Scott Johnson
Newbie
Is no-one else concerned that Google requires location services be enabled for bluetooth pairing from 6.0 on? How much privacy do we need to give up to satisfy big business?
-
After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.
Help Bluetooth Pairing Requires Location
- Thread starter Scott Johnson
- Start date
Scott Johnson
Newbie
The excuse given is that your mac address is no longer being used as an identifier between devices so they now use GPS. I'm not sure how well my FiBit One understands/interprets GPS signals.
AZgl1500
Extreme Android User
which is totally ridiculous when you have 50,000 fans in a Colosseum watching some sporting event.
or, in your home with concrete over your head, or all day in an office cubicle, no GPS is possible for hours at a time.... it is total BS and invasion of privacy.
I am not buying it, not for one second.
Scott Johnson
Newbie
At work so here is one reference, but there is an official data sheet out there.
https://developer.android.com/intl/...android-6.0-changes.html#behavior-hardware-id
https://developer.android.com/intl/...android-6.0-changes.html#behavior-hardware-id
Scott Johnson
Newbie
To me is suspect that they choose location services rather than something else(new).
That's strange, because I've just successfully paired a Jawbone earpiece with my Xperia Z3 (running Android 6.0.1) with location disabled. Maybe it's manufacturer-specific?
p.s. Please keep responses on-topic.
p.s. Please keep responses on-topic.
AZgl1500
Extreme Android User
Scott Johnson
Newbie
Maybe they changed it since 6.0.
psionandy
Extreme Android User
Actually, it kinda makes sense..
Ahh.. the document you posted is for gaining access to the mac addresses of external devices programtically... not pairing a bluetooth device as Slug has done.
"To provide users with greater data protection, starting in this release, Android removes programmatic access to the device’s local hardware identifier for apps using the Wi-Fi and Bluetooth APIs. The WifiInfo.getMacAddress() and theBluetoothAdapter.getAddress() methods now return a constant value of 02:00:00:00:00:00."
This actually makes sense from a users point of view, previously.. even if you hadn't given the app permissions to get your location, it could work this out by seeing which devices you can see (wifi hotspots, bluetooth beacons) and then link back to a database and work out your location. Even if as a user you DIDN'T want it to know where you are.
Now they've closed that hole... If your app wants to scan for wifi enabled devices, or bluetooth ones for that matter, it needs to have the location permission...
I can see how this will cause confusion in the future.. but from a users privacy perspective this is actually a GOOD NEWS item, giving us more privacy and protecting us from big buisness.
"Note: When a device running Android 6.0 (API level 23) initiates a background Wi-Fi or Bluetooth scan, the operation is visible to external devices as originating from a randomized MAC address."
Which will also help cover tracks and stop user tracking in the mall/highstreet etc...
Ahh.. the document you posted is for gaining access to the mac addresses of external devices programtically... not pairing a bluetooth device as Slug has done.
"To provide users with greater data protection, starting in this release, Android removes programmatic access to the device’s local hardware identifier for apps using the Wi-Fi and Bluetooth APIs. The WifiInfo.getMacAddress() and theBluetoothAdapter.getAddress() methods now return a constant value of 02:00:00:00:00:00."
This actually makes sense from a users point of view, previously.. even if you hadn't given the app permissions to get your location, it could work this out by seeing which devices you can see (wifi hotspots, bluetooth beacons) and then link back to a database and work out your location. Even if as a user you DIDN'T want it to know where you are.
Now they've closed that hole... If your app wants to scan for wifi enabled devices, or bluetooth ones for that matter, it needs to have the location permission...
I can see how this will cause confusion in the future.. but from a users privacy perspective this is actually a GOOD NEWS item, giving us more privacy and protecting us from big buisness.
"Note: When a device running Android 6.0 (API level 23) initiates a background Wi-Fi or Bluetooth scan, the operation is visible to external devices as originating from a randomized MAC address."
Which will also help cover tracks and stop user tracking in the mall/highstreet etc...
Scott Johnson
Newbie
For my example, a FitBit One, which has no gps capabilities, it forces me to have location service on if I want to communicate with it. I am like many people, who do not want Google tracking my every move. So now I have to turn on the location services each time I want to update the app, or leave it on to update in the background.
