I think their biggest sins are just being big. It makes them a larger target (which probably necessitates them taking extreme protections, otherwise they WOULD be taken down). Others that are much more concerning don't get attacked simply because they are smaller. For example Lyft and Uber who have both been found to have all sorts of personally identifiable information available to random employees. Or various ISPs tracking of data flowing through it.
To me, the cost of being google's product, is outweighed by what they provide me with. Search, news, music, assistant functions, "remember this day", "here is your family growing up", e-mail, automation of e-mails into actionable widgets... These things all are powered by Google knowing kind of a lot about me.
I don't know of any alternative to Google for these services, that respects privacy.
1) Google (and other SV giants) share data with the NSA.
https://www.salon.com/2014/11/16/googles_secret_nsa_alliance...
2) The NSA in turn shares information with law-enforcement agencies. ICREACH contains information on the private communications millions of American citizens who have not been accused of any wrongdoing.
https://gizmodo.com/the-nsa-made-its-own-google-to-help-shar...
3) The DEA (and possibly other agencies) uses this information to target Americans, and then lies about the origins of the information in a process called "parallel construction."
https://www.reuters.com/article/us-dea-sod/exclusive-u-s-dir...
It's not difficult to see the potential for abuse in a shadowy process that surveils the private communications of Americans, applies unknown selectors and data mining algorithms, and then reports the results to law enforcement.
https://wikileaks.org/google-is-not-what-it-seems/
Speaking of spooky stuff and google, this article still takes the cake.
EDIT: for completeness sake, there has been a follow up:
I hate it when people use this as an argument against "Google invading privacy", it's an argument that doesn't make any sense at all; Encrypting your data in transit prevents outsiders from reading your data, obviously it doesn't prevent Google itself from accessing your data.
This article is about how Google (and FB, etc.) invades everyone's privacy (even non-customers).
> To me, the cost of being google's product, is outweighed by what they provide me with
This can also be achieved without invading your privacy. Google should at least let people CHOOSE whether they want to use their products at the cost of privacy. Currently you cannot choose, your data is simply collected, even when browsing websites totally unrelated to Google, where people are absolutely unaware of Google tracking them.
PS. This guy is awesome, he has had success fighting against Facebook, for privacy (in Europe):
Why should they let us do that? No other company is doing that. It's a tacit agreement between providers of free-to-use services and the people who choose to use them: the more personal data you give, the more you receive. If a company has a very good offering or is currently trending, they can even demand your phone number, credit card number (of course you can cancel the service anytime, but they will have a strong verification of your real name then) or even your passport/driver's license. We all came to accept that as a given, nobody questions these practices any longer. It's as if people collectively just stopped giving a damn about their privacy.
I think we really should start making it difficult for companies to grow beyond a certain size. I think they are a big net minus for the whole economy.
I like google's services. What I want is the ability to pay for them and not be a part of the product they sell in ads. Basically a freemium model.
I don't know how much money in ad revenue I earn google, but I'd probably happily pay it for a more transparent, less sketchy, and more commonly-aligned product. (This would also give me recourse for all the times the google services I rely on go down....)
You do have the ability to pay for some of them (G Suite aka Google Apps for Business), but even then you might not get what you want, since 99% of their users like you are still products. I'm reminded of this quote from Josh Marshall:
> One thing I’ve observed with Google over the years is that it is institutionally so used to its ‘customers’ actually being its products that when it gets into businesses where it actually has customers it really has little sense of how to deal with them. (https://talkingpointsmemo.com/edblog/a-serf-on-googles-farm)
(Disclaimer: I'm a Googler but I just got these numbers from public statements. No way I'm well paid enough to be able to see more detailed numbers. :-D )
Are you criticizing Google or companies in general? Because your criticism applies to any company in the world.
> I like google's services. What I want is the ability to pay for them and not be a part of the product they sell in ads. Basically a freemium model.
Get a corporate gSuite account, they have been around for quite a while.
For example, Yahoo was caught helping the US government spy on consumers, whether they were suspect or not: http://www.latimes.com/business/technology/la-fi-tn-yahoo-em...
What's more, Yahoo is now owned by Verizon, a company known for anti-consumer practices.
We should all make some easy changes:
- Use DuckDuckGo to get Yahoo /Bing search results in privacy
- Use StartPage.com to get Google search results in privacy
- Use a privacy-friendly email service
- Either quit FB or use it only as a billboard
- Get a Linux distro and avoid Windows OS when possible
- Try LibreOffice. It rivals Office!
etc.
