On Android phones Google Firebase Analytics are used to track app usage (screens viewed, items bought etc). On web pages Google Analytics serves a similar purpose. Google Analytics uses cookies for linking collected data to an individual user, and for linking it to their real identity. But it is not clear how Firebase Analytics carries out this linking.
The aim of this project is to investigate this. You will use a rooted android phone (I’ll provide one), write a test app that uses Firebase Analytics and take measurements of the analytics data sent to Google servers and subsequently displayed to you on your Firebase Analytics dashboard. The impact of changing the ad personalisation settings on the handset, in the app and on the server backend on the data sent can then be investigated. Of particular interest are the identifiers sent when using different personalisation settings.
With this in hand, you can then take measurements for some popular apps of your choice and observe whether the Firebase Analytics data sent matches ad personalisation expectations (obtaining consent and adjusting analytics settings is left to the app, and so may not be implemented correctly or at all).
If time allows, you can also create a web page with Google Analytics and investigate the ways in which Google links together activity by the same user on the web and on their mobile phone.