Google's Quiet, Confusing Privacy Policy Change Is Why We Need More Transparency & Control
from the don't-hide-this-shit dept
Last week, I wrote about how privacy is about tradeoffs, and despite what some people claim, there's no such thing as "absolute privacy," nor would you actually want something approximating what people think they mean by it. The real issue is the tradeoff. People are quite willing to trade certain information in exchange for value. But, the trade has to be clear and worth it. That's where the real problems come in. When we don't know what's happening with our data, or it's used in a sneaky way, that's when people feel abused. Give people a clear understanding of what they're giving and what they're getting and you eliminate most of the problem. Then give end users greater control over all of this and you eliminate even more of the problem.This was our thinking in designing a Privacy Bill of Rights for companies to abide by in designing their services (along with EFF and Namecheap).
It appears that Google would fail to meet the standards of that bill of rights. Last week, ProPublica wrote about how Google quietly changed the privacy policy related to how it connects DoubleClick advertising to other data that it has about you, allowing the company to actually link your name and other identifying information to you as you surf around the web. And, on top of that, it apparently includes tying what you type in Gmail to the ads you might see.
The practical result of the change is that the DoubleClick ads that follow people around on the web may now be customized to them based on the keywords they used in their Gmail. It also means that Google could now, if it wished to, build a complete portrait of a user by name, based on everything they write in email, every website they visit and the searches they conduct.Here's the thing: a lot of privacy advocates I know will likely say that this move is de facto "bad." And that any linkage between identity and ads is bad. But I'd argue that the real problem here is Google's unwillingness to be clear and transparent. It slipped this change in and then made up some PR-speak about why it was doing it, in a way that wasn't at all clear to basically anyone:
The move is a sea change for Google and a further blow to the online ad industry’s longstanding contention that web tracking is mostly anonymous. In recent years, Facebook, offline data brokers and others have increasingly sought to combine their troves of web tracking data with people’s real names. But until this summer, Google held the line.
Blech. If this is really actually important, and provides more value, don't give the bullshit explanation and confuse reporters. Tell people what's happening and why. If Google is afraid to be upfront and honest about it (things that the company used to do) then it feels like the company recognizes that it's not providing enough value to consumers with these moves. To paraphrase the old saying about it not being the crime but the coverup that gets people, in this case, it's not the privacy policy change that's the clear problem here, but the fact that Google tried to hide it and mislead people about it.Google spokeswoman Andrea Faville emailed a statement describing Google’s change in privacy policy as an update to adjust to the “smartphone revolution”
“We updated our ads system, and the associated user controls, to match the way people use Google today: across many different devices,” Faville wrote. She added that the change “is 100% optional–if users do not opt-in to these changes, their Google experience will remain unchanged.” (Read Google’s entire statement.)
Existing Google users were prompted to opt-into the new tracking this summer through a request with titles such as “Some new features for your Google account.”
The “new features” received little scrutiny at the time. Wired wrote that it “gives you more granular control over how ads work across devices.” In a personal tech column, the New York Times also described the change as “new controls for the types of advertisements you see around the web.”
Thankfully, Google does provide the other prong of our test: giving users control.
To opt-out of Google’s identified tracking, visit the Activity controls on Google’s My Account page, and uncheck the box next to “Include Chrome browsing history and activity from websites and apps that use Google services." You can also delete past activity from your account.But it would have been a lot better if the company could have just been upfront and honest about it. This is why transparency and clarity about intentions are so important. If companies don't do that, then people will (rightly) assume that the moves are designed in a manner to be anti-consumer. If Google truly believes it's providing a better product with such changes, explain why and how and let users decide for themselves.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: ads, control, privacy, privacy policies, transparency
Companies: google
Reader Comments
Subscribe: RSS
View by: Time | Thread
...
Wait, so is this opt-in or opt-out? That's kind of a huge difference...
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
You had to "accept" the new terms, but they were pushed on people heavily and not clearly explained. It was implied that these changes were nothing major, but necessary for mobile services.
[ link to this | view in chronology ]
Re: Re:
Google has done this change extremely underhandedly. I have no doubts it was done that way on purpose. I just don't see how you could get it so confusing and tricky without actively trying to make it that way.
[ link to this | view in chronology ]
DIGITAL HUMAN RIGHTS RUBBER, AND THE ROAD
.
Please!... no emails!
[ link to this | view in chronology ]
The legal realities of present-day make me wary of having *any* online activity of mine attached to my name.
I've lost trust in the courts, Federal law enforcement, and especially the Intelligence Community in regards to *anything* involving a computer. And this mistrust only gets worse every time they play word games to lie about what they do and why they do it.
