Android Privacy

Your Android phone was built by Google. It was designed to report back. These settings reduce what it sends home — but they don’t eliminate it. Start here.

Android is developed by Google. The operating system itself collects data that feeds Google’s advertising ecosystem. These settings reduce — but do not eliminate — data collection at the OS level.

Settings paths vary between stock Android (Pixel), Samsung One UI, and other OEMs. Where paths differ, both are listed. If your phone doesn’t match either, look for similar wording in the same general settings area.

Google Account Privacy Settings

Before touching your phone settings, go to the source. Your Google account feeds the ad profile that follows you across every Google service and every Android device you sign into.

Go to myaccount.google.com > Data & Privacy and turn OFF:

• Web & App Activity — logs every search, every app interaction, every voice command. Turn it off, then delete existing activity.
• Location History (Timeline) — tracks everywhere you go, even when you think location is off. Turn it off, then delete existing history.
• YouTube History — watch and search history feeds recommendations and ad targeting. Turn it off.
• Personalized Ads — go to Data & Privacy > Ad Settings and turn off ad personalization.

These settings apply across all devices signed into your Google account. Turning them off here is more effective than fighting the same battle on every device.

For a deeper walkthrough, see the Google privacy guide.

Security and Privacy (Main Settings)

Path: Settings > Security and Privacy (Samsung) or Settings > Security & Privacy (Pixel)

Lost Device Protection

Pixel: Settings > Security & Privacy > Device Finders > Find My Device Samsung: Settings > Security and Privacy > Find My Device

• Enable Find My Device — allows remote location, lock, and wipe if your phone is lost or seized
• Verify your Google account is linked for recovery

Biometrics

Pixel: Settings > Security & Privacy > Device Unlock > Face & Fingerprint Unlock Samsung: Settings > Security and Privacy > Biometrics

• Set up Fingerprint or Face Unlock for device access
• Review registered biometric data — remove anything you don’t recognize
• Enable Screen Lock with a strong PIN or password as fallback — biometrics alone aren’t enough

Auto Blocker (Samsung)

Path: Settings > Security and Privacy > Auto Blocker

• Enable Auto Blocker — blocks sideloaded apps from unknown sources and provides additional malware scanning
• This is a Samsung Galaxy feature; on Pixel, the equivalent is the default behavior of blocking installs from unknown sources (no toggle needed unless you changed it)
• Sideloading apps from outside the Play Store is how most Android malware gets installed

More Security Settings

Pixel: Settings > Security & Privacy > More Security & Privacy Samsung: Settings > Security and Privacy > More Security Settings

• Secure Folder (Samsung): Create a separate encrypted space for sensitive apps and files — requires additional authentication to access
• Enhanced Data Protection (Samsung): Enables end-to-end encryption for Samsung Cloud backups — strongly recommended
• Device Admin Apps: Review — remove any apps with device administrator access that you don’t recognize
• SIM Card Lock: Enable to prevent SIM swapping attacks — set a PIN for your SIM card

Privacy Settings

Pixel: Settings > Security & Privacy > Privacy Samsung: Settings > Security and Privacy > Privacy

• Permission Manager: Review which apps have access to Camera, Microphone, Location, Contacts, and Storage — revoke anything that doesn’t actively need it
• Show Passwords: Turn OFF — prevents passwords from briefly appearing on screen
• Notifications on Lock Screen: Set to “Hide sensitive content” or “Don’t show notifications”

Advertising ID

Pixel: Settings > Security & Privacy > Privacy > Ads Samsung: Settings > Security and Privacy > Privacy > Ads

• Delete Advertising ID — permanently removes Google’s ad tracking identifier from your device
• Alternatively: Reset Advertising ID periodically if deletion isn’t available on your Android version

Delete the Advertising ID. It’s a permanent tracking tag that follows you across apps. Go delete it now.

Private DNS

Pixel: Settings > Network & Internet > Private DNS Samsung: Settings > Connections > More Connection Settings > Private DNS

Set Private DNS to Private DNS provider hostname and enter one of these:

• dns.adguard-dns.com — blocks ads and trackers at the DNS level
• one.one.one.one — Cloudflare’s privacy-focused DNS (fast, no filtering)

This applies to all apps on your device, including ones that ignore in-app ad blockers. It works on WiFi and mobile data. Set it once and forget it.

Hotspot, Bluetooth, and WiFi

• Hotspot: Disable when not in use — an active hotspot is an open network
• Bluetooth: Disable when not in use — Bluetooth can be used for passive location tracking and is a known way for others to probe your device
• WiFi: Disable auto-connect to open networks; review saved networks periodically and remove unfamiliar ones

Pixel: Settings > Network & Internet > Internet > Saved Networks Samsung: Settings > Connections > WiFi > Advanced > Manage Networks

Location Settings

Pixel: Settings > Location Samsung: Settings > Location

• Location: Keep OFF unless actively needed; turn on only for specific app use then turn it off
• App Permissions: Review each app’s location access — set to “Only while using” rather than “Always”
• Google Location History: Turn OFF if not already paused via Google Account settings (see the Google Account section above)
• Emergency Location Service: Can remain ON — this only activates during emergency calls

Browser and Application Manager

Pixel: Settings > Apps Samsung: Settings > Apps

• Review installed apps — uninstall anything you don’t use
• For each app: tap > Permissions > revoke unneeded permissions
• Check Special App Access for apps with elevated permissions (device admin, accessibility, notification access) — these are high-privilege grants

Default Browser:

• Consider using a privacy-focused browser (Firefox with uBlock Origin, or Brave) instead of Chrome
• Settings > Apps > Default Apps > Browser App > select your preferred browser

Sideloading Risks

Android lets you install apps from outside the Play Store. This is powerful and dangerous.

• Keep Install Unknown Apps disabled for all apps unless you have a specific reason to enable it
• Pixel: Settings > Apps > Special App Access > Install Unknown Apps
• Samsung: Handled by Auto Blocker (see above); also at Settings > Apps > Special App Access > Install Unknown Apps
• If you sideload, only install APKs from trusted sources. F-Droid is a reputable repository for open-source apps. Random APK sites are not.
• After installing a sideloaded app, go back and disable the install permission for the app you used to download it (usually your browser or file manager)
• If you don’t know what sideloading is, you don’t need it. Leave the defaults alone.

GrapheneOS (Power Users)

This section is for power users comfortable with flashing firmware. If you don’t know what that means, skip this.

GrapheneOS is a privacy-focused Android operating system that runs on Pixel devices. It strips out Google’s system-level data collection while still letting you use Google Play apps in a sandboxed environment.

What it gives you:

• Sandboxed Google Play — Google Play Services runs as a regular app, not as a privileged system process. It can’t silently access your data.
• Per-app network permissions — you can block any app from accessing the internet entirely. Stock Android doesn’t offer this.
• Hardened memory allocator and exploit mitigations — significantly raises the bar for device exploitation
• No Google account required — you can run the phone without signing into Google at all

What it costs you:

• Only works on Pixel devices (by design — Pixels have the best hardware security support)
• Some banking and DRM-dependent apps may not work or may require workarounds
• No over-the-air carrier updates — you manage your own updates
• You’re on your own for troubleshooting

Install guide: grapheneos.org/install

GrapheneOS is the single most effective thing you can do for Android privacy. It’s also the most involved. Everything else on this page is a compromise — a good compromise, but a compromise.

Go to myaccount.google.com and turn off Web & App Activity, Location History, and YouTube History. Then go to Settings > Privacy > Ads and delete your Advertising ID. Then audit your app permissions. Those three actions have the biggest impact for the least effort.