- Use uBlock Origin when browsing the interwebs
- Use GoAccess instead of Google Analytics
- Use the incognito/private tab
Even if they aren't doing anything reprehensible now, can you guarantee that they won't in future?
The more info someone has on you (your preferences, habits, how price sensitive you are to certain products, ...), the more disadvantaged you are negotiating with them.
I mean, I'd still think about that even without FB showing me things, but I would not have managed to build a "here's a flashback!" photo-reminder system. In an age when we take SO MANY PHOTOS (and don't even bother curating them because we don't have time for it), it's nice to have that too.
I can see your point but it isn't relevant to the article, and also, it is a matter of perspective. I managed to permanently disable it, after it kept popping up photos of my then-recently deceased spouse. Not something I was ready to deal with, and after switching it off, FB helpfully turned it back on for me. I eventually managed to disable it permanently, but if there is one thing I hate it is for some software to treat my instructions as suggestions.
You wouldn't have had to if you used macOS with the Photos app. Every once in a while it notifies me about a flashback, and if I click on the notification it takes me to a flashback slideshow in the Photos app.
I don't use iCloud for my photos, so I suspect this is implemented locally without having to give my data to Apple.
Maybe similar systems exist with other environments (linux, Windows, etc).
I block everything to do with Facebook every which way on my primary browser.
yes, in fact they have become almost absolute monopolists (together with FB and a couple of others).
this is really bad.. if google decides not to show you something _it effectively does not exist_
i _really_ hope they still have the mantra of not being evil, but the temptation is trillions of dollars big :)
if they abuse your information, e.g. use it as fore knowledge, and act on it quicker than you can, they can do that in subtle ways without you even realising it.
so many ways to benefit from all this data.. who can monitor / control this?
I prefer my data be at one place as much as possible instead scattered.
Easisest place to do that is with Google as they have the most comprehensive services.
The NSA proved them wrong on that belief, and they started implementing encryption on those connections.
Are you sure about this, or are you limiting "who" to people you already know and/or regularly interact with?
Then I saw the author.
Speaking of which, I recently moved to DDG and couldn't be happier.
Frankly the only thing I don't like about DDG is the name.
How is this any different from the pre- or sans-Google and Facebook world? People have always lived in bubbles, always been funneled down a particular path by their experiential influences. Without Google or Facebook, if you were a white supremacist, it’s probably because you were influenced by white supremacists and you would continue to surround yourself with them. If you were someone who really strived to expose yourself to different ideas and things outside your bubble, you can arguably do that easier than ever now.
This isn’t really to “exonerate” FB and Big G, but I think it’s worth asking what impact they’ve really had on this basic facet of life.
> How is this any different from the pre- or sans-Google and Facebook world?
Easy: the bubbles are tighter and harder to pierce. In the old days, you'd have to get your information from the same news sources as everyone else, only customized at a fairly coarse level (e.g. a city). That regularly pierced your bubble and gave the community a common reference point. Now, many, many more people get all their information from individually-customized feeds that are precisely matched to their biases and their bubble. There's so many fewer common reference points which makes is harder for many people in the same communities to even communicate.
tl;dr: it's an emergent qualitative difference caused by scale.
Says who? It's absolutely the opposite in my experience, having lived in various conservative societies most of my life. Bubbles are much more self-imposed and easily breakable and modifiable now, than even say 30 years ago, let alone 100.
Absolutely zero, and have arguably made it worse.
Most of the times they don't even notice anymore that trackers were blocked on the page they consult.
Just look at links posted here on HN, most are of hostile websites.
I'd love to see a browser extension more radical: if it detects such third party scripts or cookies it simply stop loading the page and display a message explaining why instead.
Someone sends you a link to an article on cnn.com? Answer with this message telling why you won't consult it.
Going further: the extension attempts to extract the content, strip it of anything useless (some js libs works OK for such tasks), and share this version with others using this extension.
Classic quote, semi-relevant: "I'm pretty sure that if you took all the porn off the internet there would only be one site left and it would be called 'bring back the porn'" -Dr Cox
Once most websites understand it is not viable to attempt to mess with their own visitors, browsers could block the remaining ones by default?
Article postscript: “Commentary by Gabriel Weinberg, CEO and founder of DuckDuckGo, which makes online privacy tools, including an alternative search engine to Google. Follow him on Twitter @yegg .
For more insight from CNBC contributors, follow @CNBCopinion on Twitter.”
Kind of set off my irony detector!
I wish it was easier to control JavaScript usage as the visitor. It's either very complex or just 'turn it all off and go somewhere else if nothing works'.
Perhaps the second option is the 'correct' response though.
