I guess I'll be the lone voice chiming in that I find this pretty useful. There's been a number of times I've been like "oh, what's that song I asked Google to identify a month ago?" or "what was that page I managed to find last year by searching about [x]?" that I've been able to remember via this tool.
Yeah, Google knows everything about me. C'est la vie. At least it's useful. What exactly is the threat model that everyone is operating under which prompts all the comments here?
I have to say I'm almost more shocked at the number of "shocked" comments here than at the page itself. Not only because of what you mentioned, but also one would expect an audience like HN to know about this. Google has even nagged me with notifications to take a look at this page several times in the past.
Also, for some weird reason (maybe because I'm using browser extensions?) my entries seem to come from the future:
Then tell yourself now that you will search for stock quotes in the future. If you follow through in the future then that information should show up now. If you don't destroy causality and blow up the universe, you'll be rich.
I would've agree with you in the past, but I think there are a number of reasons that there is always a huge amount of "surprise" when things like this are posted:
1. Ignorance is bliss: People don't WANT to know about this kind of thing. It can be upsetting, anxiety inducing, uncomfortable, dystopian, etc. so it "feels" a lot better not constantly thinking about and analyzing the ways in which your tracked
2. Assumptions: This may be tied to the previous point, but I think a lot of people make assumptions that these massively successful, and in their eyes beneficial, organizations wouldn't be collecting, analyzing, or using data in any kind of malicious or questionable ways if they even think about it at all
3. Dark patterns/misdirection/dishonesty: companies do everything in their power to make sure user aren't able to easily opt out, don't have a clear understanding of what is actually happening, and make it very difficult to find answers about it in a way the average user would understand
4. Technical knowledge: While there are lots of highly technically skilled users here, many of them specialize in something not related to this topic in any meaningful way. Our company has plenty of developers, for example, that can code at a substantially higher level than I am able, but otherwise their computer literacy is completely non existent. I'm no longer surprised when technical users seem to lack basic knowledge about a particular technology, because no one can specialize in everything
In the age of Google (what a paradox lol), at least people can borrow an opinion if one is not available.
100% agreed with this statement: I'm no longer surprised when technical users seem to lack basic knowledge about a particular technology because no one can specialize in everything
I read somewhere that there are lots of hubris & privileged self-ego stoking happening in the IT industry (just look at the tough super technical interview questions you need to answer in every IT job ever). But more than 50% of the software developed or designed in the world is not good enough.
I still have to come across a strong argument that would really make me worried about this kind of tracking done by Google.
Things like this absolutely isn't intuitive to people. Partly because the industry have done a "good" job downplaying it to make a lot of money. Many industries, like banking, does similar things. It is just a bit sad that tech has become one of them.
> I have to say I'm almost more shocked at the number of "shocked" comments here
Being "shocked" by something doesn't imply that you didn't know it was happening. There's plenty of things that I am perfectly aware are happening every day that shock me nonetheless.
Does there have to be a a threat model for people to be uncomfortable with or unsupportive of surveillance? I just bought a new android phone, and if you accept the defaults they track so many different things (not even while you are using a google service necessarily). I disabled it all, and am constantly prompted to enable location history and a bunch of other tracking features. I don't like Google, I don't like their business model, I don't like how they go about what they do; a threat model isn't required to fundamentally disagree with an inescapable organization collecting and analyzing everything about me so it can be, at best monetized, and at worst used to manipulate people
I don't have a "threat model", per se -- I haven't written anything down or drawn anything. However, I do use the term "threat model" in conversation. What I generally mean by this is "I've given a lot of thought to what/where the biggest threats are in my life and the steps I'm willing to take accordingly". My threat model is an informal mental-model more than an actual document (like the threat models I create at work).
What I find surprising is that Google is exposing themselves voluntarily to subpoenas [1]. The more info Google collects, the more courts will try to use Google records as evidence. Therefore, isn't it in Google's interest to collect and store only the exact info they need, expiring records ASAP so there's as little as possible for courts to collect?
Perhaps Google has factored that risk into their calculations and they have decided that in the current legal environment, the money they earn by storing everything outweighs the money they lose by complying with subpoenas.
