> “The more eggs you have in one basket, the more likely the basket is to break,” he said.
I only have a google account to have access to Play store. Everything else, mail, calendar, photos and storage, has been moved off Google
Many years ago Microsoft has banned my outlook account for no reason. I tried contacting the support to resolve the issue - nothing. Only after writing a letter, I received the answer from Microsoft Germany:
We banned your account because I was distributing porn through onedrive (which I was not doing). The investigation showed that Microsoft could not find any wrongdoing. The account was gone nevertheless.
This is why I say:
- skip Gmail/Outlook and all this crap, use something proper like mailbox.org with your own domain - dont trust cloud. Backup once a month, use two clouds at the same time, have a cold storage with your backups - biggest risk is your apple icloud account. dont be dependant on them: dont use their credit card - dont use google/ms 2fa apps - have multiple accounts in parallel: one for google drive, one for search, one for mail (if you need it), one for youtube, etc
Edit: yeah it is [1]
> Phone companies are required by law to port your number out when you start service with a new carrier. According to the FCC, a company can't refuse to port your number even if you have an outstanding balance or unpaid termination fees.
[1] https://telzio.com/blog/what-to-do-when-a-carrier-refuses-to...
It looks like with Google you are supposed use the Google Fi app or website to obtain a “port out number” and PIN [1] to give the new carrier when they ask for account number and PIN.
If you accounts have been banned I wonder if you can still get that information?
This. Use Yahoo for your email, Verizon for your phone number, Dropbox for your backups, Facebook for your socials… It doesn’t matter which you choose, but fragment your digital life. When one part goes bad, it won’t infect the others.
It feels like they built it to say that you can, but your data is still just as locked as before…
Self-hosting mail, calendar and media is too complex task for 99% of population. This is not a solution.
Why?
Because they are not in contact with our authorities and, frankly, the chances my private files will be of any interest for Chinese authorities are close to zero.
Not that I have nothing in particular to hide, but as this example proves once again, if life damaging mistakes can happen, they will happen.
In a recent comment thread I noted that my father’s generation went from fighting a bitter war with Vietnam to Apple building MacBooks there. My grandfather landed on D-Day and drove Volkswagen Beetles for most of his life.
None of us know what will happen in the future. China could become a close ally. They’re already an existential economic partner.
The only path to real privacy is personal sovereignty. If you don’t control the data it is public. Period.
I am your of the same generation of your father...
My grandfather was already 40 years old when D-Day landed.
> None of us know what will happen in the future
It's safe to assume that it doesn't matter.
You could die tomorrow, so why are you worrying?
> If you don’t control the data it is public
Unless the network is firewalled by Chinese government...
Safety is not about paranoia, but about layers.
car alarms aren't there to make it impossible to steal your car, but only to make it inconvenient for the thief and convince them to steal someone else's car.
Funny, censorship (which this case somewhat is) is about making things not public. Though I somewhat agree.
The problems that befell the fellow in this story were not due to Google being in contact with the authorities. The authorities unobtrusively investigated, determined that the reports were false positives, and closed the case.
If all Google had done was contact authorities he would have never even known that he was investigated, and there would have been no impact at all on his life.
China has bans in most of the same categories that the US and other western countries do, but typically broader (e.g., they broadly ban pornography). If ISPs there are on the lookout for things China bans you are probably more likely to have a false positive there than with a western ISP.
The question then is a Chinese ISP more likely to overreact on a false positive than a western ISP? I believe China is more likely to hold a business responsible for the bad acts of that businesses customers, which I expect would lead to Chinese businesses being more likely to overreact.
based on what?
At least is an entire Country that will blackmail me, must think I am really important, not some rando that hacked iCloud to find celebrities boobs and post them online...
> Just encrypt your data rclone would do that.
yeah, but rclone is an offline backup, basically.
cloud storage is for when you need immediate access and search capabilities.
I haven't been to the US since they made it legal for custom officers to search travelers' personal electronics without a warrant and deny entry if you refuse, because, thanks but no thanks.
