The short version: turn off the Advertising ID (it's on by default and most users never find the setting). Audit app permissions through the Privacy Dashboard. Set a private DNS (Android 9+ supports DNS-over-TLS natively). Audit Google account activity controls. Recognize that Google Play Services itself is a baseline telemetry channel you can't fully turn off. Recognize that OEM telemetry (Samsung, Xiaomi, OnePlus, Huawei) adds another layer on top. For everything that's left, you need a network-level filter — same conclusion as iOS, but the gap on Android is bigger because the OS gives apps more.
The structural difference: Android isn't iOS
Before specific settings, three structural facts shape what privacy on Android actually looks like in 2026:
There's no App Tracking Transparency on Android. iOS forces apps to ask before using the device-level advertising ID; Android does not. The Advertising ID is on by default and apps freely use it for cross-app tracking. You can turn it off in Settings (we'll get to that), but the default is opt-in, not opt-out. This is the single biggest policy gap with iOS. Our breakdown of what ATT doesn't stop on iOS still applies fully — and the floor is lower on Android because there's no ATT to start from.
Google Play Services runs underneath every app. It handles push notifications (FCM), location services, Google Sign-In, payments, the Play Store, Find My Device, and ~40 other system functions. It also reports telemetry continuously to Google. You can disable individual subsystems, but you can't fully disable Play Services without breaking Android's app ecosystem. This is by design and not changing.
OEMs add their own telemetry on top. Samsung phones run Samsung Knox analytics. Xiaomi runs Xiaomi cloud sync. OnePlus runs heytap. Huawei (on its non-Google Mobile Services builds) runs Petal. These are separate from Google's telemetry and have their own opt-outs (often buried). On Pixel devices, OEM telemetry is just Google's, since Google makes the Pixel.
What this means practically: Android's privacy ceiling is lower than iOS's, but the floor of what you can control through settings is broader. Both can be improved meaningfully with the right configuration — neither approaches "private by default."
The settings that actually matter
In rough order of impact, these are the toggles worth your time:
1. Delete the Advertising ID
Settings → Security & privacy → Privacy → Ads → Delete advertising ID. Tap it. Confirm. This is the closest Android equivalent to iOS ATT and far the most-impactful single setting. After deletion, apps that ask for your advertising ID get a string of zeros. The setting is opt-in (you have to find it); most users don't.
Note that deleting the advertising ID does not stop apps from tracking you via other means — embedded SDK fingerprinting, Google Sign-In linkage, hashed email/phone identifiers. It just stops the single Google-managed identifier. The other layers require network-level filtering, which we cover later.
2. Set a private DNS
Settings → Network & internet → Private DNS. Android 9+ supports DNS-over-TLS natively. Set it to "Private DNS provider hostname" and enter a privacy-respecting resolver like dns.cloudflare.com or dns.adguard-dns.com. This prevents your carrier and any local network from seeing what hostnames your phone is resolving.
This is one of Android's genuinely strong privacy features — iOS doesn't expose it as cleanly. It's also a partial step. Private DNS encrypts your queries; it doesn't filter them. For filtering (ad blocking, tracker blocking, phishing detection), you need a filtering resolver, which is what a tool like Casper provides at the VPN layer.
3. Audit app permissions through the Privacy Dashboard
Settings → Security & privacy → Privacy → Privacy Dashboard. Android 12+ shows a 24-hour timeline of which apps accessed which sensors (location, microphone, camera). Most users have at least 3–5 apps accessing things they don't realize.
Common findings worth fixing:
- News apps with constant location access (revoke; they don't need it)
- Weather apps with "Allow all the time" location (downgrade to "While using")
- Social apps with microphone access not actively voice-recording (revoke)
- Camera permission granted to apps that shouldn't need it (revoke)
- Calendar/contacts access for apps that don't need to read either
Android 13+ also adds the auto-revoke setting — apps you haven't opened in months automatically lose their permissions. Make sure it's enabled per app.
