A decade ago iOS and Android were roughly comparable in privacy posture, in the sense that both leaked extensively through advertising IDs, app permissions, and sensor APIs. Five years ago, with iOS 14’s App Tracking Transparency, the two systems began to diverge. The current state in 2026 is that the mobile-privacy gap is real and worth understanding, but the picture is more nuanced than the partisans of either platform claim.
The default privacy floor
The OS-level features that mostly distinguish the two:
App Tracking Transparency on iOS. Since iOS 14.5 (April 2021), apps must request explicit opt-in to access the device’s Identifier for Advertisers (IDFA) for tracking across apps. Apple’s framing was that "tracking" includes both first-party data combined with third-party data and any cross-app linkage. Industry data, from Adjust, AppsFlyer, Branch, Singular, shows opt-in rates clustered in the 25–40% range globally, with US rates lower. The effect on the mobile advertising economy was substantial: Meta publicly attributed a $10 billion annual revenue impact to ATT.
Android’s equivalent path. Google has moved more incrementally. The Advertising ID can now be reset and zeroed out (Settings → Google → Ads → Delete advertising ID), which sends a string of zeros to apps that request it. Privacy Sandbox on Android, Topics API, Attribution Reporting, FLEDGE, is the long-term replacement and is rolling out through 2024–2026. The model is similar to Apple’s but explicitly preserves a constrained advertising mechanism rather than eliminating cross-app tracking outright.
App permission models. Both platforms now offer "approximate location" instead of precise; both offer per-session permission grants; both surface high-frequency permission usage to users. iOS is generally a step ahead on enforcement strictness; Android is generally more granular and configurable.
The default cloud and identity layer
This is where the gap is largest:
Apple ID and iCloud. iCloud is integrated tightly with iOS; many Apple services run through it. Advanced Data Protection (introduced December 2022, generally available 2023) extends end-to-end encryption to most iCloud data categories, iCloud Backup, Photos, Notes, Reminders, Voice Memos, and others, when enabled by the user. ADP is opt-in; most users have not enabled it. Apple’s documentation at support.apple.com/en-us/HT202303 lists what is and is not covered.
Google Account and Google services. Google’s data collection across its services is more extensive and more central to the business model. Activity data feeds personalisation across Search, YouTube, Maps, Assistant, and the advertising stack. The "Auto-delete activity" controls work, and the Takeout export is comprehensive, but the default state of a Google account is data-rich.
End-to-end encryption is unevenly applied across Google services. Messages by Google has E2EE for RCS conversations; Drive does not have E2EE; Photos does not have E2EE.
The structural difference: Apple sells hardware and uses privacy as a competitive feature; Google sells advertising and uses data as a business model. The privacy postures track those incentives.
Specific features compared
Browser. Safari on iOS includes Intelligent Tracking Prevention (since 2017), Cross-Site Tracking Prevention, Hide IP Address (via iCloud Private Relay if subscribed), and aggressive fingerprinting countermeasures. Chrome on Android, by default, has weaker tracking protections; Firefox and Brave are available alternatives but require download.
Photos. iOS Photos uses on-device machine learning for face recognition, scene detection, and search; the indexing happens locally with no cloud component when iCloud Photos is disabled. Google Photos is cloud-first; recognition and search happen server-side; the trade-off is that Google Photos is dramatically better at search but visibility is at Google.
Voice assistant. Siri now processes most queries on-device on modern Apple silicon. Google Assistant runs hybrid; basic queries are on-device on recent Pixel hardware, complex queries hit Google servers. The audio retention defaults differ; Google’s settings let you disable audio retention entirely, Apple does not retain audio recordings by default for Siri.
App store and sideloading. iOS App Store has a stricter review process, although the Digital Markets Act compliance changes have introduced sideloading and alternative stores in the EU since 2024. Android allows sideloading globally and has a much more diverse app ecosystem; this is a privacy benefit (alternative app stores, F-Droid for open-source apps) and a privacy risk (malware via untrusted APKs).
Find My / location sharing. Apple’s Find My network uses end-to-end encryption with a privacy-protecting design that has been formally analysed and audited. Google’s Find My Device, recently expanded to a network model, is more recent and less analysed.
Mail privacy. iOS Mail Privacy Protection (since iOS 15) routes loaded email content through proxies, hiding IP and read status from senders. Gmail’s image-proxy approach predates this and provides similar but slightly weaker guarantees.
The third-party app reality
Both platforms suffer the same underlying issue: third-party apps are the largest privacy risk on either OS. The platform’s defaults can prevent identifier-level cross-app tracking, but apps that operate as walled gardens of their own (TikTok, Meta apps, banking apps, retailer apps) collect extensive in-app data unaffected by OS-level controls.
Apple’s Privacy Nutrition Labels and Privacy Reports give visibility into app data practices but rely on developer self-reporting. Google’s Data safety section in Play Store works similarly. Both have been documented to be only as honest as the developers populating them.
The Mozilla Foundation’s "Privacy Not Included" buyer’s guide and Exodus Privacy’s analysis of installed Android-app trackers (at exodus-privacy.eu.org) are useful third-party references.
Hardware-rooted privacy
Apple’s Secure Enclave, biometric processing, and on-device intelligence stack run on hardware that has been continuously refined since the iPhone 5s. The result is a privacy posture that depends on Apple’s silicon and software being honest, but does not depend on a network connection.
Android’s hardware-rooted security (Titan M, Tensor security chips) is less unified across the ecosystem. Pixel devices and recent Samsung devices have credible hardware security; the long tail of Android devices runs on chipsets with much weaker guarantees.
Custom Android variants, GrapheneOS, CalyxOS, strip Google services and harden the stack further. GrapheneOS in particular has become the canonical privacy-focused Android distribution; it is supported only on Pixel devices and adds genuinely meaningful protections, including a hardened malloc, stronger sandboxing, and per-app network and sensor permissions. The project is at grapheneos.org.
The 2026 verdict
For an average user with default settings, iOS provides better privacy than mainstream Android in 2026, primarily because of ATT, the iCloud privacy stack with ADP available, and the structural absence of an advertising business pulling data centripetally.
For a privacy-motivated user willing to configure aggressively, GrapheneOS on a Pixel device provides better privacy than iOS, primarily because of the depth of configuration available and the absence of the iCloud / Apple ID surveillance vectors that the platform default introduces.
For most users, neither platform is a privacy paradise. Both leak extensively through third-party apps, both depend on trust in their respective platform operators, and both have made substantial improvements over the past five years that should not be dismissed.
The simple advice:
Enable iCloud Advanced Data Protection if you use iOS.
Reset your Advertising ID monthly on Android, or zero it out entirely if you do not need personalised ads.
Audit installed apps quarterly and remove anything you do not actively use.
Use a privacy-respecting browser as your default rather than the OS default.
Configure DNS encryption at the OS level (covered in the separate post).
The mobile-privacy debate has matured. The right framing is not "which OS is private" but "what configuration of which OS, with which apps, and which behaviours". The answer to that question is increasingly tractable for individuals who care to investigate.