They are not in contact with our authorities, until they decide they want to. It's not like you are a Chinese factory owner making counterfeit wranglers, I doubt they would deny any kind of request from a western government about a westerner.
Your access to the service is also under risk, at any time there could be a breakdown of relations leaving you unable to pay for the service, that would have happened already, if you had chosen Russia instead of China.
Your behavior also looks suspicious to the western intelligence apparatus. Sending potentially terabytes to Chinese servers as a private individual may very well put you on their radar.
As others have noted you are setting yourself up as a prime candidate for an intelligence asset, they could at any point blackmail you to perform any action they want.
With what would they blackmail you? The terrabytes of CSAM they could at any point plant in your account. Do you think they would be above doing that, if they had anything to gain and were aware that you exist? Or do you think your Chinese provider would require a court order to give you up? Your entire bet is that they don't know that you exist.
My main point as advice to others mostly is you shouldn't put your self in the hands of your adversary.
I don't even know how you trust their software to run on your system.
PS: If you think all these are farfetched and paranoid, I will remind you that China routinely takes hostages to achieve diplomatic concessions https://en.wikipedia.org/wiki/Hostage_diplomacy#China
My future proof solution will be hosting my data on bare metal in Iceland.
They are quite serious about data privacy.
Compared to a beach in Europe, where nearly half of children under 2 run naked, there seems to be no grey area or minimum acceptability in the US.
It makes me wonder if our hypersexualized treatment of child nudity /actively contributes/ to the sexualization of children in our culture.
[1] https://netzpolitik.org/2022/dude-wheres-my-privacy-how-a-ho...
But there's something weird about it. Just like when you look at previous periods in time and now they look weird, often just reactions to previous epochs or other cultures (like the neoclacissim came as an opposition to rococo and baroque).
This feels like it. It doesn't feel natural. It feels like it is purely out of a contrarian way of thinking, about how forward thinking they are, "look how superior we are that we are completely void of instinct to cover ourselves". and perhaps somewhat of a sexual counter balance to the strictness of the rest of their culture. I'm not sure i'm explaining this in the best way. I think there is a natural middle ground, the one that we have seen throughout hunter gathere human history, and Nordic countries are just being culturally weird by going to one extreme.
I was in a park in Manhattan last week, which had a bunch of big sprinklers for kids to run through. No one was naked in the sprinkler, but some parents helped their children change in/out of their bathing suits out in the open.
(Then again, I only remember this because I was a tad surprised by it.)
in america, you could destroy someone's life over that. (possibly even multiple lives)
You have the logic backwards, it's sexual images that have an age, not nude images.
This is why police fired into a stolen minivan that had a unrelated child and a shoplifting/carjacking suspect in it, killing both. Protecting the child took a back seat to punishing the prep.
Therefore CP laws very quickly stopped being about protecting the children and more about punishing the pedophiles.
Vindictiveness and spite are the unspoken role models of the US justice system.
Nudity in kids is seen as obscene purely because a pedophile could find it arousing. We are preemptively sexualing children in order to prevent their sexualiztion.
A child was once forced to masturbate in front of a camera by COURT ORDER. Police held them down. All because the child was a victim of child pornography and the court wanted a "comparison image" in a similar arousal state to prove it was a image of that child.
Once again, a child was victimized by the justice system, in order to punish a perp.
Never make the mistake of thinking anybody in the justice system gives a rats ass about protecting anyone.
That summary is misleading and, I feel, wrong. It's not accurate to state that he was "a victim of child pornography," the complaint in this case was against him by the parent of another minor that he was "sexting" with.
That doesn't excuse the police behavior here, but you're attempting to paint a picture where the victims in these cases are outright ignored in a misguided search for justice. You're twisting this case[1] to fit your narrative, I think.
Further, he sued the government and won. The courts made it perfectly clear, the lower courts and police were absolutely in violation of this teens rights when it granted and executed this search warrant. So egregiously that "qualified immunity" doesn't even apply to the officers estate.
I wasn't going to address this, but..
> Therefore CP laws very quickly stopped being about protecting the children and more about punishing the pedophiles.