It seems like you're assuming that complying with a subpoena is a huge burden to Google. I would assume that a company with teams of lawyers and procedures already in place, this would be a very minor cost.
I liked the map[1] of all the places my phone has been. I mean, my damn telco and various three-letter agencies already have this info for wherever I have my smartphone -- so its nice that at least I have it too. I can reminisce about the frijte stand in Amsterdam.
> Yeah, Google knows everything about me. C'est la vie. At least it's useful.
And that's fine. If you find being tracked to be useful and good, then I have no problem with you being able to do that.
But those of us who don't want it should be able to avoid it as well.
> What exactly is the threat model that everyone is operating under which prompts all the comments here?
I'm not sure what you mean by threat model here. But, at its core, the issue for me is that companies like Google collect data about me without my consent. That's just straight-up immoral and unethical.
Would I consent to having some data collected about me in exchange for some service? Sure, depending on the data and service. But it has to be my choice -- in other words, it has to be opt-in and I have to be correctly and completely informed of what's going to happen with my data.
This information is actively used to influence your behavior via advertisement, and places you in an echo chamber via personally tailored search results. Further, experience has shown that eventually this type of information will end being used by third party entities (hackers, governments).
I don't think it's productive to categorize tracking of this sort as evil itself. As with any technology, the applications to which it is put are the determining factor of the morality of the tech. In the case of a user knowingly trading their personal information for free applications and some amount of convenience, I don't see evil when that personal information serves the purpose of targeted advertising. When used for targeting web content that might push a person's view more towards the extreme end of the spectrum, we're getting into the gray area quite a bit. Using that information to identify political enemies of the state and preemptively silence them, then yes I'd say that crossed over into the evil side of the spectrum.
I don’t think it’s appropriate to use HN to repeatedly defend your employer without disclosing that affiliation. If you’re going to do it, at least try to argue your point of view with some substance.
Completely disagree as it just seems like we're going to waste a lot of time with disclaimers rather than having a real discussion (a la CA prop 65 warnings). How far does the "employer affiliation" responsibility go? If you leave a company, does it still apply? If you're in a company backed by YC does it apply? If you disagree with what your company is doing does it still apply?
I don't go out of my way to acknowledge my employer affiliation but I don't go out of my way to hide it either, e.g. do a search or look for some of my more technical posts.
I put the same amount of effort into my post as the parent did into establishing the evil of this page.
I have seen people use this to spy on their spouse/partner (usually ex-partner, after that). Seeing their google searches, locations and email is a ton of data.
Obviously, never do this. It's illegal and a huge violation of privacy. To anyone tempted to do this, just assume it's time to breakup now, and deal with your issues as adults.
What is actually shocking is that these data are made so easily accessible when you are logged into Google anywhere. There should be additional hurdles to view the entirety of a person's history with Google beyond merely being logged in. The potential for very easy and all-encompassing snooping (e.g. from friends and colleagues) is staggering!
I actually find Google to be quite good here - if it detects something suspicious, such as login from a different browser or location, it will prompt you for another authentication factor, such as an SMS one-time code, or 2FA if you have it enabled.
I would add that if you haven't already enabled 2FA, you should.
If someone has access to this page (for your account), they have access to your Gmail, and likely have the ability to reset passwords and log in to any website you signed up for with that email address.
The solution, as always, is to secure your account.
The fact that your personal activity log isn't in your hands at all. It's fine to collect this but google should be blind to whats in there. I agree, it is useful to go back and see what the hell you did, but I don't go around handing advertisers my diary for potential revenue streams either.
Turning off all of the controls under myactivity won't stop Google from scanning your emails to track any purchases you make. The only way to stop that is to switch off of Gmail.
Because you’re attempting a highly sensitive action, we need to be sure it’s really you. At the moment, we can’t. Try again from a device you normally use (like your phone or laptop) or from the location you usually sign in from.
Learn more about verifying it's you."
No other option. Everywhere I try is the same.
Giving an Evil company like Google my data. How could I have been so naive and foolish.
Spam filtering is also my only reason for keeping Gmail.
Which makes it even more ironical, given that Google is the biggest advertising company around.
