Google's Quiet, Confusing Privacy Policy Change Is Why We Need More Transparency & Control

from the don't-hide-this-shit dept

Last week, I wrote about how privacy is about tradeoffs, and despite what some people claim, there's no such thing as "absolute privacy," nor would you actually want something approximating what people think they mean by it. The real issue is the tradeoff. People are quite willing to trade certain information in exchange for value. But, the trade has to be clear and worth it. That's where the real problems come in. When we don't know what's happening with our data, or it's used in a sneaky way, that's when people feel abused. Give people a clear understanding of what they're giving and what they're getting and you eliminate most of the problem. Then give end users greater control over all of this and you eliminate even more of the problem.

This was our thinking in designing a Privacy Bill of Rights for companies to abide by in designing their services (along with EFF and Namecheap).

It appears that Google would fail to meet the standards of that bill of rights. Last week, ProPublica wrote about how Google quietly changed the privacy policy related to how it connects DoubleClick advertising to other data that it has about you, allowing the company to actually link your name and other identifying information to you as you surf around the web. And, on top of that, it apparently includes tying what you type in Gmail to the ads you might see.
The practical result of the change is that the DoubleClick ads that follow people around on the web may now be customized to them based on the keywords they used in their Gmail. It also means that Google could now, if it wished to, build a complete portrait of a user by name, based on everything they write in email, every website they visit and the searches they conduct.

The move is a sea change for Google and a further blow to the online ad industry’s longstanding contention that web tracking is mostly anonymous. In recent years, Facebook, offline data brokers and others have increasingly sought to combine their troves of web tracking data with people’s real names. But until this summer, Google held the line.
Here's the thing: a lot of privacy advocates I know will likely say that this move is de facto "bad." And that any linkage between identity and ads is bad. But I'd argue that the real problem here is Google's unwillingness to be clear and transparent. It slipped this change in and then made up some PR-speak about why it was doing it, in a way that wasn't at all clear to basically anyone:

Google spokeswoman Andrea Faville emailed a statement describing Google’s change in privacy policy as an update to adjust to the “smartphone revolution”

“We updated our ads system, and the associated user controls, to match the way people use Google today: across many different devices,” Faville wrote. She added that the change “is 100% optional–if users do not opt-in to these changes, their Google experience will remain unchanged.” (Read Google’s entire statement.)

Existing Google users were prompted to opt-into the new tracking this summer through a request with titles such as “Some new features for your Google account.”

The “new features” received little scrutiny at the time. Wired wrote that it “gives you more granular control over how ads work across devices.” In a personal tech column, the New York Times also described the change as “new controls for the types of advertisements you see around the web.”

Blech. If this is really actually important, and provides more value, don't give the bullshit explanation and confuse reporters. Tell people what's happening and why. If Google is afraid to be upfront and honest about it (things that the company used to do) then it feels like the company recognizes that it's not providing enough value to consumers with these moves. To paraphrase the old saying about it not being the crime but the coverup that gets people, in this case, it's not the privacy policy change that's the clear problem here, but the fact that Google tried to hide it and mislead people about it.

Thankfully, Google does provide the other prong of our test: giving users control.
To opt-out of Google’s identified tracking, visit the Activity controls on Google’s My Account page, and uncheck the box next to “Include Chrome browsing history and activity from websites and apps that use Google services." You can also delete past activity from your account.
But it would have been a lot better if the company could have just been upfront and honest about it. This is why transparency and clarity about intentions are so important. If companies don't do that, then people will (rightly) assume that the moves are designed in a manner to be anti-consumer. If Google truly believes it's providing a better product with such changes, explain why and how and let users decide for themselves.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: ads, control, privacy, privacy policies, transparency
Companies: google


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. icon
    Mason Wheeler (profile), 26 Oct 2016 @ 12:35pm

    She added that the change “is 100% optional–if users do not opt-in to these changes, their Google experience will remain unchanged.”

    ...