Pedophiles create a market through demand. Often it is also pedophiles that are on the supply side of this market, but not always. Merely participating in the demand side implicates you in these crimes against children as you are suborning their abuse. One could say that our system merely recognizes this fact.
[1]: https://arstechnica.com/tech-policy/2017/12/forcing-kid-to-m...
It's sad you are downvoted for this, because it sums up the American mentality perfectly. Some people really can't handle the truth.
Imagine having all your memories in the form of images and videos taken away because of sloppy review work at a tech company.
Email is by far the biggest albatross around my neck. To migrate email requires me to setup two different failure points: purchase a domain and a Fastmail-like service. Now that is two different places that are subject to me forgetting to pay a bill, being social engineered into giving away my account, etc. To say nothing of the long tail of acquaintances who only know be my current address.
Yet still, this existential terror exists that I will Do Something Wrong (no you will never know what it was), and lose everything.
As far as the social engineering goes, personally I gladly take that risk in order to bring my email firmly into my control. If I'm going to lose access to my email, I want it to be because I did something stupid, not because an algorithm flagged my account and Google has no humans I can appeal to.
The long tail of acquaintances isn't bad either: just forward emails from Gmail to your new address. If you lose access to the Gmail account at some point, you'd have lost everything anyway, so this arrangement would be strictly better.
Does it though?
Also: I wear a helmet or a belt every single time I drive even for 1km. Should I not? I never needed them. 0% use rate so far for me, might as well not have done it.
The issue is that when it happens, you're done.
Considering that you probably don't need to keep all your eggs in one basket, why not at least try?
On this note, I wish providers were forced to provide a third-party backup mechanism for important data so that if I were to lose:
- the email: it could forward my email to at least receive them
- my photos: a copy could be kept on multiple hostings
etc
I have cloud backups of family photos, but they're all through restic or rclone with the crypt filter applied. Privacy is about the right to put yourself in context.
Wow. This is a brilliant. Did you come up with this?
Very well said.
Google knows I am the same person, even though they are different accounts, so are the two other accounts safe when one of the three gets flagged?
Assuming, of course, that you don't use your personal account for your domains - that'd be crazy!
Wow. Just wow. This is worse than the usual Google's automated screw-ups. In this case, Google was notified of the issue by the NYT. Yet they actively chose to continue to screw over their victims just because they can.
> In a statement, Google said, “Child sexual abuse material is abhorrent and we’re committed to preventing the spread of it on our platforms.”
Just how tone deaf can Google be, continuing to treat these innocent folks as criminals in this passive aggressive statement even after being proven wrong? Do these people have no empathy at all?
I’d like to contribute to a crowdsource fund to prosecute cases like this.
When I was a kid the Comic Book Legal Defense Fund [0] was set up to pay for lawyers to defend comic book stores that were being targeted by over eager police departments and civil suits.
Maybe something like the Google is an Asshole Legal Defense Fund could collect donations. The article mentions $7000 as the cost to prosecute this persons case. Crowdsourcing can help with that.
[0] https://en.wikipedia.org/wiki/Comic_Book_Legal_Defense_Fund
It sounds to me as if a class action lawsuit is the most appropriate remedy for the unfortunates who are caught in this predicament. Their only problem is finding each other.
For the rest of us, it is unwise to use cloud storage for photos, for several reasons.
If Google wrongly gives an account back, you get a different article: "Google helped child pornographer even after discovering CP in their account". Now that gets attention. That's a scandal that leads to political action, criminal charges, etc.
To be clear, I'm not advocating for how Google behaves. They're a lot more like a utility and probably should be treated like one (alongside the protections and requirements that come of a utility, you don't hear "eletric company stopped serving house since man suspect of CP lives there").
For the responses saying "Well the police cleared them", again I don't disagree. But if you're an executive making this decision you're thinking:
1. We never give back an account in this case and avoid the massive downside risk
2. We go through a lot of work to design a process that will impact a marginal portion of customers and really really hope nobody manages to social engineer themselves past, and pray that no enterprising news outlet/politician tries to make the "Google helped CP person recover their CP story" - they already have a target on their back.