Scott Johnson
Newbie
It was FitBit's support that originally informed me about this requirement.
psionandy
Extreme Android User
Its not the device thats the issue, its the fitbit APP..
event though your fitbit doesn't have a GPS, the app could sneakily determin your location by scanning for the list of things around it, and then using that to work out where you are... All this is doing is making the APP more upfront about it.
I realise that fitbit probably weren't abusing this method for finding your location, but it stops others from doing it, and thats a good thing.
event though your fitbit doesn't have a GPS, the app could sneakily determin your location by scanning for the list of things around it, and then using that to work out where you are... All this is doing is making the APP more upfront about it.
I realise that fitbit probably weren't abusing this method for finding your location, but it stops others from doing it, and thats a good thing.
Scott Johnson
Newbie
It's still not stopping Google from collecting peoples' location info, which they could not before. I'm mostly saying they could have gone elsewhere and it was likely a conscious decision to use something that they profit from.
I'm sure it's Fitbit Inc. that's going to be making a profit from your location info, rather than Google Inc. And obviously it requires precise GPS location information from your phone to do what it does. There's probably a clause in the Fitbit EULA that you agreed to about them sharing your location information with third-parties. Same with Nike+ Fuelband etc, that have social networking included. Concerned about location privacy, stop using the things.
Google is not making anything here, this is an iPhone, it's Fitbit making the $$$ from someone's jog around the streets of San Francisco.
Google certainly don't need location information to pair and use a Jawbone headset or something.
Google is not making anything here, this is an iPhone, it's Fitbit making the $$$ from someone's jog around the streets of San Francisco.
Google certainly don't need location information to pair and use a Jawbone headset or something.
Last edited:
psionandy
Extreme Android User
#
Because instead of them being able to take it, without you being aware.. now they are forced to ask you for it.. at which point you have the choice to say no (even if that means you choosing not to use their app)
Last edited:
Well if your FitBit requires your precise location for it to work and to record where you been jogging or whatever. then you have to accept that otherwise the thing just ain't going to work properly. If you're concerned about them knowing exactly where you are with these online fitness trackers, then just don't use the things.
Last edited:
Well, I think there's a lot of misunderstandings going on.
I first thought the same thing about this need of location access from my fitbit tracker.
Thinking, they're lying, because i can PAIR my bluetooth headphones without location access.
But, here, we're not talking about pairing but syncing, which is a first difference.
Second, using the old method, giving access to MAC adress of your bluetooth devices, it also give them a physical location, which could also raise privacy concerns.
Lastly, the requirement for syncing, is location access, not necesseraly High accuracy, which uses GPS.
So in the end, having understand that, i'm kind of OK with it
I first thought the same thing about this need of location access from my fitbit tracker.
Thinking, they're lying, because i can PAIR my bluetooth headphones without location access.
But, here, we're not talking about pairing but syncing, which is a first difference.
Second, using the old method, giving access to MAC adress of your bluetooth devices, it also give them a physical location, which could also raise privacy concerns.
Lastly, the requirement for syncing, is location access, not necesseraly High accuracy, which uses GPS.
So in the end, having understand that, i'm kind of OK with it
I know this is old, but I'm hoping someone has figured out a way around it. The problem I have with this is that it not only requires the app to have the permission, but requires the user to turn on location services. This is like requiring you to leave your front door open in order to prove that you understand that people can see into your windows.
By "the app" I assume you mean something like FitBit, as already discussed in this thread. That do require location tracking in order to work correctly. I think it's quite simple really, if you don't agree with the company's TOS or EULA, then don't buy and use their products.
BTW I've noticed the Bose Connect app requires precise GPS permissions for some reason. But you don't actually need that app to connect and use Bose headphones, they work just as well without it. They only have to play your music, and Bose Corporation does NOT need to know where you are
Yeh, there are various ways around these things.
Last edited:
This is an android issue. They are the ones who make the requirement like it is. They are the ones who force users to give up more information than necessary in order to allow an app to have access to some lower level of information. This was brought by an ANDROID update a few versions ago. I have more than one bluetooth device that requires this. In one instance, I spoke directly with the developer of the app. The makers of both of these devices say the same thing. They do not need any location information but do need access to BT MAC addresses. Android should allow me to limit their privilege to that rather than all location information.
Another point; in order to use a certain bluetooth product, I must turn on the location service on my phone. When I do that, all other apps that use that permission now have access to that information. Additionally, if I am using High accuracy or battery saving location mode, Google tracks my location.