https://protonmail.com/blog/android-privacy/?pk_campaign=ww-en-mail-brd-end_year_comms2019&pk_source=backend-email&pk_medium=link&pk_content=android&pk_kwd=cta
I will make a quick summary:
Avoid Google data protection
Use a pin
Encrypt your device
Keep up to date
Use a VPN
Don't use Google search
Use a secure email provider
Don't share location with apps
Review default apps
Use a non Google version of android
Quote
The basic principle: Turn everything off
In short: if you are not using a service right now, turn it off.
-snip-
Using Android privately
In closing, it’s also worth pointing out that, although Android is a risk to your privacy if you don’t lock it down correctly, smartphones per se are not evil.
In fact, if used correctly they can be extremely useful in securing other parts of your online life. The clearest example of this is two-factor authentication, in which a time-based code from a smartphone app is required in addition to your password to log in to your account. (Where possible, you should set up this kind of system for all of your online accounts.)
The trick to using a smartphone securely, as with any other device, is to take the time to find out how it actually works. That way, you can disable the data-collection and data-sharing “functions” that you don’t need.
In short: if you are not using a service right now, turn it off.
-snip-
Using Android privately
In closing, it’s also worth pointing out that, although Android is a risk to your privacy if you don’t lock it down correctly, smartphones per se are not evil.
In fact, if used correctly they can be extremely useful in securing other parts of your online life. The clearest example of this is two-factor authentication, in which a time-based code from a smartphone app is required in addition to your password to log in to your account. (Where possible, you should set up this kind of system for all of your online accounts.)
The trick to using a smartphone securely, as with any other device, is to take the time to find out how it actually works. That way, you can disable the data-collection and data-sharing “functions” that you don’t need.