Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
Android AI Google

Unless Users Take Action, Android Will Let Gemini Access Third-Party Apps (arstechnica.com) 71

Posted by msmash from the PSA dept.
Google is implementing a change that will enable its Gemini AI engine to interact with third-party apps, such as WhatsApp, even when users previously configured their devices to block such interactions. ArsTechnica: Users who don't want their previous settings to be overridden may have to take action. An email Google sent recently informing users of the change linked to a notification page that said that "human reviewers (including service providers) read, annotate, and process" the data Gemini accesses.

The email provides no useful guidance for preventing the changes from taking effect. The email said users can block the apps that Gemini interacts with, but even in those cases, data is stored for 72 hours. The email never explains how users can fully extricate Gemini from their Android devices and seems to contradict itself on how or whether this is even possible.

Unless Users Take Action, Android Will Let Gemini Access Third-Party Apps More | Reply

Unless Users Take Action, Android Will Let Gemini Access Third-Party Apps

Comments Filter:

  • Sounds like a malicious attack to me (Score:5, Informative)

    by gweihir ( 88907 ) on Tuesday July 08, 2025 @10:48AM (#65505166)

    Sure, Google may not see it that way, but look at the potential for data theft, sabotage, etc. here: It is an attackers wet dream. And nobody so far has managed to make any widely deployed relatively new system really secure.

    • Re:Sounds like a malicious attack to me (Score:4, Informative)

      by Mspangler ( 770054 ) on Tuesday July 08, 2025 @11:11AM (#65505252)

      That's how I read it. I see my policy of having nothing on the phone other than phone and messaging remains correct. I will do no banking or business on the device. No browsing, no maps, no connection to the car should I take it with me which I seldom do.

      It will remain a phone, period.

      • Re: (Score:3)

        by GoTeam ( 5042081 )

        That's how I read it. I see my policy of having nothing on the phone other than phone and messaging remains correct. I will do no banking or business on the device. No browsing, no maps, no connection to the car should I take it with me which I seldom do.

        It will remain a phone, period.

        Your policy sounds a bit extreme. However, it's starting to look like I'm not paranoid enough.

        • Re: (Score:2)

          by gweihir ( 88907 )

          At this time, Gemini is an app. Do not install it (r any other not trustworthy app) and you should be fine. All I get is an occasional chat offer from Gemini in the messages, which I then proceed to ignore. On the other hand, I am in Europe and sending any of my data to Google servers without positive and informed consent would be a criminal act. So maybe YMMV if you are in the US.

          • I am sure Gemini will be baked into android itself soon, but I am sure google already datamimes and spies on android users with the blessings of the government

            • Re: (Score:2)

              by gweihir ( 88907 )

              It is not actually that easy. Data transfers leave traces. There are enough people qualified to find and interpret them that are not under government control.

      • Re: (Score:2)

        by gweihir ( 88907 )

        I have authenticator (TOTP, no cloud, not MS) on it and also 2nd factor for banking. Hence I regard it as part of my security equipment and nothing else will get on it and certainly no AI that can mess with my stuff.

        I looked at authenticator as stand-alone and separate phone with only a data SIM and noting besides that 2nd banking factor on it, but decided that at this time I am willing to accept that risk. I do revisit that decision from time to time.

      • That's how I read it. I see my policy of having nothing on the phone other than phone and messaging remains correct. I will do no banking or business on the device. No browsing, no maps, no connection to the car should I take it with me which I seldom do.

        It will remain a phone, period.

        I'm not quite that Spartan about it - I still do occasional browsing via Firefox and DDG browsers, email via K-9 and Protonmail, and watching of YouTube via PipePipe. But the rest of the time, I turn off both mobile data and WiFi.

        But then again, I'm running LineageOS and don't have Google services - including Play - installed at all. I also don't have the Location service active. I get apps via F-Droid, sideloading, or downloading from trusted websites. And as soon as I'm finished with an app, I don't just

        • as soon as I'm finished with an app, I don't just close it - I go into settings and kill it manually.