This is what finally prompted me to move to Fastmail after being on G Suite since 2007. Even though I have to pay for Fastmail and was grandfathered into free on G Suite. Pretty happy with it so far.
Now going through the process of reducing all the places I use Google services. Moved my personal stuff from GCP to Digital Ocean. Gmail to Fastmail. Chrome to Firefox / Safari. Currently seeing if Zoho is a good substitute for Google Sheets and Docs.
Not sure I'll go so far as use DuckDuckGo fulltime, but maybe i'll give it another try.
I switched to DDG a few weeks ago, and it's surprisingly better than I remember. Though for technical searches I have to add a second context parameter "go programming FOO" instead of "golang FOO" etc. But that isn't so bad. I've only fallen back to google a couple times, easy enough with ddg `!g search`.
May switch my browser to Brave, Opera or Edge too... though there are aspects of each of them I'm not fond of. The new Edge is decent.
I've been using MXRoute¹ for the past year and it's gone really well. I've never had a dropped e-mail. They use MailChannels² as a blacklist fallback. They're affordable, reliable, with quick support.
> As of December 2018, FastMail and all other Australian companies are subject to the Assistance and Access Bill, which compels them to assist law enforcement in accessing encrypted communications if warranted during an investigation. FastMail stated that while their services were not "materially affected" since they already complied with warrants per the Telecommunications Act, concerns have been shown by customers over the bill's effects, which has led to losses of business.
I find this feature insanely useful. Google is doing something useful with my email. I learn about delayed flights way way in advance of anyone else as a result.
So let's just be clear here:
- you get an email, to you, privately
- gmail used to offer making a calendar for certain keywords in an email
- google will now automatically do said calendar entries - on your PRIVATE calendar btw
- google will also combine real-time flight info with your flight info, and tell you useful things via PRIVATE push notifications to you only.
This whole thing is the culmination of years of singularity "the computer will expand the mind" rhetoric. It's totally privacy protecting - the calendar entries, push notifications are private.
This is what everyone has been trying to build for years. We are here. And all of a sudden it's creepy? Because they notified you a dozen times, via email they were going to do this, and you ignored it?
Email has been turned into a useful automatically actionable system. My family forwards their itineraries and I don't have do anything else, it's automatically calendared. That's probably the only reason I pick them up from the airport frankly.
I like how you redefine PRIVATE from "something I can see" to "something I can see and Google machines can add to and edit at whim, and Google employees hired by strangers for profit, an unknown number in unknown places, with no individual accountability, can potentially access" and then use your new definition of PRIVATE-which-isn't to bludgeon other people as luddites.
This whole thing is the culmination of years of singularity "the computer will expand the mind" rhetoric.
This isn't your mind being expanded, this isn't you thinking new thoughts.
This is what everyone has been trying to build for years. We are here. And all of a sudden it's creepy?
Kurzweil VoicePad and Dragon Naturally Speaking tried to build Voice Recognition on-device for years and it was a bright and techno future. Then Google Now, Siri, Cortana and Alexa got people to send speech samples over the internet to a foreign, perpetual-record, datacenter. The voice recognition part is better, but now it's creepy.
Email has been turned into a useful automatically actionable system. My family forwards their itineraries and I don't have do anything else, it's automatically calendared. That's probably the only reason I pick them up from the airport frankly.
Why doesn't Google forward their itinerary to Uber and have someone else pick them up at the airport, so you don't have to be involved in your life at all?
Email misses most of my appointments. Doctors? Dentists? Picking a family member up at the airport? Your kids' karate classes? Playdates? Anything else arranged by text message?
Although maybe the problem is they don't know enough about my and my kids' life.
This is pretty awful. A bad assumption to make was that by turning off all activity monitoring this would have also been stopped. You can delete these items by deleting the email itself but that's a ridiculous burden to put on the end user. Oh, you don't want us to know you spent hundreds of dollars on baseball tickets? Better delete the email invoices.
Wow, this is ugly. I don't like seeing all of this in one place. I shudder to think of what is actually stored behind the scenes if this is what they make publicly available.
The most creepy, though useful thing I've experience with google, was the android notification "You should leave for the airport now" for something I never set, based on my airline receipt.
Also, you can not delete it.