    To opt-out of Google’s identified tracking, visit the Activity controls on Google’s My Account page, and uncheck the box next to “Include Chrome browsing history and activity from websites and apps that use Google services."

    Wait, so is this opt-in or opt-out? That's kind of a huge difference...

    link to this | view in thread ]

  2. icon
    Oninoshiko (profile), 26 Oct 2016 @ 1:05pm

    Re:

    I think it's "opt-grey." There was a message that came up, but it was misleadingly worded. It's hard to say something is truly "opt-in" when you go out of your way to make sure the choice being made is an uninformed one.

    link to this | view in thread ]

  3. identicon
    John Mayor, 26 Oct 2016 @ 1:21pm

    DIGITAL HUMAN RIGHTS RUBBER, AND THE ROAD

    I have a much different view of Digital Human Rights than most people!
    .
    Please!... no emails!

    link to this | view in thread ]

  4. identicon
    Anonymous Coward, 26 Oct 2016 @ 1:21pm

    I dislike the change as it makes it easier for courts and spooks to get an already-made-profile of everything you are via a court.

    The legal realities of present-day make me wary of having *any* online activity of mine attached to my name.

    I've lost trust in the courts, Federal law enforcement, and especially the Intelligence Community in regards to *anything* involving a computer. And this mistrust only gets worse every time they play word games to lie about what they do and why they do it.

    Alex Stamos said the Snowden revelations set the hacker Fed relationship back by a decade. The followup responses by Feds have largely made this worse. Their only tactic to get trust back appears to be chanting "trust us" and "cyber" endlessly while releasing large amounts of legal documents that dance around the most important and substantive legal issues involved.

    link to this | view in thread ]

  5. identicon
    I.T. Guy, 26 Oct 2016 @ 1:29pm

    Does anybody actually use Google services with their real name? Why?

    link to this | view in thread ]

  6. icon
    Mike Masnick (profile), 26 Oct 2016 @ 1:36pm

    Re:

    Wait, so is this opt-in or opt-out? That's kind of a huge difference...


    You had to "accept" the new terms, but they were pushed on people heavily and not clearly explained. It was implied that these changes were nothing major, but necessary for mobile services.

    link to this | view in thread ]

  7. identicon
    Anonymous Coward, 26 Oct 2016 @ 1:41pm

    So....again a reason to ad block

    I'm having a real tough time to find what situation, other than ignorance, leads to not doing all browsing with both ad block and noscript running.

    link to this | view in thread ]

  8. This comment has been flagged by the community. Click here to show it
    identicon
    John Mayor, 26 Oct 2016 @ 1:48pm

    Re:

    I don't!... and I never will!
    .
    Please!... no emails!

    link to this | view in thread ]

  9. icon
    Manabi (profile), 26 Oct 2016 @ 2:09pm

    Re: Re:

    I can confirm, had them try this twice on my phone and then I had to deal with it on mom's and dad's phones. It's presented as no big deal, just something you should accept so you'll have better service. They also make it difficult to figure out how to reject it. If I'm remembering it correctly, you have to select "more information", and after that you can finally decline. (Also, you have to select more information to even find out what it changes.)

    Google has done this change extremely underhandedly. I have no doubts it was done that way on purpose. I just don't see how you could get it so confusing and tricky without actively trying to make it that way.

    link to this | view in thread ]

  10. icon
    Manabi (profile), 26 Oct 2016 @ 2:14pm

    Re: So....again a reason to ad block

    And when it comes to Google, if you have a Google account, don't search while logged in. I access my Gmail in a portable Firefox instance, and my main browser (where I do all my searching) isn't logged in at all. So my Google searches aren't being associated with my Google account. I also use Firefox on my phone instead of Chrome, but that's more so I can adblock on mobile.

    link to this | view in thread ]

  11. identicon
    Jimb, 26 Oct 2016 @ 2:18pm

    absolute privacy

    It is the opening sentence's stance that diminishes privacy rights for everyone.

    Our children may not be willing to give up their privacy, yet their parents have "screwed" them over by giving it up for them.

