memes

I'm keen to give GrapheneOS a try when I upgrade to my next phone, it's got some privacy enhancements that CalyxOS doesn't (my current OS). The sandboxing is cool and every bit of obfuscation helps.

However unless your phone is on an always-on VPN with an IP isolated from your other devices, or you're in a bulding full of other users to obfuscate your traffic somewhat, then just accessing your Google Play account via the phone will give them your public IP address and they'll be able to tie that heuristically to your other data/accounts.

Eg scenario: you have a laptop at home, it browses and has a bunch of cookies saved, it uses your public IP. Google is all over the web, inescapable while browsing, and through browser fingerprinting has an advertising profile saved for your device even if you're not logged into an account, this is often called a 'shadow profile'. If it sees another device (your phone) on the same network (same internet IP) regularly accessing the same sites - those devices are likely linked in their database as 'likely same user', with frequency they will be merged permanently as same user. If you then log into your old Google Play account on the phone - boom, all history for that account is now linked in their database to any other profile identifiers for the shadow profile eg cookies, browser fingerprints etc. They don't need you to log in multiple times, once is enough to confirm owership of that device & account. Opsec is a cat and mouse game and Google (and the other surveillance capitalism giants) are literally the most valuable businesses in the world because they're good at tracking users to create personal profiles for them.