Privacy

by Mike Masnick


Filed Under:
ads, control, privacy, privacy policies, transparency

Companies:
google



Google's Quiet, Confusing Privacy Policy Change Is Why We Need More Transparency & Control

from the don't-hide-this-shit dept

Last week, I wrote about how privacy is about tradeoffs, and despite what some people claim, there's no such thing as "absolute privacy," nor would you actually want something approximating what people think they mean by it. The real issue is the tradeoff. People are quite willing to trade certain information in exchange for value. But, the trade has to be clear and worth it. That's where the real problems come in. When we don't know what's happening with our data, or it's used in a sneaky way, that's when people feel abused. Give people a clear understanding of what they're giving and what they're getting and you eliminate most of the problem. Then give end users greater control over all of this and you eliminate even more of the problem.

This was our thinking in designing a Privacy Bill of Rights for companies to abide by in designing their services (along with EFF and Namecheap).

It appears that Google would fail to meet the standards of that bill of rights. Last week, ProPublica wrote about how Google quietly changed the privacy policy related to how it connects DoubleClick advertising to other data that it has about you, allowing the company to actually link your name and other identifying information to you as you surf around the web. And, on top of that, it apparently includes tying what you type in Gmail to the ads you might see.
The practical result of the change is that the DoubleClick ads that follow people around on the web may now be customized to them based on the keywords they used in their Gmail. It also means that Google could now, if it wished to, build a complete portrait of a user by name, based on everything they write in email, every website they visit and the searches they conduct.

The move is a sea change for Google and a further blow to the online ad industry’s longstanding contention that web tracking is mostly anonymous. In recent years, Facebook, offline data brokers and others have increasingly sought to combine their troves of web tracking data with people’s real names. But until this summer, Google held the line.
Here's the thing: a lot of privacy advocates I know will likely say that this move is de facto "bad." And that any linkage between identity and ads is bad. But I'd argue that the real problem here is Google's unwillingness to be clear and transparent. It slipped this change in and then made up some PR-speak about why it was doing it, in a way that wasn't at all clear to basically anyone:

Google spokeswoman Andrea Faville emailed a statement describing Google’s change in privacy policy as an update to adjust to the “smartphone revolution”

“We updated our ads system, and the associated user controls, to match the way people use Google today: across many different devices,” Faville wrote. She added that the change “is 100% optional–if users do not opt-in to these changes, their Google experience will remain unchanged.” (Read Google’s entire statement.)

Existing Google users were prompted to opt-into the new tracking this summer through a request with titles such as “Some new features for your Google account.”

The “new features” received little scrutiny at the time. Wired wrote that it “gives you more granular control over how ads work across devices.” In a personal tech column, the New York Times also described the change as “new controls for the types of advertisements you see around the web.”

Blech. If this is really actually important, and provides more value, don't give the bullshit explanation and confuse reporters. Tell people what's happening and why. If Google is afraid to be upfront and honest about it (things that the company used to do) then it feels like the company recognizes that it's not providing enough value to consumers with these moves. To paraphrase the old saying about it not being the crime but the coverup that gets people, in this case, it's not the privacy policy change that's the clear problem here, but the fact that Google tried to hide it and mislead people about it.

Thankfully, Google does provide the other prong of our test: giving users control.
To opt-out of Google’s identified tracking, visit the Activity controls on Google’s My Account page, and uncheck the box next to “Include Chrome browsing history and activity from websites and apps that use Google services." You can also delete past activity from your account.
But it would have been a lot better if the company could have just been upfront and honest about it. This is why transparency and clarity about intentions are so important. If companies don't do that, then people will (rightly) assume that the moves are designed in a manner to be anti-consumer. If Google truly believes it's providing a better product with such changes, explain why and how and let users decide for themselves.

Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    Mason Wheeler (profile), 26 Oct 2016 @ 12:35pm

    She added that the change “is 100% optional–if users do not opt-in to these changes, their Google experience will remain unchanged.”

    ...

    To opt-out of Google’s identified tracking, visit the Activity controls on Google’s My Account page, and uncheck the box next to “Include Chrome browsing history and activity from websites and apps that use Google services."