    Privacy is what you do to attain it and keep it. If you don't fight for it it will be taken away. Your privacy is absolute insofar as you fight for it. Your privacy is a human right.

    This is precisely why everyone should have their own email server at home (and in their business). Email servers may be difficult to set up, especially without a guide, but there are enough guides to help everyone out (and people that can be hired to do it for you) to make it happen. Once it is set up it is quite insanely easy to maintain. In fact, it requires very little maintenance. And, don't give me the shit reasoning about backing up the server or about keeping it online.

    You don't have it already in your home because of those bullshit excuses. Yes, Mike, total and utter bullshit.

    What kept you from maintaining your own email servers were manyfold issues, however most of those issues no longer exist, especially the primary ones: Back in the day you had no 24/7 internet and hardware was expensive. Today most families have an overabundance of computers and they are cheap enough to set aside one as an email server. Nearly everyone with internet has 24/7 connection.

    You force us to fall into the bigger pool of users giving government and criminal easier access to your privacy. Stop it Mike. Privacy is KING.

    link to this | view in thread ]

  12. identicon
    Anonymous Coward, 26 Oct 2016 @ 2:26pm

    Re: Re: So....again a reason to ad block

    And when it comes to Google, if you have a Google account, don't search while logged in.

    What does the privacy policy say about this? Does anything prevent them from linking those together (e.g. by user-agent, IP, "supercookies", webRTC, DNS cache detection, etc.) and using that linkage for advertising?

    link to this | view in thread ]

  13. identicon
    Bill, 26 Oct 2016 @ 3:11pm

    Limp noodle criticism

    From a paid Google shill... Whoopee.

    link to this | view in thread ]

  14. icon
    JBDragon (profile), 26 Oct 2016 @ 3:20pm

    This is why a limit myself of Google stuff. I have a gmail account and that's enough spying I need from them. Let alone all the rest including spying on me everywhere I go.

    So I have my iPhone. Apple has no need to spy. They don't own a search engine. They don't make their money selling ad's! I use DuckDuckGo most of the time. I use Ad blockers like Ghostery Which blocks ad's and tracking, etc. Sometimes I turn on my VPN access.

    I limit the best I can. I sure don't want 1 company to know my whole life. No NEST for me. I don't want Google knowing when I'm home walking past the freeken thing. I limit to very little of anything on my on Facebook. Just enough so that old friends can reach me. I don't post my life or anything at all on Twitter.

    There are things you can do, and not just accept it. Right now with this for Google, it's opt Out and not clear and hidden. At some point you will have NO CHOICE!!! You privacy rights are slowly going away. It's like boiling crap in hot water. Stick them in cold water, turn on/up the heat, and it gets warmer and warmer and before they know it, it's to late and they're DEAD. Your privacy gets less and less every year and before you know it you have NONE!!! They do it FAST and people are up in arms big time. Do it slowly and you can get away with it.

    The same has been happening to this country as we lose more and more of our rights and Government grows larger and larger. They won't be happy until you're paying 80-90% of your money in taxes. It keep creeping up. People would be up in arms if they had to write one big tax bill every month, instead of it taken out of your paycheck, and out of everything you buy, and all the services, and Property taxes and on and on and on.

    You could tax the so called Rich, the top 10%, 100% of their money and it would be a drop in the bucket to paying off the 20 trillion dollar debt.

    This is how it works. Do things Slowly and it becomes NORMAL over time!! If you don't like it, now you're called the CRAZY person!!!

    link to this | view in thread ]

  15. identicon
    Anonymous Coward, 26 Oct 2016 @ 3:35pm

    My settings are opted out. So their statement regarding not opting in by default appears to be accurate. I hadn't touched those settings in several years.

    link to this | view in thread ]

  16. identicon
    Anonymous Coward, 26 Oct 2016 @ 3:40pm

    Re: absolute privacy

    First off I quite agree with your stance here.

    But I have to encourage using LavaBit's new DIME protocol (https://darkmail.info/) over hosting your own eMail server. You can still self-host DIME (ofcourse), but that would theoretically make little difference.

