in denen Sie wissen sollten, welche Version des Betriebssystems Android auf Ihrem Gerät installiert ist. Auch die genaue Modellbezeichnung des Gerätes ist ab und an hilfreich. Beide Informationen können Sie sich anzeigen lassen.


Was Sie über Gmail wissen sollten

Gmail gehört zu den beliebtesten E-Mail-Diensten - nicht zuletzt, weil jede*r Android-Nutzer*in bei der Einrichtung des Google-Kontos automatisch eine Gmail-Adresse erhält. Was wir an Gmail problematisch finden, erfahren Sie hier.

Verkehr & Navigation 

App-Test Transportr: Bahn- und ÖPNV-Suche bundesweit

Transportr zeigt Nah- und Fernverbindungen des öffentlichen Verkehrsnetzes in Deutschland und anderen Ländern an. Herausgeber ist der deutsche Entwickler Torsten Grote, der auch Mitglied des „Free Software Foundation Europe (FSFE) e.V.“ ist.


Video: iPhone zurücksetzen trotz Sperr-Code

Warum sind iPhones eigentlich für Diebe so wertvoll? Ganz einfach: Auch mit PIN-Code gesperrte Handys können über die äußeren Tasten gelöscht und neu in Betrieb genommen werden. Wie das geht und wie Sie es verhindern können, erfahren Sie im Video.