Security isn't privacy, and you can have one without the other

Google Pixel 4 XL
Google Pixel 4 XL (Image credit: Andrew Martonik / Android Central)

We all tend to equate security with privacy. I'm not talking about public security, where there is debate over encryption and why Apple and Google won't just hand everything over to the FBI, I'm talking about our personal digital security.

Security is really an easy subject to understand once you break it down to its core: your electronic devices — whether they be a phone, a laptop, a smart doorbell, or anything else — should only be operable and accessible by you. If I can pick up your phone and rifle through its contents or see the video your Ring Doorbell collects, something, somewhere isn't secure.

It could be as simple as you haven't used any available tools to set up personal security like a lock screen on your phone, or it could be an existing exploit that allows me to connect remotely. In the end, all that matters is that if I can get into your stuff, it's not secure.

Security is easy to understand if you break it down: only you can use or access your digital devices.

Privacy is a bit different. Privacy is protecting our personal data through those existing security methods which is where much of the confusion stems, but more importantly privacy is something we all tend to willingly ignore and give away our data willingly. Our data is a commodity that is worth billions and billions and there will always be a company willing to provide a service using your privacy as payment.

Here's where we're going to talk about Google and Android. Android itself is one of the most secure operating systems in existence. Its open-source nature and frequent security audits by some of the best people in the field mean updates to keep Android secure happen at a rapid pace, and Google even spends millions every year paying people who find security exploits and submitting them to the Android security team. Simply put, Android is so secure because so many eyeballs are looking at it.

The number of eyeballs looking at Android also means it has to be kept secure at any cost. Android is the new Windows — everyone uses it, so every bad actor is looking for a way to attack it. When any specific software is used by three-quarters of the population, it's going to be a target. This is why Google spends so much money keeping Android itself secure from exploits and malware.

Android is secure, but adding Google's apps hits hard on the privacy side.

Privacy is another matter completely. You can use Android and guard your privacy, but hardly anyone would want to because Android isn't that great without Google and third-party support. A smartphone isn't very smart without any apps involved. You hear a lot about apps that overreach and ask for too much of your private data and Google is in a constant battle to address these issues, but Google itself is also the biggest offender.

You should read those pop-up messages the next time you sign into a new Android phone because they tell you about what personal data you're giving away and how Google will use it. The same goes for things like Google Assistant's privacy policy, or the privacy policy for a Nest thermostat. To add to the confusion, most Android phones are made by Google's hardware partners like Samsung who also have separate data-collection policies.

As mentioned, you are using your personal data to pay for services from Google. It has real value, the same as dollars and cents. That means it's important to make sure you are getting equal value in return. Google doesn't sell your data, no matter how many times you hear a knucklehead claiming it does. But it's important to know what Google does with: Google builds an advertising profile on you and uses it to sell more ads through its money-making advertising division.

Google Privacy Policy

Source: Android Central (Image credit: Source: Android Central)

Only you can decide if the trade (or as I like to think of it, the financial transaction of paying with data) is worth it. You have to ask yourself if you trust that Google will always safeguard the huge amounts of personal information it collects about you; you have to ask if Google is using your data responsibly; and you have to trust that Google isn't being too invasive and collecting data about your race or religion or health. Then you need to look at the services you get in return.

I use Google services because what I give is worth what I get in return.

I use Google products and reluctantly trust the company with my data. Google's track record of how it cares for user data stands on its own, and I truly believe it would responsibly report and address any outside data breaches. I do this because the services I get in return are phenomenal — Assistant greets me each morning and turns on my lights when it knows I have to wake up. Google Photos keeps better track of my photo library than I ever could. Gmail is like a virtual filing cabinet where everything you've ever sent or received is there and easy to find. And the other services like Maps or Google Docs are useful each time I need them. The trade-off is worth it to me.

I'm not trying to convince anyone that they should do the same — in fact, you should not listen to me and make your own decision about it. But it is very important that everyone realize that Google can easily say it has the most secure operating system on the planet but that doesn't make any difference when it comes to the privacy you are willing to give up in order to use it.

Jerry Hildenbrand
Senior Editor — Google Ecosystem

Jerry is an amateur woodworker and struggling shade tree mechanic. There's nothing he can't take apart, but many things he can't reassemble. You'll find him writing and speaking his loud opinion on Android Central and occasionally on Twitter.

  • Thanks for the article Jerry, and I'm in the same boat: "I use Google products and reluctantly trust the company with my data". But also like you, It's worth it for the benefits they provide. Hey, wait a minute... it's the fourth! What are you doing working?
  • I feel the same way.
  • I gave up on "reluctantly." Eventually we are going to be fully absorbed into the machine, and I'd rather go there with my eyes open.
  • He probably isn't, it was likely written days ago and scheduled to post today in whatever CMS they use.
  • Ah yes, good point.
  • Lmao at calling this "work" ...
  • Having decided a few years ago to drink the Google Cool Aid, I'm trying to figure out how to get Google to turn their Advertising Model of me into My Online Agent. Put simply, it is to Google's advantage to protect my data and would be to my advantage if I could exclude pretty much everyone else from my data. I'm fine with Google knowing everything about me as long as they tell no one else, and maybe I can get them to claw back the data I don't want others to have.
  • "Android is the most security driven operating system in the world" I don't think so, if that were the case, Google would winning their war against malware on the OS, unless Google starts policing the Play Store like Apple doesn't then this article would have a point but that's not the case at all, Android is the most fragmented and insecure (due to it's open source nature) platform in the world. iOS is the most security and privacy driven operating system in the world.
  • Just like the recent mail hack that gave hackers control over Apple devices, or the iCloud security breaches? My friend is an anime artist and lost years worth of private work. Not saying Android security is perfect, but I know personally that Apple security is not perfect either. I'm a former Apple software beta tester.
  • I agree that iCloud isn't perfect, but I'm more confident in Apple protecting my data than ok Android, just like for example, my YouTube premium subscription has been hacked because someone else has access to my YouTube premium account as I get charged an additional £5.99 a month and Google were no help at all and I'm sure this wouldn't have happened on iOS, i feel that so many of the security breaches I've had are definitely down to the fact I use Android. I'm just glad I'm going back to iPhone and iPad (iPad 2019 not the Pro). I'm sorry about your friend losing years of data from iCloud. I don't think I ever had any problems with iCloud, the only issue I had with iCloud is that it's so slow I'm backing up your iOS devices.
  • Why? Security and privacy don't need to be mutually exclusive. And yes you can have both. If individual consumers elect to expose themselves and compromise their own privacy and security through their reckless or ignorant behaviour is one thing. Fair enough. You sleep in a bed of your own device could ever be secure or safe enough. But this isn't what we are talking about. We are talking about companies incorporating safety and security features in their devices and software, and making customers aware or those choices. However that is not what is happening, as we repeatedly see serious and egregious breaches of privacy, security and confidentiality where copious amounts of crucial and sensitive data and information is being compromised or outright stolen. Many corporations are now in the business of data/information gathering and storage... aaaaand selling. It is a goldmine. If you can comodify your customers and turn them into the is infinitely more profitable...
  • Maybe breaking up some of these gigantic corporations, like Apple, Amazon, Google (plus others) and their monopolies is something worthwhile considering. If such a thing is even possible anymore
  • Apple is the best company ever created. They offer 900% privacy with 900% security
  • Yes they are, and its because of all these Apple beta testicles.
    I'm a undercover Apple beta tester when I sleep...