    The problem with self-hosted eMail is that, being an ancient protocol that's been learning security as it went, it is trivial for your ISP to man-in-the-middle even if you set up proper security. So you might as well use their services.

    Our protocols in general must be upgraded to leak near no information, while being more resilient to other attacks. This is possible, the technology exists! We just need to do so while maintaining some backwards compaibility.

    That said there's some truth to what Masnick's saying here. But in most situations "approximating absolute privacy" will not inconvenience anyone (e.g. publishing and reading these Techdirt articles). And where it does, we can certainly avoid handing out certain information (does Techdirt really need to be told my browser and operating system to publish a comment underneath this article? Your browser will give that information out without asking)

    link to this | view in thread ]

  17. identicon
    Thad, 26 Oct 2016 @ 4:25pm

    Re: Limp noodle criticism

    Is that you, Mr. Orlowski?

    link to this | view in thread ]

  18. identicon
    Anonymous Coward, 26 Oct 2016 @ 4:34pm

    Re:

    Nope, but if you have, e.g., a Facebook or Paypal account, Google knows your real name.

    link to this | view in thread ]

  19. identicon
    Thad, 26 Oct 2016 @ 4:50pm

    Re: absolute privacy

    It is the opening sentence's stance that diminishes privacy rights for everyone.

    I take it you didn't read the previous article that the sentence in question links to?

    Because here's what it says:

    The idea of "perfect" privacy makes no sense, because people reveal all sorts of stuff about themselves all the time because the tradeoff is worth it. For example, just walking out of your house to go to the grocery store is a tradeoff. You give up some amount of privacy (someone can see you leaving your house, others can see what you're buying), because we think it's worth that minimal loss of privacy to get food. But it's an individual tradeoff based on our own individual decision making -- people who are famous celebrities or hiding from someone who wants to kill them may view the tradeoffs differently. That's why it always bothers me a little when people focus on privacy as if it's a thing, rather than looking at the cost-benefit tradeoffs that each individual needs to make.

    What is it that you believe is inaccurate about that series of statements? Because it seems pretty straightforward to me.

    Moving on to your next point:

    This is precisely why everyone should have their own email server at home

    You keep saying this. It is absurd.

    I'm not a Gmail user, precisely because of the kinds of privacy concerns we're talking about.

    But what, exactly, would I gain from running my own e-mail server? Sure, if I used PGP, and everybody else who I ever exchanged e-mails with also used PGP, then my e-mail couldn't be observed by a third party in transit. But that's completely independent of whether I'm running my own server or using somebody else's.

    If I'm not using PGP, then I've got, what, SMTP/STARTTLS? An encryption protocol that sends e-mail that can be decrypted at any relay between me and the destination? In other words, it's better than no encryption at all, but sort of requires that I trust my ISP not to read my e-mails. And if I trust my ISP not to read my e-mails, then why do I need a private server in the first place?

    And that's before I even get into spam filtering, DDoS attacks, joe jobs, or even really basic stuff like closing your relay.

    I've run e-mail servers, both business and personal. I'm glad that I'm not doing either one anymore; too much hassle for not enough benefit.

    And that's coming from a guy who knows how to do it. That you expect end users to figure out how to do it ("just read a guide online!") suggests to me that you don't deal with a lot of end users.

    We are talking about people who do not know the difference between Windows and Office. People who call tech support for help before they try rebooting their computer to see if it fixes the problem. People whose password is "Password123456!" You are suggesting that these nice people should be expected to learn to set up an e-mail server.

    If you want to run your own e-mail server, that's great; enjoy. It probably doesn't help protect your privacy nearly as much as you think it does, but it's a useful skill, and an interesting personal project.

    But it is a wildly impractical suggestion for 99% of computer users.