4. Lock down Google account activity controls
Settings → Google → Manage your Google account → Data & privacy. Three high-impact toggles:
- Web & App Activity: default-on. Stores your search history and activity across Google services. Auto-delete every 3 or 18 months, or pause entirely.
- Location History: default-on. Records your location continuously while signed in. Pause or auto-delete.
- YouTube History: separate setting for video watch and search history. Pause if you don't want personalization.
Note: pausing these stops future data collection. Existing data is retained unless you also delete it via the "My Activity" page. Auto-delete is the cleaner long-term setting.
5. Disable Personalized Ads in your Google account
Google account → Data & privacy → Ad personalization → Off. Stops Google from using your activity to personalize ads in YouTube, Search, Maps, and partner sites. Doesn't reduce the volume of ads — just unties them from your profile.
6. Lock the screen properly
Settings → Security & privacy → Device unlock. Use a long PIN (8+ digits) or password, not just a fingerprint. Reason: at US borders and in legal compulsion contexts, courts have been more willing to compel biometric unlock than knowledge-based unlock. The 5th-Amendment doctrine is unsettled but trending: fingerprints/face = thing you have, PIN = thing you know.
7. Audit and disable OEM-specific telemetry
Depending on your phone manufacturer:
- Samsung: Settings → Privacy → Permission manager. Also: Settings → Lock screen → Customization Service → Off. Also: Disable "Samsung Daily" / "Samsung Free" if present.
- Xiaomi (MIUI / HyperOS): Settings → Privacy protection → Special permissions → Usage access (audit). Also: Mi Account → Privacy → User Experience Program → Off. Also: disable "Recommendations" in MIUI apps (Music, Video, etc.).
- OnePlus (OxygenOS): Settings → System → System apps updater → Off. Also: disable "User Experience Program" and "System Stability Improvement" in Settings.
- Huawei: EMUI Settings → System & updates → User Experience Improvement Plan → Off.
- Pixel: Settings → System → About phone → Build number (tap 7 times for developer options) → Developer options → off "Usage and diagnostics" if you want to stop Pixel-specific telemetry.
8. Disable "Find My Device" location reporting if you don't use it
Settings → Google → Find My Device. Useful for actual lost-device scenarios. Off if you don't use it. Note that the network functionality changed in Android 14 to use the Find My Device network (similar to Apple's Find My) — this is opt-in but worth understanding what it does.
9. Audit installed apps and remove the ones you don't use
Every app on your phone has some attack surface and some baseline telemetry. The single most effective privacy intervention most users skip: uninstall apps you haven't opened in 90+ days. Half the privacy battle is reducing the number of agents that have any access to your device.
10. Use per-app VPN routing (if you run a VPN)
Android — unlike iOS — supports per-app VPN allowlist/denylist. You can route specific apps through a VPN while letting others use the local connection. This is genuinely better than iOS's all-or-nothing model. Useful for excluding banking apps that block VPN connections, while keeping the broader VPN coverage for everything else.
What Google can still see, no matter what you toggle
Even with every setting locked down, Google's stack has access to:
- Push-notification routing. All Android push notifications transit Firebase Cloud Messaging (FCM). The notification content is end-to-end encrypted by some apps (Signal, Wire) but routing metadata is visible.
- Account-level activity for any service you sign in to with your Google account. Search history is paused-by-toggle; account-level activity isn't gone.
- Approximate location via cellular tower triangulation and WiFi BSSID fingerprinting. Independent of GPS or app permissions. Used for crowd-sourced location services.
- Device-level diagnostics from Pixel devices. Even with "Usage & diagnostics" disabled, Pixels send a baseline of telemetry for warranty and safety operations.
- App-install signals from the Play Store. Google knows which apps you have installed, when you installed them, and how often you update them.