A private company is the de-facto judge, jury and executioner because it owns half the infrastructure you live your life on.
They don't care a single bit about the effect their actions have on others. They only care about having to build a system, which can distinguish such cases from actually criminal ones. Because that wouldn't scale and would be bad for business $$$. So they try to turn and twist the image in the light of the public, that it is "right" what they did, so that the public does not cry out and demand change of their systems. Empathy doesn't even enter the equation for Google.
I love the use of the disclaimer "sexual" here, to make it clear they don't care about other types of child abuse (like interfering with access to health care, which Google is clearly guilty of in this case...)
Well crafted weasel words, PR folks!
Probably the button simply doesn’t exist to undo the termination 30/60/90 days later. Good luck getting them to admit it.
I've said it before and I'll say it again: Google now has enough power that it has effectively turned into a globalist government, a government you did not vote for.
This is relevant to how outraged one should be by this story. I think it is probably > 1:100000. As such, probably not much outrage is warranted, although it’s obviously not great for this one guy.
hah, we're a hetzner costumer for .. years now, but I had no idea they have this :D
https://www.hetzner.com/storage/storage-box
so you can connect the NextCloud to the storage account? which protocol do you use for this?
It has gotten significantly better in the last year or so, but it's still pretty bad and pretty slow.
It's such a shame because having these services be healthy and popular benefits everyone.
We “banned” alcohol for 13 years.
America’s greatest battle is with our dark religious past. We claim to be secular but really it’s an aspiration.
And even if you are not located in the US, I would recommend that your wife looks up local regulation and considers alternative methods to communicate with patients.
No, you shouldn't have to use some special software to take a picture. Taking a photo with your phone's camera app should never trigger an account suspension.
I'm sort of surprised you haven't encountered it yet (and that the people writing responses to your comment haven't either).
Here's a PR piece about their secure video chat feature. (They also support emailing around photos, and the app has a built in camera, but that's old news, and not in their PR blog reel)
https://www.epic.com/epic/post/expanding-telehealth-during-t...
They are doing some interesting stuff with outpatient monitoring and treatment-specific workflows, apparently:
The health sector isn't known for having a secure anything, furthermore getting health companies to agree on one thing together is almost impossible.
the meaning of both words being defined by their provacy policy and ToS
Whether you would consider that private and secure enough, is a different story
I've been an Android user for a long time, but I think this might finally push me to switch to Apple. I'm just disgusted by this.
The Eu starting to fine the living daylights out of Google for not allowing people get their data from their account per the new digital gatekeepers act that the big tech has 6 months to comply.
They did it to Microsoft when Microsoft refused to comply with the browser ballot box initiative, saying that it was "technically near impossible". They started fining them 500,000 Eur/day or something. Then Microsoft magically made the ballot box happen within 2 weeks.
All of Big Tech is ultimately not so different.
Also, the bone-headed Apple plan had safeguards that would have prevented the victim in the article from losing their account.
The two policies aren't remotely comparable.
That sounds like a permanent stain on his records.
> “I decided it was probably not worth $7,000,” he said.
I believe it is one of the roots of the problem. How is it even possible that getting justice in court in such a trivial case costs about three months of median income?
You are always only one algorithmic fuck-up away from losing access and having to spend days and weeks dealing with the consequences.
I think the only way to deal with this is through regulation. Make it as inconvenient for Google to ignore customers as it is inconvenient for customers to be ignored by their service provider when something goes wrong.
Systemic mistreatment of customers ought to have consequences of existential proportions to a company. There is no societal benefit to companies like Google getting away with behaving this poorly.
Opinions on what should be done have more credibility when based in observable reality rather than blind ideology.
Perma-deleting his account on an automated accusation is bad. That should hinge on, at minimum, law enforcement's decision to charge a crime. [Edit: unless the criminality of the images is obvious - again, a human needs to be in the loop.]
citation needed.
do these CSAM scanning things actually help reduce kid exploitation?
and if they do, is this the best use of our resources?