I deleted all mails in my Gmail, things still show.
Additionally, I can not even use the "download my data" options because it says "We can't verify it is you" and there is no way no authenticate myself.
So basically, Google really likes my data and holds it hostage.
I'm seeing the same issue. I've deleted all mail from my gmail account a few months ago, but I still have purchases showing up. Clicking on `remove purchase` takes me into my old empty gmail account. It's one thing to store this data, it's another to prevent users from deleting it.
Same here, gsuite used to be safe from this but mine shows purchases starting this month. Not sure if it only shows the most recent month to everyone, or if that's when they turned it on for gsuite users...
I think for some reason Google parser is very limited - the only thing i see is Steam / Google Play purchases, not even Paypal.
I am in Europe and not using GSuite.
I'm not the most tin foil hat kind of person. I don't mind some of the tracking Google does as long as I know about it.
This url shocked me.
They apparently track every app I open and use on my Pixel phone. They had individual entries for when I skip a song in Google Music. I feel physically sick. I went through and deleted most of what I could and turned off tracking where I could.
tell me why you feel physically sick that you now have a log of your own activity. which you could look through to find something you had done and forgot about. do you think someone at google is gonna sit there and sift through `your` very personal information and do...what?
You don't think Spotify or any other music app (or any app for that matter) does the same thing? How do you think Spotify or any app provide you with recommendations?
I'm sorry, but ... are you (and others here with similar reactions) serious? You don't think Google knows when you skip a song in Google Music? How do you think recommendations work exactly? I thought this was HackerNews, not my grandpa's Facebook feed.
I feel like you have this idea that technically literate people are magically immune from normal human foibles and think through the entire logical chain of consequences for every abstract fact of which they are aware. We are not.
Understanding how Google Music works and knowing that Google tracks information about you does not necessarily imply the very real understanding that viewing pages like this provide. People generally don't logic that way, us included.
I think it's a little more shocking when you see ALL this activity collated in one place by a single entity. It's not quite as impactful (and scary) if it had been Spotify or Apple Music with the music tracking, because that means our so-called digital profile is scattered across largely independent entities and so, no one entity has absolute information about us.
Ok, I just noticed something that is even scarier.
Under the "Chrome, Google Analytics, and more" I see "Used com.kongregate.mobile.adventurecommunist", which is a game installed on my iPhone. Ok, I also have my Gmail logged in there as well, so they somehow read shared data or whatever. But I also see "Used es.socialpoint.chefparadise" which is a game, installed on my iPad at home which is mostly used by my wife for random games and stuff and I don't have any Google account logged in there.
I haven't logged into my Google account on iPad at all. Game progress on iOS apps is usually saved to your Apple ID (Game Center) account. My Apple ID is registered on my gmail account of course, but I'm not receiving any emails from this game that Google might extract ...
Looks like they've removed the summary statistics in favor of a timeline. Still, it's nice to have it all searchable in one place. It also provides a nice place to check that I have all of the handy features turned on.
invdio.us at least proxies. Youtube-dl mps-youtube, and mpv allow direct downloading and streaming (and not just from YT).
I'm working through 12 or so hours of a podcast from a textfile plalist of mp3 links, in Termux, on Android. For my workflow that beats any podcast app.
(Though a good CLI podcast manager would be handy.)
Although, I'd love to see more cross-posting for video content that I follow. I happen to appreciate Tim Pool, Ben Shapiro and Jordan Peterson... and given the push to the left (away from Liberal views even), and towards more censorship, I don't like where things are now.
The best way to combat bad ideas is with more information and facts, not to silence the conversation and push it out.
My email (gmail) is bound with so many services (both online and offline) and it is part of my online identity. It would be so much effort to change the email now.
I don't think there is an alternative to google maps which is in the same level as quality and richness in information. I would be totally lost without google maps when I'm traveling to other countries, especially when it comes to public transportation like tram, U-bahn and busses.
I switched off of Gmail a couple years ago after almost a decade with Gmail, in the same boat as you with my full online identity tied to it. Honestly, the realization that my identity was so tied to it is why I switched - I didn't want to lose my online identity at Google's whim.
The switch isn't as bad as you would think. It was pretty painless.
