If you're using an Android phone that's less than three years old, it could be broadcasting the names of every Wi-Fi network you've connected to. A new investigation from the Electronic Frontier Foundation traced the behavior to a feature called Preferred Network Offload (PNO) introduced with the Honeycomb OS. As part of the phone's ongoing search for Wi-Fi connections, PNO periodically blasts out a list of named networks the phone has previously connected to, often while the phone is still in sleep mode. If the names include specific places, like "Verge HQ network" or "Nilay's Apartment," that list could potentially give away a person's movements and activity.
But if you're worried about the leak, it's easy to fix. Just go to "Advanced Wi-Fi" settings and disable the "Keep Wi-Fi on during sleep" option to stop PNO from checking for networks in sleep mode. (In exchange, you'll see a slight uptick in data and power usage.) EFF has asked Google to address the data leak at an OS level, but it doesn't seem likely. "Since changes to this behavior would potentially affect user connectivity to hidden access points, we are still investigating what changes are appropriate for a future release," the company said in response.
Devices running iOS 6, 7, or 8 are not affected by the bug, although EFF reported some data leakage in iOS 5 devices. Laptops running OS X or Windows 7 are also potentially affected, but without a similar Sleep Mode protocol, the data leak was projected to be much more limited.
Update 7/3 1:48pm EDT: Updated to include more information on affected devices outside the Android ecosystem.