          You can bring up the running apps selection screen and then swipe up instead.

          • as soon as I'm finished with an app, I don't just close it - I go into settings and kill it manually.

            You can bring up the running apps selection screen and then swipe up instead.

            Just tried it, and it doesn't work on my phone. The app disappears when I swipe up, but then when I go to "Settings --> Apps and Notifications" the "Force Stop" selection is still active. I have to touch that to actually kill whatever part of the app is still running in the background.

            • Ahh, I see that is now generally the case, it doesn't stop background tasks. I should have figured. I believe it used to stop them, though.

              I use it all the time because of the javascript-related memory leaks in mobile FF...

  • Possible instructions for disabling it (Score:3, Informative)

    by karmawarrior ( 311177 ) on Tuesday July 08, 2025 @10:59AM (#65505196) Journal

    This popped up in my Mastodon feed (making it slightly more trustworthy than if it had in an X or Bluesky or Threads post, but still, take it with a pinch of salt):

    https://tuta.com/blog/how-to-d... [tuta.com]

    I haven't had a chance to check whether this works yet because I don't have a phone that's been infected yet, but presumably will do soon.

    • I checked and it seems I had already disabled Gemini. I can't remember having done so but will presumably have done it as soon as I knew what it was - normal Luddite behaviour for me.

      • First thing I did when I bought my XCover 7 last year, go through the list of software and disabled anything Samsung and Google that was possible. Luckily I don't have to deal with spyware from Amazon, Facebook, etcetera in the first place. Could be a EU privacy thing.

        Did the same thing when I updated to One UI 7.0 last month, and noticed Gemini was still disabled. The last thing I want is artificial incompetence messing around with my property.

        • The last thing I want is artificial incompetence messing around with my property.

          I have started referring to AI as the Age of Idiocy. It was an accidental reference I innocently made elsewhere before realizing that it applied in more than one way.

      • FWIW, I am running a Pixel 6 with stock Android v16. I don't appear to have the Gemini app at all. I may have uninstalled it when it first started bothering me a few months ago.

    • This is the google settings page, as near as I can tell:

      https://myactivity.google.com/... [google.com]

      If I read it correctly, it says your stuff will go on their servers whether you like it or not for "no more than 72 hour" when this gemini is "disabled".

      That means there is no disabling it short of rooting your device and removing what you don't need.

      Which was basically always the case.

  • i guess? having access to your data has never been more profitable than it is today; you can see all this as them ripping a band-aid off.

    it's a good thing they removed Don't Be Evil from their maxims.

  • The controls you have over your personal data in ChatGPT are far, far, *FAR* less than Google gives you with Gemini.

    With Gemini, I can browse through all of the records, see whats there, choose what to delete. I can't do any of this with ChatGPT, it is a total black box.

    • That's good to hear!

      Now, how do I rip out Gemini, or ensure it's never installed?

      • Re: (Score:2)

        by flink ( 18449 )

        I just went to Settings > Apps > Gemini and clicked uninstall. I don't know if that uninstalls all the attendant services or just the UI though.

      • Use a de-googled ROM.
        That requires you to choose a compatible device to begin with.

      • Right now, Gemini is optional, and if you dont install it (or uninstall it) you dont have it.

        Also, you can just not use the thing. It's not like its required. Samsung phones have privacy oriented on-device AI for some tasks even.

        • Re: (Score:2)

          by _merlin ( 160982 )

          With the latest Android version, Gemini is part of the base OS image and can't be uninstalled. It can still be disabled, though.

          • I am on Android v16 on my Pixel 6 and I don't believe that I ever had the app on it. It's not in the list of apps

      • https://github.com/0x192/unive... [github.com]

        I've been using this to good results. Of course it's always sketchy uninstalling system level packages so the risk of bootlooping/bricking your device and/or breaking features you actually want is entirely on you.

        That said, permanently disabling/removing Gemini shouldn't be a problem.
        =Smidge=

    • The controls you have over your personal data in ChatGPT are far, far, *FAR* less than Google gives you with Gemini.

