UPDATE: Google has corrected this behavior as of Android OS 5.0 (“Lollipop”).
Soft Cloud Tech – Every time you turn on ‘Location’ services on an Android phone, you’re shown a ‘Location consent’ prompt, like this one:
GPS is a ‘passive’ system – a GPS receiver figures out your geographic coordinates by finding a signal from at least three GPS satellites in the sky above. Technologies like Assisted GPS also use the mobile network to improve the speed and precision of the satellite ‘fix.’ To return information other than map coordinates (like a specific address), your phone needs to download map information in your surrounding area from the internet. By touching ‘Agree,’ you give your phone permission to share location data with various apps and services, like Google Maps.
To conserve battery life, Google’s ‘enhanced’ location services allow Android phones to determine your location without using GPS. An Android phone with ‘enhanced’ location services enabled will send data about nearby Wi-Fi networks to Google – Google will check its database of Wi-Fi access points to see where those networks are located, based on information collected by Google’s Street View vehicles and by other Android users. The advantage is obvious: GPS consumes a lot of battery power, and (if your Wi-Fi is already turned on) checking for nearby networks costs no battery. On top of that, the GPS can get a lock much quicker using the approximated location given by Google.
However, there are a few privacy concerns with Google’s ‘enhanced’ location services. Last year, the Electronic Frontier Foundation tested a variety of recent Android phones and discovered that many of them ‘leaked’ the names of networks they’d previously connected to, providing “dangerously precise” location histories to ‘eavesdroppers,’ like the N.S.A. or retail outlets collecting marketing data. Google is especially interested in this kind of information because of its development of ‘location-aware‘ mobile advertisements (Google Now already notifies users when they’re near a retail store offering an item they’ve recently searched for, for example). Although Google insists that it ‘anonymizes’ the location data, researchers at M.I.T. argue that the ‘traces’ of information left by mobile devices are “highly unique,” and can be easily identified “using little outside information.” On top of this, it’s sometimes difficult to know what all your other apps will do with the location data they receive from Google.
‘Enhanced’ location services provide a lot of useful functionality, but some users may not be comfortable continuously sharing their location information even when no apps are running. Rather than explain how the service works and clarify its privacy risks, Android has a clever user interface ‘trick’ to encourage users to turn ‘enhanced’ location on:
When the user checks ‘Don’t show again’ on the ‘Use enhanced location service?’ prompt, the ‘Disagree’ option turns gray and can no longer be selected. Unchecking ‘Don’t show again’ will restore the ‘Disagree’ option… but the prompt will still appear the next time you turn Location on. The ‘trick’ is, if you select ‘Don’t show again,’ you must wait several seconds… eventually the dialog box will disappear, and your preference will be saved (although in some cases, like on the Settings screen, the box will actually never disappear, and you have to wait all the way until the screen shuts off). Graying out the ‘Disagree’ button and adding this annoying ‘waiting period’ discourages users from hiding the prompt, making it much more difficult to “opt-out” than it is to “opt-in” – this seems to be the only reason for including this design element. Google offers a variety of useful tools, but their applications should help users make educated decisions about their data, not resort to deceptive user interface design to pressure people into using their services.