1. Compile a list of all your online accounts - if you use a password manager, you should already have this
2. Create a new email account on a service you trust, preferably at your own domain. That way, if you decide to switch providers later you can keep your address. I used Fastmail, and I'll cast my vote for them. (I believe Fastmail also has the ability to automatically import all your email from Gmail, although I took advantage of the switch to start fresh. I just downloaded a bulk archive of all my email).
3. Set up a vacation responder on your gmail address explaining your switch.
4. Change your email address on all your online accounts to your new address
5. After a period of time to make sure people are using your new email address, remove Gmail from your Google account. What's really cool about this is you can easily switch your Google ID for your existing Google account to your new email address, so you can continue to use any Google services as you wish without having them in control of your email/online identity.
NOTE: Even after removing Gmail from your Google account, you remain in control of that Gmail address - Google won't reassign it. You can reactivate it at any time (for example, if there was an account you forgot to switch). I've reactivated and re-deactivated mine several times.
It's really not bad, and much more painless that losing access to your Google account.
> you can easily switch your Google ID for your existing Google account to your new email address, so you can continue to use any Google services as you wish without having them in control of your email/online identity.
This is really interesting.
You mean I could change your `google account` email to a non-google domain just like other internet services? Was not sure about what you meant by "Google ID"
If that is true, I probably want to take advantage of this before they remove it.
This is the reason why it's so nice to manage your own domain, even if you were to decide to stay on gmail. You can always just point the domain to a new provider.
I've gone from Namecheap's solution to GSuite to ProtonMail to FastMail, all without an outage of any kind. Migrating previous conversations from ProtonMail was sort of difficult, though.
> My email (gmail) is bound with so many services (both online and offline) and it is part of my online identity. It would be so much effort to change the email now.
This is the same effort I've undertaken in moving to FastMail (or any other similar service). It's not as bad as you think, just change your e-mail every time you log in to a new service. You don't have to do everything as once, but instead when you actual access the service.
I'm now to the point where I don't receive any important e-mail in Gmail anymore, and most (at least all important) of my online identities are now pointed at my personal email address.
In other countries, you could start talking to people and prepare for your travel. Lookup a location on a map before you go there and learn to orient yourself. What is the purpose of travel if all you get more of the same because some algorithm found it "interesting" for whatever reason. About 10 years back people lived without smartphones. All you loose is some comfort. In turn you start using you brain again and gain features;)
> Do you enjoy your free email account, free maps, free YouTube and free search?
It's not free -- you're just paying with data instead of cash.
In any case, no, I don't. I do use YouTube (only on a device and account that is used exclusively for that), but I actually pay money for my YouTube usage.
"They can build a full profile of me with all this data."
What is really scary is that we already have all parts needed to build a "real" online person, except they're scattered around and not in the hands of a single entity. But let's say one day Google or anyone else with enough power and the same data about people buys the technology behind Lyrebird.ai and this: https://www.youtube.com/watch?v=cQ54GDm1eL0
What could possibly go wrong?
I think that part is generally out of mind for most users; what's so surprising when you look at the My Activity page is seeing many of the details that make up those profiles laid out in one place. It appears more...real, even without seeing the insights they're pulling from it.
This would be nice if you were in a discussion about privacy with someone. You could ask if you could borrow their computer for a moment, then visit their myactivity page and show it to them.
For a supposedly tech related group, I'm more surprised that you guys are surprised on whats being tracked. Yes Google has the ability to track A LOT because of the severvices most people use, but don't most people have an abundance of tracking and user metrics across their own product. I know every company I've worked at does the same.
> don't most people have an abundance of tracking and user metrics across their own product.
No product I've ever worked on does this.
But you're right, this is common -- and is why I have to block all outgoing internet traffic by default now. Applications can no longer be trusted to be well-behaved on this score.
https://www.google.com/maps/timeline is a similar tool that I've used to recall the name of places I've been to. In particular, one really good taqueria in San Diego.
Wow now this is scary. Even though I have my location closed they still track me.
The sad thing is most of my time is spent at school according to Google
I got a shock when I first saw that link on HN, it motivated me to finally purge my email archives on gmail. The purchases didn't disappear immediately, but they do seem to have finally gone now.