None of this is malicious; it's how the platform operates. But it means "I turned off everything in Settings" is a meaningful improvement, not invisibility.
What apps can still see, even with permissions locked down
App permission controls in Android 13+ are genuinely good for the categories they cover (location, microphone, camera, contacts, etc.). They don't cover the bigger surface: any app you've launched can make network connections, and those connections can carry data the app gathered from anywhere it has access — its own data, the on-device sensors you've permitted, fingerprint data that doesn't require permissions (timezone, screen size, system fonts, sensor noise patterns).
Embedded SDKs are the biggest leak. The Facebook SDK is in roughly 30% of Android apps; even with all permissions denied, those apps still phone home to Meta with whatever the SDK was designed to send. Mixpanel, Amplitude, AppsFlyer, Adjust, Branch — same pattern. The Android permission system was never designed to gate this layer.
This is where network-level filtering pays off — same logic we covered in the DNS-filtering deep-dive. Block the SDK's destination at the DNS layer and it doesn't matter what data the SDK gathered, because that data can't leave the device. The Casper team built tracker blocking specifically for this — covers ~50,000 tracker and ad-network endpoints, including OEM telemetry endpoints (Samsung Knox, Xiaomi cloud, OnePlus heytap, etc.).
Sideloading: real risk, real benefit
Android lets you install apps outside the Play Store — APK sideloading, F-Droid, alternative stores. The benefit: access to apps Google has removed or never allowed, including some legitimate privacy-focused tools. The cost: weaker malware moderation than Google Play. Most consumer malware on Android comes from sideloaded sources.
If you sideload:
- Only from sources you trust (F-Droid, official developer websites, GitHub releases verified against checksums).
- Keep Google Play Protect on (Settings → Security → Google Play Protect) — it scans sideloaded APKs too.
- Recognize that a malicious sideloaded app has the same permission model as a Play Store app; the same network-level filtering applies.
The two-layer model on Android
Same conclusion we keep arriving at:
- OS-level settings cover what Google designed them to cover — permission gates, advertising-ID toggle, account-level data controls. Take 20 minutes once to get these right.
- Network-level filtering (VPN with DNS filtering) covers what the OS settings don't — embedded SDK telemetry, ad networks, phishing destinations, OEM telemetry. This is where Casper's filtering lives. The Android version has per-app override controls (more flexible than the iOS implementation).
The pair covers most of what a 2026 Android threat surface looks like. Each layer alone leaves big gaps. Our Android platform page walks through what Casper covers specifically.
What's changing in 2026 and 2027
Privacy Sandbox on Android. Google's long-running effort to replace cross-app advertising ID tracking with topic-based and on-device-only signals is gradually rolling out. The Topics API and SDK Runtime are in beta as of 2026. Whether this materially changes the privacy picture depends on whether ad networks actually adopt it instead of continuing to fingerprint — early signs are mixed.
Find My Device network expansion. Android 14 expanded the Find My Device network to function similarly to Apple's Find My — your phone helps locate nearby lost devices via Bluetooth. Off by default until you opt in, but worth understanding what it does.
State privacy laws expanding to mobile. Washington's My Health My Data Act (in effect since 2024) and Nevada's similar 2024 law both have implications for health-adjacent Android apps (fitness trackers, meditation apps, period trackers, etc.). Expect more state laws to follow this pattern.
Bottom line
Android's privacy story in 2026 is "the controls are there, but they're hidden by default, and they don't cover the biggest part of the surface." The 20 minutes spent in Settings turning off Advertising ID, auditing permissions, setting Private DNS, and disabling OEM telemetry returns more privacy improvement per minute than anything else you can do. After that, network-level filtering is what closes the embedded-SDK and ad-network gap that no app-permission system addresses.
If you want the network layer handled for you — including the Android-specific OEM telemetry endpoints — that's what Casper's Cloak does on Android. Android-specific page walks through the install and per-app routing; tracker blocking covers the SDK layer specifically.