Google Unveils One-Shot Private Analytics for Android 9+ Devices, Combining Cryptography and TEEs
Updated
Updated · Google Research · May 27
Google Unveils One-Shot Private Analytics for Android 9+ Devices, Combining Cryptography and TEEs
1 articles · Updated · Google Research · May 27
Summary
Google introduced a private analytics system that lets devices submit data in a single encrypted message, aiming to measure on-device AI performance across millions of phones without exposing individual user content.
The design pairs a new secure-aggregation protocol with trusted execution environments, so raw data stays encrypted until it is aggregated and anonymized, reducing reliance on hardware alone.
Google said the one-shot approach removes the need for multi-round protocols that require devices to stay online, a key barrier that had limited wider deployment of cryptographic aggregation at scale.
Android SafetyCore on Android 9+ will use the system to evaluate metadata on safety-tool effectiveness, helping tune classifiers and track true-positive rates while keeping sensitive content on the device.
The launch extends Google's earlier federated analytics and TEE-backed aggregation work in products such as Pixel Recorder and Gboard, while signaling plans to support broader privacy-preserving computations.