Android 15 could hide your location from carriers on command

Summary

• Android 15 focuses on behind-the-scenes changes for user experience enhancements and safety, keeping your location data safe from carriers.
• A new privacy feature blocks non-emergency location requests originating from cellular networks, protecting against stingray devices and potential abuse.
• Adoption may be gradual as it requires modem-level firmware updates, but Google Pixel phones with Android 15 could benefit first.

The days of Android updates taking giant leaps ahead with outstanding new features and UI design changes seem to be behind us since version 12 and its Material You goodness. Android 13 and 14 were mostly optimization-focused, and you could say the same about Android 15 as well, but a lot of the smaller behind-the-scenes changes add up, to enhance your user experience and safety. The newest feature discovered in Android 15 should keep your location data safe, even from cellular carriers.

Android 15 developer preview builds started rolling out recently, and the second one introduces a new privacy feature which goes a step beyond denying location access to apps and websites in your browser. While apps are reliant on Android’s OS-level APIs to request and access your location data, your carrier has nearly constant and uninterrupted access to your location. The data could be used to locate you, identify where you live and the places you frequent, or serve targeted ads.

Writing for Android Authority, apex Android geek Mishaal Rahman explains that blocking location access for carriers isn’t as simple — it depends on proprietary cellular radio firmwares interacting with Android using Hardware Abstraction Layer (HAL) APIs which radio vendors must support in said firmware. With the Android 15 update, companies making cellular hardware will have the option of integrating a new location privacy HAL which would have the power to deny carrier location requests for non-emergency uses at the Android OS’ behest.

Device location request handling can save you from stingrays

Rahman further clarifies that this isn’t the first time this new HAL API has surfaced — It was seen in the Android 14 QPR2 build, but Google subsequently removed it saying it would be included in Android V, the codename for Android 15. This API could save you from stingray devices which imitate genuine cellular networks and force your phone to connect to them and share data, including your location.

It can prevent location sharing because the API can block location requests originating from your cellular network provider. They are usually emergency requests, but Android 15 provisions to block all non-emergency pings to keep you safe. That said, other types of location requests like those originating from your own device to locate itself, and those terminating at your device when triggered by third parties seem unaffected by this change.

However, you shouldn’t treat this HAL API as a cloak of anonymity, because your network provider can still identify your device by its unique cellular identifier, and also see the network towers you are connected to. Combined with signal strength and connection angle data also available to your provider, triangulating an approximate location remains possible.

As for adoption, it’s obvious every device updating to Android 15 won’t benefit from this immediately because it would require a modem-level firmware update. However, Rahman is hopeful Google’s own Pixel phones shipping with Android 15 pre-installed will enjoy the additional privacy. There’s no guarantee other device manufacturers and their cellular radio suppliers will hop on the bandwagon immediately, but enabling support sets the ball rolling industry-wide.