Google has reached a $135 million settlement following allegations that its Android devices transmitted mobile data to the company without user consent. The settlement, finalized in January 2026, stems from a class-action lawsuit claiming that Google had programmed its devices to collect mobile data from carriers since 2017, offering no option to opt-out even when location tracking was disabled. This practice has led to accusations of „conversion,“ suggesting that Google improperly took control of users‘ information. The company has denied any intentional wrongdoing.
A dedicated settlement website is now live, allowing affected users to verify their eligibility for payment prior to the final approval hearing scheduled for June 23. Users residing in the United States who utilized an Android mobile device with a cellular plan between November 12, 2017, and the date of final approval may be eligible for compensation. The maximum individual payout is capped at $100.
As part of the settlement, Google will be required to update its Google Play terms of service to clarify that data transfers can occur even when a device is not in use. Users will need to consent to this data sharing during the initial setup of their Android devices. Google will also halt data collection if users disable the „Allow background data usage“ option.
Although new Android devices are relatively secure, reports indicate that approximately 40% of Android phones may be vulnerable to malware and spyware attacks. As of February 2026, only 7.5% of devices were operating on Android 16, with others running older versions. Google has ceased support for Android 12 and earlier, leaving billions of users potentially exposed to threats due to outdated operating systems. The upcoming release of Android 17 is anticipated to increase the number of devices running the latest version.
If users suspect that their Android devices may be infected with malware, there are several warning signs to monitor.