No, there really should not. I would not want a facebook employee to look at my pictures. I don't use their services, but the thought is pretty off-putting. The idea that these companies have to police content is what is wrong.
There are other ways to get to offenders here. An environment that takes good care of kids will spot it. Not some poor fella that needs to look at private images.
Even an account lock is probably a bad idea; it alerts the pedophile that they're under investigation, allowing them to destroy evidence, cut ties with coconspirators, etc.
Best to let law enforcement deal with it. In this case, assuming it somehow went to trial, the jury would almost certainly acquit, and the account would be restored.
There is the matter of the accused losing access to the account while the case was active though. That's potentially a big deal.
(For the first time ever, I wish I had a DALL-E 2 account)
Is this not a huge breach of HIPAA?
Telehealth is sort of done for if randos at bug tech can find there way into your sexual health records.
It didn't. If it had, it wouldn't have been the fathers' accounts being hit.
It sounds like it was probably the texting (maybe via the Google Messages app?) that got the images flagged, rather than the telehealth system.
If not, you obviously aren't as committed as Google about ending CSAM.
The instant a company has evidence of a possible crime being committed they should be required to hand the evidence over to the police and then take no other action other than preventing distributing it or the like.
This is not just Google's AI goofing up on what constitutes CSAM (and it sounds like given the witch hunt about such things that Google was being reasonable in informing the police), but colleges expelling "rapists" without evidence etc. The accused never gets anything resembling a fair trial but since it's not the government doing it that doesn't matter, there's no repercussions from messing up lives based on completely incompetent investigations.
But clearly if they’re referring out to law enforcement, they need to close the loop on that and take responsibility when they get it wrong.
Isn’t that also a description of breastfeeding?
also, while we might find it unwise to make a video, but also we were not there.
You can get customer service from Google's hardware just like Apple.
It's the software/services that have awful/non-existent customer service.
I can depend on Google to support a Google branded phone I bought in 2013 with security updates 8 years later like an iPhone 5s user could or with operating system updates for a phone I bought in 2015?
The original poster couldn’t get anyone on the line about a Google account. You can call an Apple CSR about an iCloud issue.
* Criminalizing possession and creation of child pornography equivalently
* Conscripting the tech sector into detecting it via SESTA/FOSTA.
Look forward to reading stories like this ad nauseum.
Child pornography is only one of many areas where false positives in legally mandated sescanners end up ruining people.
Credit card payments come to mind, though I think those are mostly self-regulation.
lol. Missing 4 zeros there.
Part of the reason for the brazen actions of companies like Google is that their substantial financial means and legal department sizes grant them a substantial degree of immunity to judicial review.
Also some execs behind bars won't be a bad idea. Granted that mistakes do happen, but when they don't resolve it in a timely manner, punishment is fair.
Addendum : I don't know if companies have a govt imposed rule to report porn, in that case I'd say the root cause is the govt, not the company. Of course if the root cause is govt, and even more root cause is people themselves. People collectively generally get the govt they deserve...
In the US there isn't and generally cannot be a government requirement to search the customer's data. If there were, the provider would effectively acting as an agent of the government and the customer would enjoy 4th amendment protection of their privacy (absent a warrant or other, similarly targeted and justified reason).
Unfortunately, there is a bit of a wink-nod situation going on where the government quietly pressures companies to engage in these activities "voluntarily" -- in exchange for varrious forms of preferential treatment and refraining from enforcing other regulations -- and in court when a target attempts to present 4th amendment defenses everyone pretends (and testifies) that the provider was searching the customers private files of their own volition and not on the government's behalf.
In this game neither the provider nor the governments hands are clean because they are both conspiring to undermine the constitutional rights of the public.
"Apple announced plans last year to scan the iCloud for known sexually abusive depictions of children, but the rollout was delayed indefinitely after resistance from privacy groups."
You shouldn't have to travel to a doctor's office to get privacy. There is nothing wrong with a parent or a doctor taking pictures of a medical condition (rashes, etc).