I had everything disabled but I was forced to enable it to use my Google Home properly. Somehow the Spotify<->Google Home integration didn't work unless I turned on web activity. Makes no sense.
Can you please share how to disable the tracking of the activities? Just pause everything? Have you noticed a decay in the quality of your search results?
I've had everything paused but device info and youtube history for a few months now.
I have not noticed any significant change in the quality of search results. Though I primarily use DuckDuckGo I have to fall back on Google every now and again (or use Google to get different results).
Google is still better at inferring what I mean in a search than DuckDuckGo. Google seems to take into account current events, my location, and pop culture better than DuckDuckGo. I have not noticed any effect from changing my privacy permissions.
I'm not sure I fully understand the objection here. The purchase list is a view over your email. They have the email, and they have the code to construct the purchase from the email. What possible additional security would there be in deleting the derived object if they still have the source material and the means to reconstruct the derived object?
If you don't trust them to handle the derived object according to your desires, then deleting it should not give you any assurances, since they could just rebuild it from the source material and the code they have on hand.
I think what you're really looking for is a mechanism like, "don't use this derived object in ways I find objectionable." I'm not sure exactly what that would look like for you; it would probably be different for every individual. For what it's worth, at least if you believe the news and Google's public statements, it doesn't use the contents of your email for ad targeting.
Why does it matter, though? They claim the list is there purely for your own personal consumption. If that's true, and you don't care to use it, it costs you nothing that it exists. If that's false, then it doesn't matter whether you can delete it or not, because if they're willing to lie about its uses, they would also be willing to lie about whether they deleted it.
> They claim the list is there purely for your own personal consumption
The problem is that they are constantly thinking along these lines, and building products to enable this. Also, they are an advertising company, so this is something that is of value to them. Fox guarding the hen-house stuff.
In my mind, its kind of like hiring an IP lawyer at a company. Even if your company is not litigious, there is a chance that at some point the lawyer initiates legal action to "prove their worth" or even advance their career inside the company. Same thing with this, why is Google paying developers to build this product if they're never going to use it? What is the business justification? Its certainly not for PR or marketing reasons.
Having an apparatus ready to go is very different than having no apparatus. This is part of the reason why weapon buildups are bad across the board even if people claim "nobody" is going to use them.
> In my mind, its kind of like hiring an IP lawyer at a company. Even if your company is not litigious, there is a chance that at some point the lawyer initiates legal action to "prove their worth" or even advance their career inside the company. Same thing with this, why is Google paying developers to build this product if they're never going to use it? What is the business justification? Its certainly not for PR or marketing reasons.
Useful features attract users. Users are a good thing. Like I can apply the exact same argument to email labels:
Why does google let you label emails? They're an advertising company, so labels must be valuable to them. What is the business justification? It's certainly not PR or marketing.
And now suddenly labels sound like an ominous feature, anti-user or anti-privacy or something, maybe. Which they aren't. But the implication is there.
>Useful features attract users. Users are a good thing.
I think its a bit of a stretch calling this feature useful but I suppose you can re-define anything to be useful. Ads are useful too, because you can save money by buying the exact thing that you need. Its too bad that people are downloading ad-blockers by the millions.
Google snooping on emails and extracting purchase related information to stick inside a dossier on you, is in no way the same as you voluntarily, creating a label for an email which they have already scanned anyway. An advertising company wants to know what you're buying, how frequently, and how much you spend on things. That is like a goldmine for them. The labels, are almost noise because its data that is an abstraction away from telling advertisers what will get you to open your wallet - which is the end goal.
>Like I can apply the exact same argument to email labels:
I don't think you can, and I could not follow the argument you made.
So I've rehashed this argument a lot recently: Google has to snoop on your emails. Every email provider does. Spam classification, automatic labelling/filtering, things like the "we think this is phishing" banners, etc. all require some form of analysis. You could (and seem to be) calling some of that "snooping", but some of it is acceptable. So the question is where is the line drawn?
> I think its a bit of a stretch calling this feature useful but I suppose you can re-define anything to be useful.
It's used to alert you on upcoming packages you may receive or bills you need to pay (if you have an android phone/google assistant). I think that's useful.
