Android Q privacy: Changes to data and identifiers

This document describes several restrictions placed on accessing data and system identifiers. These changes help protect users' privacy.

Some of these changes affect all apps running on Android Q while other changes affect only apps that target Android Q.

Changes affecting all apps

The following changes affect all apps running on Android Q, even if they target Android 9 (API level 28) or lower.

Contacts affinity

Starting in Android Q, the platform no longer keeps track of contacts affinity information. As a result, if your app conducts a search on the user's contacts, the results are no longer ordered by frequency of interaction.

The Contacts Provider guide contains a notice describing the specific fields and methods that are obsolete on all devices as of Android Q.

Randomized MAC addresses

Devices running on Android Q transmit randomized MAC addresses by default. If your app handles an enterprise use case, the platform provides several new APIs:

  • Obtain randomized MAC address: Device owner apps and profile owner apps can retrieve the randomized MAC address assigned to a specific network by calling getRandomizedMacAddress().
  • Obtain actual, factory MAC address: Device owner apps can retrieve a device's actual hardware MAC address by calling getWifiMacAddress(). This method is useful for tracking fleets of devices.

Access to /proc/net filesystem

Android Q removes access to /proc/net, which includes information about a device's network state. Apps that need access to this information, such as VPNs, should refer to the NetworkStatsManager and ConnectivityManager classes.

Non-resettable device identifiers

Starting in Android Q, apps must have the READ_PRIVILEGED_PHONE_STATE privileged permission in order to access the device's non-resettable identifiers, which include both IMEI and serial number.

If your app doesn't have the permission and you try asking for information about non-resettable identifiers anyway, the platform's response varies based on target SDK version:

  • If your app targets Android Q, a SecurityException occurs.
  • If your app targets Android 9 (API level 28) or lower, the method returns null or placeholder data if the app has the READ_PHONE_STATE permission. Otherwise, a SecurityException occurs.

Many use cases don't need non-resettable device identifiers. For example, if your app uses non-resettable device identifiers for ad-tracking or user analytics purposes, create an Android Advertising ID for those specific use cases instead. To learn more, see best practices for unique identifiers.

Access to clipboard data

Unless your app is the default input method editor (IME) or is the app that currently has focus, your app cannot access clipboard data.

Changes affecting apps targeting Android Q

The following change affects apps only if they target Android Q.

Access to USB serial requires user permission

If your app targets Android Q, your app can only read the serial number after the user has granted your app permission to access the USB device or accessory.