    Wait, so is this opt-in or opt-out? That's kind of a huge difference...

    reply to this | link to this | view in chronology ]

    • icon
      Oninoshiko (profile), 26 Oct 2016 @ 1:05pm

      Re:

      I think it's "opt-grey." There was a message that came up, but it was misleadingly worded. It's hard to say something is truly "opt-in" when you go out of your way to make sure the choice being made is an uninformed one.

      reply to this | link to this | view in chronology ]

    • icon
      Mike Masnick (profile), 26 Oct 2016 @ 1:36pm

      Re:

      Wait, so is this opt-in or opt-out? That's kind of a huge difference...


      You had to "accept" the new terms, but they were pushed on people heavily and not clearly explained. It was implied that these changes were nothing major, but necessary for mobile services.

      reply to this | link to this | view in chronology ]

      • icon
        Manabi (profile), 26 Oct 2016 @ 2:09pm

        Re: Re:

        I can confirm, had them try this twice on my phone and then I had to deal with it on mom's and dad's phones. It's presented as no big deal, just something you should accept so you'll have better service. They also make it difficult to figure out how to reject it. If I'm remembering it correctly, you have to select "more information", and after that you can finally decline. (Also, you have to select more information to even find out what it changes.)

        Google has done this change extremely underhandedly. I have no doubts it was done that way on purpose. I just don't see how you could get it so confusing and tricky without actively trying to make it that way.

        reply to this | link to this | view in chronology ]

  • identicon
    John Mayor, 26 Oct 2016 @ 1:21pm

    DIGITAL HUMAN RIGHTS RUBBER, AND THE ROAD

    I have a much different view of Digital Human Rights than most people!
    .
    Please!... no emails!

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 26 Oct 2016 @ 1:21pm

    I dislike the change as it makes it easier for courts and spooks to get an already-made-profile of everything you are via a court.

    The legal realities of present-day make me wary of having *any* online activity of mine attached to my name.

    I've lost trust in the courts, Federal law enforcement, and especially the Intelligence Community in regards to *anything* involving a computer. And this mistrust only gets worse every time they play word games to lie about what they do and why they do it.

    Alex Stamos said the Snowden revelations set the hacker Fed relationship back by a decade. The followup responses by Feds have largely made this worse. Their only tactic to get trust back appears to be chanting "trust us" and "cyber" endlessly while releasing large amounts of legal documents that dance around the most important and substantive legal issues involved.

    reply to this | link to this | view in chronology ]

  • identicon
    I.T. Guy, 26 Oct 2016 @ 1:29pm

    Does anybody actually use Google services with their real name? Why?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 26 Oct 2016 @ 1:41pm

    So....again a reason to ad block

    I'm having a real tough time to find what situation, other than ignorance, leads to not doing all browsing with both ad block and noscript running.

    reply to this | link to this | view in chronology ]

    • icon
      Manabi (profile), 26 Oct 2016 @ 2:14pm

      Re: So....again a reason to ad block

      And when it comes to Google, if you have a Google account, don't search while logged in. I access my Gmail in a portable Firefox instance, and my main browser (where I do all my searching) isn't logged in at all. So my Google searches aren't being associated with my Google account. I also use Firefox on my phone instead of Chrome, but that's more so I can adblock on mobile.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 26 Oct 2016 @ 2:26pm

        Re: Re: So....again a reason to ad block

        And when it comes to Google, if you have a Google account, don't search while logged in.

        What does the privacy policy say about this? Does anything prevent them from linking those together (e.g. by user-agent, IP, "supercookies", webRTC, DNS cache detection, etc.) and using that linkage for advertising?

        reply to this | link to this | view in chronology ]

        • icon
          Manabi (profile), 26 Oct 2016 @ 5:26pm

          Re: Re: Re: So....again a reason to ad block

          I don't know about their privacy policy, but if you live in a household of multiple adults (like I do), linking them that way dilutes the value of the data. Since they can't be certain the searches are by the same person, they'd be making the profile of your interests they've built worthless. Since they make their money on targeting ads to your interests, they'd be idiots to do this.

          reply to this | link to this | view in chronology ]

          • identicon
            Anonymous Coward, 26 Oct 2016 @ 7:29pm

            Re: Re: Re: Re: So....again a reason to ad block

            Unless all adults use the same computer, browser fingerprinting can tell them apart.

            reply to this | link to this | view in chronology ]

  • identicon
    Jimb, 26 Oct 2016 @ 2:18pm

    absolute privacy

    It is the opening sentence's stance that diminishes privacy rights for everyone.

