Data tracking and changing my email on Google play service

supersteez

I have a more logistical question on how I am tracked via play services and if I am understanding this correctly.

I created a profile for all my daily driver, invasive apps that need access to play services. When installing them, I original signed into sandboxes google play with my email. However, I just created a new dummy email that I want to use for all these services.

My question is, if I sign out of my normal email from sandboxed Google play and resign in with my dummy email, will that email be tracked and connected to my previous email account/gmail account since it was signed on previously?

Or is it better for me to create an entirely new GOS profile with the new spam email and reinstall all these apps all over again in the new profile?

I hope my question makes sense. I am happy to clarify.

mmobder

supersteez Or is it better for me to create an entirely new GOS profile with the new spam email and reinstall all these apps all over again in the new profile?

The right and (probably) the only answer is that it only google who knows)

I would not bet on Google not linking all your listed options to "you"'r profile in their data.
Reuse of the same profile will probably hit the easier linking via "The ANDROID_ID string is a 64-bit random number, unique to each combination of profile and app signing key"
However, as there are a lot of ways to fingerprint your device, there already may be a code detecting it's the same device just the different profile.

mmobder

supersteez also, there is an app https://github.com/trustdecision/trustdevice-android that shows you what apps can "see" and try to test it. There is a list of similar apps on their readme page

supersteez

mmobder that's a bummer. So essentially I'd have to wipe my device or purchase a new device?

mmobder

supersteez it's again a kind of tricky question, as it's only google architects know what are their fingerprinting techniques.
If you were using gplay store for app installation (and not aurora store), then ggl most likely has your app list, so if you sign-in with other user but will use the same set of apps, altogether with the same usage patterns, then ggl may have enough info to link it (though I dunno if they're doing it).

Typically it may be beneficial to combine "identity" move with HW change and revision of your app list, setting another neighbor country in system settings and using vpn or tor to access services that doesn't block it.
BTW, for example, aurora store (though disliked by official GOD support here), unlike gplay store, allows you not to send all your installed apps (including those installed via obtainium) to Google to check for updates.

As always, it's a question if your threats model requires/justifies all the hassle.

mmobder

supersteez you're welcome to check this FAQ section https://grapheneos.org/faq#non-hardware-identifiers