- Corona
- Specialist far away
- Quick Checkup
- Doctor is on vacation
Also, I am sorry this happened. It is very human to respond to a person in authority - but we need to be better and start asking questions. It is our privacy at stake.
Hopefully everyone learns from this; Also, Google was doing the right things.
And I really don't see how Google insisting that banning them was the right thing to do and being cleared by police doesn't warrant undoing the ban is "doing the right things".
During Google+, Google controversially instituted a "real name" policy. This was controversial and completely driven by Vic Gundotra who would get up at company meetings when asked about this (back when he still answered questions because believe me that ended) and said "we don't want people named 'dog fart'".
Legitimate concerns that people might have for their safety were completely brushed aside.
Anyway, the enforcement for this of course was automatic and resulted in I'm sure many false positives. But what happened when your account was flagged/ You lose access to everything.
This too was criticized at the time and people asked "well if it's a policy violation for Google+, why do people lose their Gmail?". These questions too were completely brushed off.
At this time I decided I simply couldn't and wouldn't use any other Google service because my Gmail is too important to risk by an automatic ban from a false positive on a completely unrelated product.
And here we are, a decade later, with the exact same nonsense happening.
Now of course the CSAM ban itself is ridiculous. Refusing to reverse it is ridiculous. All of that is true. But don't tie your email or your phone to a company's other services when they do blanket bans like this.
Disclaimer: Xoogler.
Give us de +Word back... dont "improve" the stupid quotes.
1) AI bot
2) Beg HN/twitter for insider help
3) Lawyers
That's absolutely insane for a product set that has become central to one's life
What's recommended for a domain registrar to move my domains over to?
I figure I can probably self-host photo/file backups, move 2FA to Bitwarden, and migrate mail over to a paid Protonmail plan, but who can I trust for domain names? Mostly just for email aliases, but a couple for some hobby websites. GoDaddy can take a hike, and I've used namecheap before but what other options are good/trusted?
While historical approaches to finding this content have relied exclusively on matching against hashes of known CSAM, the classifier keeps up with offenders by also targeting content that has not been previously confirmed as CSAM.[1]
[1] https://www.blog.google/around-the-globe/google-europe/using...
To sort of add a lively "Here's what's trending!" kinda thing
They pulled that feature really fast when it made users acutely aware that their searches were not at all private.
So... Likely this reason.
Someone with enough clout would 100% be able to get accounts reinstated (likely without even needing a police report of no wrong-doing).
Google’s refusal to have appropriate moderation and support for edge-case situations is a completely different thing.
Well... here we are, normal people don't think it's possible to transfer an image over the internet without a megacorp being in the middle of it. Pretty strong sign something has gone wrong.
In the olden days, if the AT&T monopoly just cut off phone service to a (convicted in court) pedo, they would get in severe trouble. We the people imposed limits on powerful companies. Even today, with the monopoly split up, this would not be legal. Let alone just deciding on their own initiative to do it.
In this case, a utility provider is cutting off service based on a digital rumor. They are judge, jury, and executioner.
The laws governing telcos were made over a period of 150 years, but most particularly in the 1920s and 1930s.
Google does not fit these laws because they do not charge for them (perhaps this should be made illegal?) and monetize them differently. Also, obviously the services are far beyond simple voice or fax. And yet, they are definitely utilities.
Utility companies must not be politically partisan or active. Mixing those two things is toxic and bad for society. It also is too much of a temptation for politicians to use the implied power of utilities over the people to silence or supress opposition.
If Google wants to be an activist company, then it will need to shed its utilities. If Google wants to provide utilities, then it needs to shut down its activism.
This is a big part of the problem, technically you have a recourse, but the cost for individuals is a barrier to justice. Organisations have a lot of freedom to act behind the cost to litigate.
It never occurred to me that this might get my account banned.
Because why on earth would you oppose protecting children? /s
I am extremely fortunate that the account that was deleted without recourse only contained data I had copies of on my hard drive, and to my knowledge law enforcement isn't involved.
The article fails to mention the stress and trauma of being accused of having CSAM. That remains to this day ... I'm posting from an alt because even the false accusation carries a potentially career and family destroying stigma.
