Google Privacy Pitch at I/O Heralds Firmer Grip on Android
The internet giant will try to convince the world it’s a responsible steward of all that information. To make that case, Google will first have to fix Android, a mobile operating system that’s wildly popular but hobbled by security flaws.
May 7, 2019
(Bloomberg) -- Each year at Google’s I/O developer conference, the company pitches new ways its trove of user data can improve apps, websites and other services on smartphones. This year, the internet giant will try to convince the world it’s a responsible steward of all that information.
To make that case, Google will first have to fix Android, a mobile operating system that’s wildly popular but hobbled by security flaws.
The conference starts on Tuesday. But Google has already begun stressing how carefully it handles the personal information shared by billions of people. The Alphabet Inc. unit released a tool last week that lets people automatically scrub their location and web-browsing footsteps. Chief Executive Officer Sundar Pichai told analysts last week that company executives are "happy to be thought leaders" on privacy issues.
While Google can give consumers more choice over how data is used for Search, Maps and other services, it doesn’t have the same control over Android. The mobile operating system powers far more devices than rival Apple Inc. But Apple exerts far more control over security patches and other software updates for iPhones.
When Apple pushes out a new version of its iOS operating system, iPhone owners can simply download and install it. More than 90 percent of iPhones and iPads run the latest iOS, or the version before that.
For Android, the process is way more convoluted. It requires wireless carriers, handset makers and semiconductor vendors to make the latest software enhancements work. Some of these partners are reluctant to help. Only 21.5 percent of devices run the 2017 version Android and there’s no data for last year’s release, called Pie, according to company data from October. That means many Android phones don’t get the latest security patches -- undermining Google claims that user information is safe in the company’s digital hands.
Google has tried repeatedly to fix this. Two years ago, it launched Project Treble to try to speed up Android upgrades. Last year, Google wrote a new mandate into its contract with Android phone makers, requiring them to provide software security updates for at least two years for popular handsets, according to The Verge.
Project Treble simplifies the work chipmakers must do to get Android updates running properly with older phone processors and related software. It has made progress, but there are other impediments to getting upgrades into the hands of all Android users.
Google is planning another overhaul, according to people familiar with the situation. This will attempt to make the latest apps and other software work better with phones that run older versions of Android. The company has been working on this update for several months and may unveil it this week at I/O, the people said. They asked not to be identified discussing private plans. Google declined to comment.
Google’s Android developer dashboard has kept track of the company’s halting progress on this challenge for years. It hasn’t been refreshed since October, although Google may share updated figures this week. The current dashboard shows that almost 8 percent of Android devices still run KitKat, a version of the operating system released in 2013.
Back then, Android growth initiatives often took precedence over the complex, more-mundane tasks of security patches. But privacy and data-security issues have taken on more urgency since the uproar over consulting firm Cambridge Analytica improperly accessing information on millions of Facebook Inc. users. The social-media giant preached privacy during its developer conference earlier this month. And Apple ad campaigns now serve up taglines like this: “If privacy matters to your life, it should matter to the phone your life is on.’’
Some high-profile mishaps haven’t helped Google’s case. In 2015, a security researcher found a bug dubbed Stagefright that let hackers get into users’ phones by simply sending them a text message. In 2017, another vulnerability was found that let attackers monitor Wi-Fi traffic among nearly half of Android phones -- the ones that didn’t have a more recent version of the software. In these situations, Google had to rely on manufacturers and wireless carriers to distribute security patches quickly.
A broad slowdown in the smartphone market also makes it harder for Google to persuade Android partners to use the latest software. But Google will keep pushing. Widespread, new software means more phones can run Google’s latest services, like its voice-based search assistant, which will likely get plenty of new features and attention at I/O.
Alphabet Inc.’s Google is also working on a potential successor to Android that would work more naturally with a range of futuristic devices.
Another part of Google’s strategy is to sell its own phones. Google controls the hardware and software that goes into its Pixel products, so it’s easier for the company to push new security patches and other upgrades to those devices. Pixel phones haven’t sold well, though.
Read more about:
Alphabet Inc.About the Author(s)
You May Also Like