Hacker News
Latest Android OS has Improved Security and Privacy Features

Last week Google launched the first developer beta of Android Q, the next version of Andriod. Google Pixel phone owners have become the first Andriod users allowed to trial Android Q and get rid of last year’s Andriod Pie. According to Google’s official timeline, Andriod 10 Q will be available to users in August of this year.
It looks like the new operating system has plenty of new privacy and security enhancements. A summary of the improved security and privacy features is below.
Location Tracking
Android Q will give users more control over how apps use device location data. Currently, users are limited to either allowing or denying an app access to device location information but there is no option to only allow the access when an app is running. Android has come under increasing pressure to add this feature since user concerns about location tracking are mounting and the feature has been available on rival iOS for some time.
In their Developers Blog, Google says:
The new location control allows users to decide when device location data is provided to an app and prevents an app from getting location data that it may not need.
Restrictions on Device Identifiers
MAC Address Randomization will be a Default Feature – MAC address randomization is when your device’s unique wireless hardware number is replaced by a randomly generated number. This prevents a device from being tracked when connecting to multiple Wi-Fi networks. The feature was first introduced in Android 6.0 Marshmallow but wasn’t enabled by default. MAC Address Randomization will stop developers and others from building a profile based on your device history.
Contacts Affinity – The operating system will no longer track contacts affinity information. The Developers blog states:
As a result, if your app conducts a search on the user’s contacts, the results are no longer ordered by frequency of interaction.
Non- Resettable device identifiers
Apps must have the READ_PRIVILEGED_PHONE_STATE
privileged permission in order to access the device’s non-resettable identifiers, which include both IMEI and serial number. This will again prevent developers from gathering data about your device that is not essential to the functioning of the app.
Access to Clipboard data will be restricted – Apps will need the default input method editor (IME) or be the app that currently has focus in order for it to access the clipboard data.
USB Serial access – Apps will need the user to grant permission in order for them to access the USB serial number.
Device Network State access – Apps will not be able to see information about the device’s network state. Some apps will be allowed access, for example, VPNs which would require the data but they will have to refer to NetworkStatsManager and ConnectivityManager classes for access.
Background Activity
Android Q will prevent apps from launching background activities without the users’ knowledge.
The Developers blog states:
As long as your app starts activities as a direct result of user interaction, however, your app most likely isn’t affected by this change. In fact, the majority of apps are unaffected by this change
There are other notable security improvements to Android Q such as restricting an apps ability to change network settings and restricting apps from being able to directly access data saved by other apps.