      I, personally, don't believe I'm an important enough person for anyone at OpenAI to really care what I'm doing with their product.

    • Some random entity forcibly installed malicious, unwanted software that pilfers personal, private and privileged data on my personal computer without explicit authorization. How is this legal?

  • Privacy implications aside, if they allow it for Gemini they have to allow it for everyone else or that's some monopoly level shit.

  • Computer Fraud and Abuse Act (Score:3)

    by bill_mcgonigle ( 4333 ) * on Tuesday July 08, 2025 @11:03AM (#65505228) Homepage Journal

    ```
    (2) intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains-- ...
    (C) information from any protected computer;
    ```

    Opt-out isn't legal here.

    • Re: (Score:2)

      by flink ( 18449 )

      I'm sure the authorization is buried somewhere deep in the Android EULA. Google's lawyers aren't stupid.

      • Re: (Score:2)

        by caseih ( 160668 )

        EULA or not, it's still against the law in Europe. But Google will continue to ignore it, and when they get slapped with a fine they'll complain to the king who will threaten European countries with more tariffs until they acquiesce, just like he did to Canada.

  • Imagine if a 3rd party app developer tried to do this. That would be rejected in a nanosecond.

  • why does Apple get a pass? (Score:4, Informative)

    by kalpol ( 714519 ) on Tuesday July 08, 2025 @11:27AM (#65505290)
    Isn't Apple Intelligence already doing this?

  • It's been a few years since my data privacy class, but isn't this a violation of CCPA (California Consumer Privacy Act) and CPRA (California Privacy Rights Act - aka Prop 24)? I believe they both require easy access to opt-out.

    • External to California, I've not read those laws but they don't matter because consent (surrender) was given long ago when you turned on the Android by Google device. They're not web scraping your stuff or getting/giving your personal bits to 3rd parties. It's 1st party rape and looting by Google themselves. Regardless, you'll never win in compulsory arbitration and we can't form a class for a class action. End User License Agreements and Privacy Policies are merely entry vehicles for subjugation and submi
  • This will probably not fly in the EU thanks to the RGPD, so they'll have to ask for permission first.

  • In this generation I chose battery life over an unlockable bootloader. I got it, my cheap old phone still gets five days' battery life. But now Google is shoving stuff into the OS that I don't want, so I'm going to have to look at another phone.

    As apple is doing the same thing, even if I didn't despise them already that would not be an option. I also want apps, so nothing else is an option. Guess my next phone has to have an unlockable bootloader so I can install an alternate Android.

  • Don't install Gemini, its not as if Google hasn't already turned android into a spybot operating system already, I am sure google already has their testicles squiring all over everyone's phone data mining the hell out of it, they even have copies of all your nudes and selfies too :)
    • Alternatively, if pre-installed, disable the Gemini app. Just noticed it was quietly installed with a recent upgrade to my Samsung device.
  • Been putting this off for too long, but tbh Google has completely wrecked the Android experience. I'll be switching to linux for my desktop this year to avoid win 11, and I guess I'll be using custom roms for mobile.

  • ... for simple instructions on how to remove Gemini from a Pixel 9 Pro XL?

    Well:
    Goal Steps
    Restore classic Assistant Google App â' Profile â' Settings â' Assistant â' âoeDigital assistants from Googleâ â' Choose Google Assistant
    Remove Gemini app entirely Settings â' Apps â' Gemini â' Force Stop â' Disable
    Stop Gemini in other apps Open app (Messages, Photos, etc.) â' Settings â' Gemini â' Toggle off

    It then included info citing Re

  • No need for conspiracy theories, Gemini is an assistant and an assistant needs to access data to be able to answer questions about that data.

    Gemini will become Android's Siri and if you ask Gemini "Did mom send me yet another boomer image on WhatsApp?" Gemini will have to access WhatsApp to check if your mom sent a boomer image.

Slashdot Top Deals

If it's worth doing, it's worth doing for money.

Close