    Our children may not be willing to give up their privacy, yet their parents have "screwed" them over by giving it up for them.

    Privacy is what you do to attain it and keep it. If you don't fight for it it will be taken away. Your privacy is absolute insofar as you fight for it. Your privacy is a human right.

    This is precisely why everyone should have their own email server at home (and in their business). Email servers may be difficult to set up, especially without a guide, but there are enough guides to help everyone out (and people that can be hired to do it for you) to make it happen. Once it is set up it is quite insanely easy to maintain. In fact, it requires very little maintenance. And, don't give me the shit reasoning about backing up the server or about keeping it online.

    You don't have it already in your home because of those bullshit excuses. Yes, Mike, total and utter bullshit.

    What kept you from maintaining your own email servers were manyfold issues, however most of those issues no longer exist, especially the primary ones: Back in the day you had no 24/7 internet and hardware was expensive. Today most families have an overabundance of computers and they are cheap enough to set aside one as an email server. Nearly everyone with internet has 24/7 connection.

    You force us to fall into the bigger pool of users giving government and criminal easier access to your privacy. Stop it Mike. Privacy is KING.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 26 Oct 2016 @ 3:40pm

      Re: absolute privacy

      First off I quite agree with your stance here.

      But I have to encourage using LavaBit's new DIME protocol (https://darkmail.info/) over hosting your own eMail server. You can still self-host DIME (ofcourse), but that would theoretically make little difference.

      The problem with self-hosted eMail is that, being an ancient protocol that's been learning security as it went, it is trivial for your ISP to man-in-the-middle even if you set up proper security. So you might as well use their services.

      Our protocols in general must be upgraded to leak near no information, while being more resilient to other attacks. This is possible, the technology exists! We just need to do so while maintaining some backwards compaibility.

      That said there's some truth to what Masnick's saying here. But in most situations "approximating absolute privacy" will not inconvenience anyone (e.g. publishing and reading these Techdirt articles). And where it does, we can certainly avoid handing out certain information (does Techdirt really need to be told my browser and operating system to publish a comment underneath this article? Your browser will give that information out without asking)

      reply to this | link to this | view in chronology ]

    • identicon
      Thad, 26 Oct 2016 @ 4:50pm

      Re: absolute privacy

      It is the opening sentence's stance that diminishes privacy rights for everyone.

      I take it you didn't read the previous article that the sentence in question links to?

      Because here's what it says:

      The idea of "perfect" privacy makes no sense, because people reveal all sorts of stuff about themselves all the time because the tradeoff is worth it. For example, just walking out of your house to go to the grocery store is a tradeoff. You give up some amount of privacy (someone can see you leaving your house, others can see what you're buying), because we think it's worth that minimal loss of privacy to get food. But it's an individual tradeoff based on our own individual decision making -- people who are famous celebrities or hiding from someone who wants to kill them may view the tradeoffs differently. That's why it always bothers me a little when people focus on privacy as if it's a thing, rather than looking at the cost-benefit tradeoffs that each individual needs to make.

      What is it that you believe is inaccurate about that series of statements? Because it seems pretty straightforward to me.

      Moving on to your next point:

      This is precisely why everyone should have their own email server at home

      You keep saying this. It is absurd.

      I'm not a Gmail user, precisely because of the kinds of privacy concerns we're talking about.

      But what, exactly, would I gain from running my own e-mail server? Sure, if I used PGP, and everybody else who I ever exchanged e-mails with also used PGP, then my e-mail couldn't be observed by a third party in transit. But that's completely independent of whether I'm running my own server or using somebody else's.

      If I'm not using PGP, then I've got, what, SMTP/STARTTLS? An encryption protocol that sends e-mail that can be decrypted at any relay between me and the destination? In other words, it's better than no encryption at all, but sort of requires that I trust my ISP not to read my e-mails. And if I trust my ISP not to read my e-mails, then why do I need a private server in the first place?