    And that's if I round down.

    link to this | view in thread ]

  20. identicon
    Thad, 26 Oct 2016 @ 4:51pm

    Re: Re:

    Or have ever downloaded anything from Google Play.

    link to this | view in thread ]

  21. identicon
    Anonymous Coward, 26 Oct 2016 @ 5:01pm

    Re: Re: absolute privacy

    Not every bit of info that's recorded on the wire is kept indefinitely. Storage technology has not reached that level yet.

    Running your own server means you'd need to have a warrant handed to you for a change rather than having a warrant served to Google and you never knowing that your information was sifted through by countless numbers of Feds. If the info they want on you hasn't already been pre-recorded, they'd need to get it from your sever or that of someone you've e-mailed.

    In either case, it's still a privacy benefit for you to run your own server. It forces Feds to do more legwork to get information on you. More legwork and potentially less reward depending on your archival practices.

    That's the pr

    link to this | view in thread ]

  22. identicon
    Anonymous Coward, 26 Oct 2016 @ 5:18pm

    Don't tell me what I want you dip-shit. You are not the arbiter of privacy or what it entails (or anything else for that matter)...

    Respect for privacy means allowing a person to HAVE it, not outlining how it's going to be invaded, no matter how transparent.

    link to this | view in thread ]

  23. icon
    Manabi (profile), 26 Oct 2016 @ 5:26pm

    Re: Re: Re: So....again a reason to ad block

    I don't know about their privacy policy, but if you live in a household of multiple adults (like I do), linking them that way dilutes the value of the data. Since they can't be certain the searches are by the same person, they'd be making the profile of your interests they've built worthless. Since they make their money on targeting ads to your interests, they'd be idiots to do this.

    link to this | view in thread ]

  24. identicon
    Thad, 26 Oct 2016 @ 5:28pm

    Re: Re: Re: absolute privacy

    > Running your own server means you'd need to have a warrant handed to you for a change rather than having a warrant served to Google and you never knowing that your information was sifted through by countless numbers of Feds. If the info they want on you hasn't already been pre-recorded, they'd need to get it from your sever or that of someone you've e-mailed.

    Yes, exactly.

    Don't you see the number of caveats you just used?

    *If* they're not currently monitoring your e-mail, *if* your ISP hasn't already agreed to intercept your e-mail, and *if* they don't just go and spy on the recipients of your e-mails instead of you, then at least you'll know they're reading your e-mail when they knock on your front door to seize your server (and probably every electronic device in your house).

    And this is better than just using PGP in what way, exactly?

    link to this | view in thread ]

  25. identicon
    Thad, 26 Oct 2016 @ 5:29pm

    Re:

    So *you're* the arbiter of privacy and what it entails, then?

    link to this | view in thread ]

  26. identicon
    Anonymous Coward, 26 Oct 2016 @ 6:47pm

    Is this really that surprising?

    Google is, first and foremost, an advertising company. The search engine, YouTube, emails, Docs, Drive, all those other nice things Google gives you for free? It's so they can show you more ads.
    And if there's a way to show you even more ads or collect more data about you (for ads), why wouldn't Google take it?

    link to this | view in thread ]

  27. identicon
    Anonymous Coward, 26 Oct 2016 @ 7:29pm

    Re: Re: Re: Re: So....again a reason to ad block

    Unless all adults use the same computer, browser fingerprinting can tell them apart.

    link to this | view in thread ]

  28. identicon
    Anonymous Coward, 26 Oct 2016 @ 7:38pm

    "People are quite willing to trade certain information in exchange for value"

    Correction: "Idiotic masochistic sheeple are quite willing to trade certain information in exchange for value"

    link to this | view in thread ]

  29. identicon
    Anonymous Coward, 26 Oct 2016 @ 7:48pm

    Re: Re:

    I am the counter-point to Mike's bullshit.

    link to this | view in thread ]

  30. identicon
    Ukdah, 26 Oct 2016 @ 9:23pm

    Re:

    Respect for privacy means allowing a person to HAVE it, not outlining how it's going to be invaded, no matter how transparent.

