Google: Android’s private compute core protects your data

Google provides more details on how Private Compute Core on Android operates and protects sensitive user data.

. PCC provides a trusted, secure environment in the operating system that stores data from the sensors, screen, microphone and GPS. This allows the user to use machine learning capabilities.

These intelligent features include “Live Caption”, which utilizes the microphone to recognize speech, and “Now Playing,” which recognises the song. There are also options for “Smart Reply,” which offers responses via messaging apps.

What is PCC?

This protected “sandbox”, which contains OS-level and ambient data, can be used by Android to activate intelligent features via the ASI system. However, they are not accessible to remote servers and cannot be accessed by applications. Users’ privacy is also protected.

By using the Android Framework API to access all data inputs/outputs from/to the PCC and facilitating permissions during OS installation, isolation is possible.

This permission can only be modified by OS updates. Remote server connections cannot change it.

BleepingComputer contacted Google to inquire about PCC’s effects on data protection against malware that could have compromised Android devices. We were able to get the following response:

PCC makes it more difficult for malware to exploit an OS. PCC makes sure that devices use data in the best possible way. This includes not keeping it longer than necessary.

PCC was not created to provide additional protection from malware, but for data privacy.

Google is included in this data sealing, since all data processing occurs within the PCC Enclave on the device.

Google Private Compute Services is available to enable encrypted data exchange if the ML functions require interaction with external endpoints.

Functional diagram of PCC


Private Compute Services (PCS), a group of services, is an intermediary between PCCs and the cloud that protects privacy.

PCS has been open-sourced recently as part of Google’s commitment to transparency. Its source code can be found on the

Google claims that it uses federated learning to increase PCC using usage statistics. It also monitors machine learning performance with private information retrieval.

allow Google to build ML models locally using the data collected from users.

PCC’s machine-learning features can still be updated as it is part of Android OS. This allows the OS to continue evolving independently.

PCC can be controlled by the user. If sensor toggles turn to “off”, they stop sending and generating data throughout the operating system including PCC.

Users can also restrict data sharing with PCC via Settings Google Personalize using App Data, and changing the toggle position to ‘off’ for those apps that use ML-related features.

Android setting to disable ML features

Google engineers also have published an that provides more information about the PCC’s operation and functions.