      And that's before I even get into spam filtering, DDoS attacks, joe jobs, or even really basic stuff like closing your relay.

      I've run e-mail servers, both business and personal. I'm glad that I'm not doing either one anymore; too much hassle for not enough benefit.

      And that's coming from a guy who knows how to do it. That you expect end users to figure out how to do it ("just read a guide online!") suggests to me that you don't deal with a lot of end users.

      We are talking about people who do not know the difference between Windows and Office. People who call tech support for help before they try rebooting their computer to see if it fixes the problem. People whose password is "Password123456!" You are suggesting that these nice people should be expected to learn to set up an e-mail server.

      If you want to run your own e-mail server, that's great; enjoy. It probably doesn't help protect your privacy nearly as much as you think it does, but it's a useful skill, and an interesting personal project.

      But it is a wildly impractical suggestion for 99% of computer users.

      And that's if I round down.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 26 Oct 2016 @ 5:01pm

        Re: Re: absolute privacy

        Not every bit of info that's recorded on the wire is kept indefinitely. Storage technology has not reached that level yet.

        Running your own server means you'd need to have a warrant handed to you for a change rather than having a warrant served to Google and you never knowing that your information was sifted through by countless numbers of Feds. If the info they want on you hasn't already been pre-recorded, they'd need to get it from your sever or that of someone you've e-mailed.

        In either case, it's still a privacy benefit for you to run your own server. It forces Feds to do more legwork to get information on you. More legwork and potentially less reward depending on your archival practices.

        That's the pr

        reply to this | link to this | view in chronology ]

        • identicon
          Thad, 26 Oct 2016 @ 5:28pm

          Re: Re: Re: absolute privacy

          > Running your own server means you'd need to have a warrant handed to you for a change rather than having a warrant served to Google and you never knowing that your information was sifted through by countless numbers of Feds. If the info they want on you hasn't already been pre-recorded, they'd need to get it from your sever or that of someone you've e-mailed.

          Yes, exactly.

          Don't you see the number of caveats you just used?

          *If* they're not currently monitoring your e-mail, *if* your ISP hasn't already agreed to intercept your e-mail, and *if* they don't just go and spy on the recipients of your e-mails instead of you, then at least you'll know they're reading your e-mail when they knock on your front door to seize your server (and probably every electronic device in your house).

          And this is better than just using PGP in what way, exactly?

          reply to this | link to this | view in chronology ]

          • identicon
            Anonymous Coward, 27 Oct 2016 @ 6:42am

            Re: Re: Re: Re: absolute privacy

            You yourself said not everyone uses PGP. If you use your own email server, you maintain more ownership rights of your own data.

            reply to this | link to this | view in chronology ]

            • identicon
              Thad, 27 Oct 2016 @ 11:11am

              Re: Re: Re: Re: Re: absolute privacy

              > You yourself said not everyone uses PGP.

              Yes, and not everyone uses their own e-mail server.

              Setting up PGP is both easier than setting up your own e-mail server *and* a more effective way of securing your data. Not that the two things are mutex, but if I'm going to start with one of them, it's pretty obvious which one it should be.

              reply to this | link to this | view in chronology ]

  • identicon
    Bill, 26 Oct 2016 @ 3:11pm

    Limp noodle criticism

    From a paid Google shill... Whoopee.

    reply to this | link to this | view in chronology ]

  • icon
    JBDragon (profile), 26 Oct 2016 @ 3:20pm

    This is why a limit myself of Google stuff. I have a gmail account and that's enough spying I need from them. Let alone all the rest including spying on me everywhere I go.

    So I have my iPhone. Apple has no need to spy. They don't own a search engine. They don't make their money selling ad's! I use DuckDuckGo most of the time. I use Ad blockers like Ghostery Which blocks ad's and tracking, etc. Sometimes I turn on my VPN access.

    I limit the best I can. I sure don't want 1 company to know my whole life. No NEST for me. I don't want Google knowing when I'm home walking past the freeken thing. I limit to very little of anything on my on Facebook. Just enough so that old friends can reach me. I don't post my life or anything at all on Twitter.