Alex Stamos said the Snowden revelations set the hacker Fed relationship back by a decade. The followup responses by Feds have largely made this worse. Their only tactic to get trust back appears to be chanting "trust us" and "cyber" endlessly while releasing large amounts of legal documents that dance around the most important and substantive legal issues involved.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
.
Please!... no emails!
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
So....again a reason to ad block
[ link to this | view in chronology ]
Re: So....again a reason to ad block
[ link to this | view in chronology ]
Re: Re: So....again a reason to ad block
What does the privacy policy say about this? Does anything prevent them from linking those together (e.g. by user-agent, IP, "supercookies", webRTC, DNS cache detection, etc.) and using that linkage for advertising?
[ link to this | view in chronology ]
Re: Re: Re: So....again a reason to ad block
[ link to this | view in chronology ]
Re: Re: Re: Re: So....again a reason to ad block
[ link to this | view in chronology ]
absolute privacy
Our children may not be willing to give up their privacy, yet their parents have "screwed" them over by giving it up for them.
Privacy is what you do to attain it and keep it. If you don't fight for it it will be taken away. Your privacy is absolute insofar as you fight for it. Your privacy is a human right.
This is precisely why everyone should have their own email server at home (and in their business). Email servers may be difficult to set up, especially without a guide, but there are enough guides to help everyone out (and people that can be hired to do it for you) to make it happen. Once it is set up it is quite insanely easy to maintain. In fact, it requires very little maintenance. And, don't give me the shit reasoning about backing up the server or about keeping it online.
You don't have it already in your home because of those bullshit excuses. Yes, Mike, total and utter bullshit.
What kept you from maintaining your own email servers were manyfold issues, however most of those issues no longer exist, especially the primary ones: Back in the day you had no 24/7 internet and hardware was expensive. Today most families have an overabundance of computers and they are cheap enough to set aside one as an email server. Nearly everyone with internet has 24/7 connection.
You force us to fall into the bigger pool of users giving government and criminal easier access to your privacy. Stop it Mike. Privacy is KING.
[ link to this | view in chronology ]
Re: absolute privacy
But I have to encourage using LavaBit's new DIME protocol (https://darkmail.info/) over hosting your own eMail server. You can still self-host DIME (ofcourse), but that would theoretically make little difference.
The problem with self-hosted eMail is that, being an ancient protocol that's been learning security as it went, it is trivial for your ISP to man-in-the-middle even if you set up proper security. So you might as well use their services.
Our protocols in general must be upgraded to leak near no information, while being more resilient to other attacks. This is possible, the technology exists! We just need to do so while maintaining some backwards compaibility.
That said there's some truth to what Masnick's saying here. But in most situations "approximating absolute privacy" will not inconvenience anyone (e.g. publishing and reading these Techdirt articles). And where it does, we can certainly avoid handing out certain information (does Techdirt really need to be told my browser and operating system to publish a comment underneath this article? Your browser will give that information out without asking)
[ link to this | view in chronology ]
Re: absolute privacy
I take it you didn't read the previous article that the sentence in question links to?
Because here's what it says:
What is it that you believe is inaccurate about that series of statements? Because it seems pretty straightforward to me.
Moving on to your next point:
You keep saying this. It is absurd.
I'm not a Gmail user, precisely because of the kinds of privacy concerns we're talking about.
But what, exactly, would I gain from running my own e-mail server? Sure, if I used PGP, and everybody else who I ever exchanged e-mails with also used PGP, then my e-mail couldn't be observed by a third party in transit. But that's completely independent of whether I'm running my own server or using somebody else's.
If I'm not using PGP, then I've got, what, SMTP/STARTTLS? An encryption protocol that sends e-mail that can be decrypted at any relay between me and the destination? In other words, it's better than no encryption at all, but sort of requires that I trust my ISP not to read my e-mails. And if I trust my ISP not to read my e-mails, then why do I need a private server in the first place?
And that's before I even get into spam filtering, DDoS attacks, joe jobs, or even really basic stuff like closing your relay.
I've run e-mail servers, both business and personal. I'm glad that I'm not doing either one anymore; too much hassle for not enough benefit.
And that's coming from a guy who knows how to do it. That you expect end users to figure out how to do it ("just read a guide online!") suggests to me that you don't deal with a lot of end users.
We are talking about people who do not know the difference between Windows and Office. People who call tech support for help before they try rebooting their computer to see if it fixes the problem. People whose password is "Password123456!" You are suggesting that these nice people should be expected to learn to set up an e-mail server.
If you want to run your own e-mail server, that's great; enjoy. It probably doesn't help protect your privacy nearly as much as you think it does, but it's a useful skill, and an interesting personal project.
But it is a wildly impractical suggestion for 99% of computer users.
And that's if I round down.
