Phones running Android have been gathering data about a user's location and sending it back to Google when connected to the internet, with Quartz first revealing the practice has been occurring since January 2017.
According to the report, Android phones and tablets have been collecting the addresses of nearby cellular towers and sending the encrypted data back, even when the location tracking function is disabled by the user.
A Google spokesperson told ZDNet that modern Android phones use a network sync system that requires the use of mobile country codes and mobile network codes, to ensure messages and notifications are received quickly.
The cell tower addresses were then sent to the system Google uses for push notifications and messaging on Android devices, with the spokesperson saying that the practice further improves the speed and performance of message delivery.
"In January of this year, we began looking into using Cell ID codes as an additional signal to further improve the speed and performance of message delivery," the statement continued.
"However, we never incorporated Cell ID into our network sync system, so that data was immediately discarded, and we updated it to no longer request Cell ID."
The spokesperson also said that mobile country codes and mobile network codes provide "necessary network information" for message and notification delivery, but highlighted that they are separate from location services, which is why a user's information was still being gathered, despite disabling the function locally.
"When you use Google services, we may collect and process information about your actual location. We use various technologies to determine location, including IP address, GPS, and other sensors that may, for example, provide Google with information on nearby devices, Wi-Fi access points, and cell towers," the policy reads.
Explaining how Maps finds the current location of a user, however, Google touts that a connection to a cellular network can be accurate up to a few thousand metres.
Google: We'll track your offline credit card use to show that online ads work
Google wants to know more about when and why you spend money, in order to help advertisers improve their online ads.
Location tracking Android spyware found in Google Play store
Fake 'System Update' app downloaded by over a million users since first appearing in 2014.
Google ignores country domain and delivers search results on detected location
The days of changing the country code in the Google domain to see another country's results are over.
Hundreds of privacy-invading apps are using ultrasonic sounds to track you
Apps are using ad-tracking audio signals that your phone can hear, but you can't.
The 10 best ways to secure your Android phone
Malware makers, phishers, they really are all out to get you. Here's how to stop them in their tracks.