    There are things you can do, and not just accept it. Right now with this for Google, it's opt Out and not clear and hidden. At some point you will have NO CHOICE!!! You privacy rights are slowly going away. It's like boiling crap in hot water. Stick them in cold water, turn on/up the heat, and it gets warmer and warmer and before they know it, it's to late and they're DEAD. Your privacy gets less and less every year and before you know it you have NONE!!! They do it FAST and people are up in arms big time. Do it slowly and you can get away with it.

    The same has been happening to this country as we lose more and more of our rights and Government grows larger and larger. They won't be happy until you're paying 80-90% of your money in taxes. It keep creeping up. People would be up in arms if they had to write one big tax bill every month, instead of it taken out of your paycheck, and out of everything you buy, and all the services, and Property taxes and on and on and on.

    You could tax the so called Rich, the top 10%, 100% of their money and it would be a drop in the bucket to paying off the 20 trillion dollar debt.

    This is how it works. Do things Slowly and it becomes NORMAL over time!! If you don't like it, now you're called the CRAZY person!!!

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 26 Oct 2016 @ 3:35pm

    My settings are opted out. So their statement regarding not opting in by default appears to be accurate. I hadn't touched those settings in several years.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 26 Oct 2016 @ 5:18pm

    Don't tell me what I want you dip-shit. You are not the arbiter of privacy or what it entails (or anything else for that matter)...

    Respect for privacy means allowing a person to HAVE it, not outlining how it's going to be invaded, no matter how transparent.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 26 Oct 2016 @ 6:47pm

    Is this really that surprising?

    Google is, first and foremost, an advertising company. The search engine, YouTube, emails, Docs, Drive, all those other nice things Google gives you for free? It's so they can show you more ads.
    And if there's a way to show you even more ads or collect more data about you (for ads), why wouldn't Google take it?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 26 Oct 2016 @ 7:38pm

    "People are quite willing to trade certain information in exchange for value"

    Correction: "Idiotic masochistic sheeple are quite willing to trade certain information in exchange for value"

    reply to this | link to this | view in chronology ]

    • identicon
      Thad, 27 Oct 2016 @ 11:14am

      Re:

      One: Anyone who uses the word "sheeple" unironically should not be taken seriously.

      Two: No, everybody trades certain information in exchange for value. Every time you leave your house, you're doing exactly that.

      I take it you're another person who's responding to the article without following the link in the first sentence? Because it covers all that.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 28 Oct 2016 @ 7:00am

        Re: Re:

        "I take it you're another person who's responding to the article without following the link in the first sentence?"

        You would, wouldn't you?

        reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 27 Oct 2016 @ 1:13am

    All this past month, advertising companies in my country have been using the hours Techdirt staff spend sleeping to assault me with auto-playing video ads for British school-leavers, with adverts for joining the army, becoming an apprentice, and various ads for just-left-home necessities like cleaning products.
    I get ads for movies I don't watch, booze I don't drink, games I don't play and sports I can't even conceive of wasting time out of my day thinking about.

    I'm no fan of giving the corporatocracy a full hold of my personal information but they're getting it anyway and at least it might help divert some fraction of the river of pure shit that flows my way every time I try to support a site by turning off my ad-blocker.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 27 Oct 2016 @ 4:05am

    When Google met wikileaks. Read it.

    Assange calls state dept, Google guys call back. Assange calls Google, state dept calls back. Interesting.

    reply to this | link to this | view in chronology ]

  • identicon
    Matthew A. Sawtell, 27 Oct 2016 @ 5:53am

    The 'merging' is not just there...

    ... for some reason it appears that Comcast and Google are also sharing data together, because for some time now when I use my Comcast E-Mail address to send messages, those receiving those messages are seeing my Google ID. Wonder if this has happened to anyone else?

    reply to this | link to this | view in chronology ]

  • icon
    Padpaw (profile), 27 Oct 2016 @ 8:13am

    I thought there were laws against retroactively changing a contract or policy after both parties have agreed to it?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 27 Oct 2016 @ 10:55am

    When Eric Schmidt becomes HRC's Secretary of Defense

    Google will merge with the NSA.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Oct 2016 @ 4:33pm

    Eric Mark Schmidt Zuckerberg: "If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place"

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: I Invented Email
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.