[ link to this | view in chronology ]
Re: Re: absolute privacy
Running your own server means you'd need to have a warrant handed to you for a change rather than having a warrant served to Google and you never knowing that your information was sifted through by countless numbers of Feds. If the info they want on you hasn't already been pre-recorded, they'd need to get it from your sever or that of someone you've e-mailed.
In either case, it's still a privacy benefit for you to run your own server. It forces Feds to do more legwork to get information on you. More legwork and potentially less reward depending on your archival practices.
That's the pr
[ link to this | view in chronology ]
Re: Re: Re: absolute privacy
Yes, exactly.
Don't you see the number of caveats you just used?
*If* they're not currently monitoring your e-mail, *if* your ISP hasn't already agreed to intercept your e-mail, and *if* they don't just go and spy on the recipients of your e-mails instead of you, then at least you'll know they're reading your e-mail when they knock on your front door to seize your server (and probably every electronic device in your house).
And this is better than just using PGP in what way, exactly?
[ link to this | view in chronology ]
Re: Re: Re: Re: absolute privacy
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: absolute privacy
Yes, and not everyone uses their own e-mail server.
Setting up PGP is both easier than setting up your own e-mail server *and* a more effective way of securing your data. Not that the two things are mutex, but if I'm going to start with one of them, it's pretty obvious which one it should be.
[ link to this | view in chronology ]
Limp noodle criticism
[ link to this | view in chronology ]
Re: Limp noodle criticism
[ link to this | view in chronology ]
So I have my iPhone. Apple has no need to spy. They don't own a search engine. They don't make their money selling ad's! I use DuckDuckGo most of the time. I use Ad blockers like Ghostery Which blocks ad's and tracking, etc. Sometimes I turn on my VPN access.
I limit the best I can. I sure don't want 1 company to know my whole life. No NEST for me. I don't want Google knowing when I'm home walking past the freeken thing. I limit to very little of anything on my on Facebook. Just enough so that old friends can reach me. I don't post my life or anything at all on Twitter.
There are things you can do, and not just accept it. Right now with this for Google, it's opt Out and not clear and hidden. At some point you will have NO CHOICE!!! You privacy rights are slowly going away. It's like boiling crap in hot water. Stick them in cold water, turn on/up the heat, and it gets warmer and warmer and before they know it, it's to late and they're DEAD. Your privacy gets less and less every year and before you know it you have NONE!!! They do it FAST and people are up in arms big time. Do it slowly and you can get away with it.
The same has been happening to this country as we lose more and more of our rights and Government grows larger and larger. They won't be happy until you're paying 80-90% of your money in taxes. It keep creeping up. People would be up in arms if they had to write one big tax bill every month, instead of it taken out of your paycheck, and out of everything you buy, and all the services, and Property taxes and on and on and on.
You could tax the so called Rich, the top 10%, 100% of their money and it would be a drop in the bucket to paying off the 20 trillion dollar debt.
This is how it works. Do things Slowly and it becomes NORMAL over time!! If you don't like it, now you're called the CRAZY person!!!
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Respect for privacy means allowing a person to HAVE it, not outlining how it's going to be invaded, no matter how transparent.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re:
Yeah, giving someone the right to say "no" to sex before raping them is not the same as not raping them.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Google is, first and foremost, an advertising company. The search engine, YouTube, emails, Docs, Drive, all those other nice things Google gives you for free? It's so they can show you more ads.
And if there's a way to show you even more ads or collect more data about you (for ads), why wouldn't Google take it?
[ link to this | view in chronology ]
Correction: "Idiotic masochistic sheeple are quite willing to trade certain information in exchange for value"
[ link to this | view in chronology ]
Re:
One: Anyone who uses the word "sheeple" unironically should not be taken seriously.
Two: No, everybody trades certain information in exchange for value. Every time you leave your house, you're doing exactly that.
I take it you're another person who's responding to the article without following the link in the first sentence? Because it covers all that.
[ link to this | view in chronology ]
Re: Re:
"I take it you're another person who's responding to the article without following the link in the first sentence?"
You would, wouldn't you?
[ link to this | view in chronology ]
I get ads for movies I don't watch, booze I don't drink, games I don't play and sports I can't even conceive of wasting time out of my day thinking about.
I'm no fan of giving the corporatocracy a full hold of my personal information but they're getting it anyway and at least it might help divert some fraction of the river of pure shit that flows my way every time I try to support a site by turning off my ad-blocker.
[ link to this | view in chronology ]
Assange calls state dept, Google guys call back. Assange calls Google, state dept calls back. Interesting.
[ link to this | view in chronology ]
The 'merging' is not just there...
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
Not if the contract explicitly states that the terms can be changed later (usually with advance notice).
[ link to this | view in chronology ]
When Eric Schmidt becomes HRC's Secretary of Defense
[ link to this | view in chronology ]
[ link to this | view in chronology ]