Every stock Android and iOS device collects data continuously, silently, and by design. This is not a bug. It is the business model. Understanding what happens behind the screen is the first step toward doing something about it.
Your phone does not wait for you to open an app before it starts transmitting data. Background services run continuously, syncing location history, Wi-Fi access points, Bluetooth beacons, app usage patterns, and device identifiers to remote servers. Studies have shown that a stock Android phone contacts Google servers thousands of times per day, even when idle and not actively in use.
iOS behaves similarly. Apple collects device analytics, Siri usage data, location data, and app telemetry. Opting out of analytics in settings reduces some collection, but does not eliminate it. Core system services continue to transmit regardless of user preferences.
Both platforms include services that cannot be fully disabled through settings. Google Play Services on Android handles push notifications, location services, device authentication, and app licensing. It runs with system-level privileges and cannot be uninstalled on a stock device. It has access to your contacts, calendar, location, network state, and more.
On iOS, system daemons handle similar tasks. iCloud syncing, Find My, Siri processing, and diagnostics all operate below the user-facing settings layer. Turning off individual toggles does not stop the underlying processes from running.
Google's telemetry includes your search history, voice recordings (if Assistant is enabled), location timeline, app install history, advertising identifier, and device fingerprint. This data is tied to your Google account and used for ad targeting, product development, and compliance with law enforcement requests.
Apple's telemetry is less advertising-focused but still substantial. Device diagnostics, Siri audio samples, Maps usage, and App Store behaviour are all collected. Apple's privacy marketing emphasises on-device processing, but significant data still leaves the device, particularly when iCloud is enabled.
Privacy settings on both platforms are designed to give users a sense of control without fundamentally changing how the operating system works. You can disable location history, but the device still records cell tower connections. You can turn off ad personalisation, but the advertising identifier still exists. You can deny an app camera access, but the OS itself retains full hardware access at all times.
The problem is architectural. These operating systems were built to collect data. Adjusting settings is like closing curtains in a glass house. The structure itself is the issue.
If your work, personal circumstances, or principles require genuine privacy, settings-level changes on a stock device are insufficient. You need a system that was designed from the ground up to not collect data in the first place. That means a different operating system, not just different settings.
If you require real control, you need a system designed for it.
Browse secure devices built on GrapheneOS, or talk to us on WhatsApp about your requirements.