Science & Technology

IIT Delhi Study Exposes Hidden GPS Privacy Risks on Android

IIT Delhi research reveals Android apps with GPS access can detect user activity, environment, and room layout, posing serious privacy concerns.

By : EduAdvice 2025-10-31 09:22:09

IIT Delhi Study Reveals Hidden Privacy Risks in Android GPS Permissions

New Delhi: A groundbreaking study by researchers at the Indian Institute of Technology (IIT) Delhi has revealed that Android mobile apps with precise location permissions can extract far more information than users realize — including details about their environment, activities, and even indoor layouts — without needing camera or microphone access.

The research, conducted by Soham Nag, M.Tech. student at the Centre of Excellence in Cyber Systems and Information Assurance, and Dr. Smruti R. Sarangi, Professor in the Department of Computer Science and Engineering at IIT Delhi, demonstrates how subtle fluctuations in GPS signals can unintentionally expose private details about users.

The study, titled “AndroCon: An Android Phone-based Sensor for Ambient, Human Activity and Layout Sensing using Fine-Grained GPS Information,” has been published in the prestigious ACM Transactions on Sensor Networks, a leading journal in the field of privacy-aware sensing.
Read the full study here

How Android GPS Can Reveal Hidden User Data

The researchers developed AndroCon, the first system to prove that fine-grained GPS data accessible to Android apps can act as a covert sensor. Using just nine low-level GPS parameters — such as Doppler shift, signal power, and multipath interference — the system can infer whether a person is sitting, standing, lying down, traveling in a metro, flying, or even inside a crowded or empty room.

“AndroCon achieved up to 99% accuracy in detecting surroundings and over 87% accuracy in recognizing human activities—even subtle gestures like hand-waving near the phone,” said Prof. Smruti R. Sarangi.

The framework can also create indoor floor maps, identifying rooms, staircases, and elevators with an accuracy margin of under 4 meters, purely from GPS signal variations and movement patterns.

Privacy Implications for Android Users

The findings highlight a serious privacy concern — any Android app with precise location permission could potentially infer sensitive information about users’ environments without their consent.

“This study reveals an unseen side of GPS — a powerful but silent channel that can sense the world around us,” said Prof. Sarangi. “AndroCon turns an everyday smartphone into an unexpectedly precise scientific instrument, but also a reminder that familiar technologies can hide privacy risks.”

Even in areas with weak GPS signals, AndroCon could determine whether users were in small or large rooms, underground or above ground, or even inside an aircraft, showcasing the extensive potential — and risks — of this discovery.

Towards Safer, Smarter Technologies

While the system opens possibilities for context-aware and privacy-respecting smart services, the researchers emphasize the need for stronger data access regulations and user consent transparency in mobile applications.

With over 40,000 sq. km of testing across various devices and conditions, the IIT Delhi study is among the first in the world to show how low-level GPS data, often overlooked, can turn into a powerful privacy fingerprint.

Click Here for More Science & Technology

Tags: # Science & Technology Delhi (UT)