The most onerous and problematic parts of GDPR for adtech companies is the acquisition of consent to share the data they gather with their partners. This means that every barrier from publisher, to ad network, to advertiser needs to be consented. Google/Facebook are themselves massive players at each of those levels and therefore can skip that step.
We don't know what will happen in the future, but I suspect that Google/Facebook will leverage their systems at both the publisher and advertiser areas to put more of the ecosystem into their systems.
This may be ok, consolidating your information into a couple of big players that have an even more holistic view of you might be preferable to having little views of you all over the internet. But its worse for advertisers and publishers and I find it disconcerting.
* Disclaimer: I work on GDPR related topics, this is my opinion and not that of my employer
Are there personal things in your past you don't want your insurance company to know about? How about your employer? Or the IRS? Even your spouse? What if someone showed up one day and threatened to your your secrets unless you pay up?
Is that worth the price free access to your high-school friends' duckface selfies?
Once tabloid journalists start trying to infer embarrassing things about politicians based on metadata we'll probably have some progress.
Trivial example: Let's say sometime in the future you plan on running for political office, or you become a journalist writing a story on someone powerful or otherwise become someone who powerful people would like to discredit. Having a log of everything you've ever done online would be very useful in causing you a whole bunch of problems.
Sure there are problems associated with it. One of them is when malicious players like foreign govts get hold of such data and use it to their advantage.
Disable 3rd party cookies, delete your Google & Facebook accounts, and done.
Easy peasy.
It’s not. While Facebook will exfiltrate and cross reference your name and number from associates’ address books, this wildly different than keeping a log of everywhere you travel, the time you wake and sleep, hundreds of tagged images of your face, all the news you read, and how readily you can be influenced. Primarily to influence your mind and behavior for profit, but all available to international governments to keep and eye on you, too.
I agree that Facebook and Google are too powerful, and that there should be much better protections around consumer data. Support the EFF, talk to your representatives.
Fatalism serves no one but Facebook and Google.
"Google DeepMind's first deal with the NHS [...] gave the Google-owned artificial intelligence (AI) lab access to 1.6 million NHS patient records across three North London hospitals without patient's prior knowledge."
"Google starts tracking offline shopping"
Sure. Deleting the accounts surely is enough.
And AFAIK, and from what I heard from friends working at google, everything is linked to a google gaia account, if you don't have one, you don't exist for them.
Have you deleted your Google and Fb account yet?
The conclusion was no, but they are gathering more data from third parties so as to make direct listening unproductive. I found that more disturbing that Facebook has real-time access to whatever they believe I am looking at on Amazon, as presumably other places.
Someone in the NHS needs to be held responsible too.
That's not a reasonable approach for non-techies, but I thought it might interest the HN audience.
If they see activity from one IP to say search, then activity from the same IP to visit the top result of that search, they don’t need a cookie to track you.
Anyone who shares an IP has seen ads actually targeting another member of their household...
Well, that's your choice, isn't it?
> That's not a reasonable approach for non-techies, but I thought it might interest the HN audience.
Non-techies can just go the good ol' way and pay for an ad-free, tracking-free email service, mapping service, storage service, etc.
I'm not affiliated with either company but I've evaluated both and settled on Fastmail as my Gmail replacement, mostly because of the added features like file storage, static web hosting, and notes, all of which I've used extensively.
Go to this site and perform the test to see for yourself: https://amiunique.org/
Or the EFF one: https://firstpartysimulator.org/
I choose Google one day randomly blocking my account over losing it to some random person from the web. At least I can make a blog post and try to make to HNs frontpage to get some customer support.
Sure they cannot 1:1 link your {analytics, ad} identity to your actual Google identity, but I am reasonably sure that they have all the data necessary to do it via (not too many) connecting dots.
Seriously though - who cares? You use a credit or card? Your purchase history has been sold to advertisers and similar for decades, it's just more transparent now.
OP here is simply fomenting mistrust of the more obvious players to draw traffic (and advertising bucks) to their own website (duckduckgo).
[1]: https://en.wikipedia.org/wiki/General_Data_Protection_Regula... [2]: https://noyb.eu/
Are these "hidden trackers" mentioned in the article just the normal beacons or are they referring to something new?
Are these relevant if a person is not logged into neither FB or Google or if someone has uBlock Origin/Privacy Badger installed?
we need: - The Decentralized Web (as it was originally envisioned) - Users in full control of their own data - Privacy-first approaches only - Stricter regulation (though tough to implement well)
You have that now! Just stop giving your data to companies you don't want to have it.
The people who never give their data away wonder at the people who give their data away, then call for regulation.
and not giving your data away is _really_ hard for average user, when google is so deeply engrained in the web