    Yeah, giving someone the right to say "no" to sex before raping them is not the same as not raping them.

    link to this | view in thread ]

  31. identicon
    Anonymous Coward, 27 Oct 2016 @ 1:13am

    All this past month, advertising companies in my country have been using the hours Techdirt staff spend sleeping to assault me with auto-playing video ads for British school-leavers, with adverts for joining the army, becoming an apprentice, and various ads for just-left-home necessities like cleaning products.
    I get ads for movies I don't watch, booze I don't drink, games I don't play and sports I can't even conceive of wasting time out of my day thinking about.

    I'm no fan of giving the corporatocracy a full hold of my personal information but they're getting it anyway and at least it might help divert some fraction of the river of pure shit that flows my way every time I try to support a site by turning off my ad-blocker.

    link to this | view in thread ]

  32. identicon
    Anonymous Coward, 27 Oct 2016 @ 4:05am

    When Google met wikileaks. Read it.

    Assange calls state dept, Google guys call back. Assange calls Google, state dept calls back. Interesting.

    link to this | view in thread ]

  33. identicon
    Matthew A. Sawtell, 27 Oct 2016 @ 5:53am

    The 'merging' is not just there...

    ... for some reason it appears that Comcast and Google are also sharing data together, because for some time now when I use my Comcast E-Mail address to send messages, those receiving those messages are seeing my Google ID. Wonder if this has happened to anyone else?

    link to this | view in thread ]

  34. identicon
    Anonymous Coward, 27 Oct 2016 @ 6:42am

    Re: Re: Re: Re: absolute privacy

    You yourself said not everyone uses PGP. If you use your own email server, you maintain more ownership rights of your own data.

    link to this | view in thread ]

  35. icon
    Padpaw (profile), 27 Oct 2016 @ 8:13am

    I thought there were laws against retroactively changing a contract or policy after both parties have agreed to it?

    link to this | view in thread ]

  36. identicon
    Anonymous Coward, 27 Oct 2016 @ 10:55am

    When Eric Schmidt becomes HRC's Secretary of Defense

    Google will merge with the NSA.

    link to this | view in thread ]

  37. identicon
    Thad, 27 Oct 2016 @ 11:11am

    Re: Re: Re: Re: Re: absolute privacy

    > You yourself said not everyone uses PGP.

    Yes, and not everyone uses their own e-mail server.

    Setting up PGP is both easier than setting up your own e-mail server *and* a more effective way of securing your data. Not that the two things are mutex, but if I'm going to start with one of them, it's pretty obvious which one it should be.

    link to this | view in thread ]

  38. identicon
    Thad, 27 Oct 2016 @ 11:11am

    Re: Re: Re:

    I am the terror that flaps in the night.

    link to this | view in thread ]

  39. identicon
    Thad, 27 Oct 2016 @ 11:12am

    Re: Re:

    Rape analogies are a pretty shitty way to get your point across, dude.

    link to this | view in thread ]

  40. identicon
    Thad, 27 Oct 2016 @ 11:14am

    Re:

    One: Anyone who uses the word "sheeple" unironically should not be taken seriously.

    Two: No, everybody trades certain information in exchange for value. Every time you leave your house, you're doing exactly that.

    I take it you're another person who's responding to the article without following the link in the first sentence? Because it covers all that.

    link to this | view in thread ]

  41. identicon
    Thad, 27 Oct 2016 @ 11:17am

    Re:

    Not if the contract explicitly states that the terms can be changed later (usually with advance notice).

    link to this | view in thread ]

  42. identicon
    Anonymous Coward, 28 Oct 2016 @ 6:57am

    Re: Re: Re:

    Assuming gender is pretty shitty sexism.

    link to this | view in thread ]

  43. identicon
    Anonymous Coward, 28 Oct 2016 @ 7:00am

    Re: Re:

    "I take it you're another person who's responding to the article without following the link in the first sentence?"

    You would, wouldn't you?

    link to this | view in thread ]

  44. identicon
    Anonymous Coward, 28 Oct 2016 @ 4:33pm

    Eric Mark Schmidt Zuckerberg: "If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place"

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.