> The labels, are almost noise because its data that is an abstraction away from telling advertisers what will get you to open your wallet - which is the end goal.
Statements like this amaze me! You really think that manually curated labels would be less useful than automated inference about an email? Supervised learning is basically always easier than unsupervised, and email labels are, quite literally, labels for the data. It's a model-maker's dream!
> I don't think you can, and I could not follow the argument you made.
That's because you personally find labels useful and non-invasive, but feel that this other feature is not useful and is invasive. That's the only difference. If you felt you got value from the purchase history tools, which again, some people do, or if you didn't have an unfounded belief that everyone was lying to you and this data was being used in ways it isn't, you wouldn't find what is essentially automatic labelling of some emails invasive.
The argument is that labels are useful to some people. Google could misuse the data derived from labels. Similarly, purchase history info is useful to some people. Purchase history data could be misused by Google. If you trust Google to not misused labels, then why don't you trust them to not misuse purchase history? If you do trust them in both cases, this doesn't matter, and if you don't trust them at all, why are you using an email client that you think is completely lying about how they're using your data?
>So I've rehashed this argument a lot recently: Google has to snoop on your emails. Every email provider does. Spam classification, automatic labelling/filtering, things like the "we think this is phishing" banners, etc. all require some form of analysis. You could (and seem to be) calling some of that "snooping", but some of it is acceptable. So the question is where is the line drawn?
Its not about a line. Advertising functionality is simply not a core function of an email service. It is something that is tolerated in exchange for a free service. That is not the same as ceding control and letting a vendor do anything they wish simply because a vendor claims its useful.
>It's used to alert you on upcoming packages you may receive or bills you need to pay (if you have an android phone/google assistant). I think that's useful.
Well, how does storing the item purchased and the dollar amount and other purchase details help with tracking anything? AFAIK Amazon for e.g. has stopped putting in tracking information in their emails. There could be a useful function as far as bills are concerned, but its weird to take an email about a bill and then generate another wasteful notification about the same bill. Or to take a package has shipped email and generate another notification. But that is a separate discussion.
Also, if Android and google assistant users have chosen to enable such features with informed consent, I don't see why every single gmail user has to have this this enabled. I mean that in a rhetorical way, I do see why an advertising company would do such a thing. Anyway, I'm simply registering a protest and I encourage other users to do the same. Several invasive Google policies were reversed due to privacy push-backs, and so all hope is not lost.
>The argument is that labels are useful to some people. Google could misuse the data derived from labels. Similarly, purchase history info is useful to some people. Purchase history data could be misused by Google. If you trust Google to not misused labels, then why don't you trust them to not misuse purchase history? If you do trust them in both cases, this doesn't matter, and if you don't trust them at all, why are you using an email client that you think is completely lying about how they're using your data?
That to me, is needlessly polarizing a nuanced issue. "Either you trust us completely or you don't" is not really an argument worth having is it?
I just gave one example of uses this derived data is put to. I don't know what else is available. There may be some assistant actions associated with the data as well.
I think the problem also is that Google scans incoming emails sent by non-google users who haven't agreed to such scanning. (Edit: also with personal domains, a sender may have no idea if this email will eventually find its way on Googles servers)
> at least if you believe the news and Google's public statements, it doesn't use the contents of your email for ad targeting.
True, but its important to note that it used to do that for many years. They didn't make it clear if they removed information mined from previous scanning of emails.
> I think the problem also is that Google scans incoming emails sent by non-google users who haven't agreed to such scanning.
That is definitely not the problem. Email you send is owned by its recipient. Generally, the recipient can do what they want with it, including delegating to Google and allowing Google to scan it for purchase information.
> They didn't make it clear if they removed information mined from previous scanning of emails.
That information was ephemeral, IIRC. It was scanned when you loaded an email to allow advertisers to make bids for ads relevant to the given email. In any case, bits rot at Google like anywhere else. If a feature or system is no longer being maintained, it quickly stops working. There is approximately zero chance that they retained any data that they theoretically would have generated from emails scanned half a decade ago.
>That is definitely not the problem. Email you send is owned by its recipient. Generally, the recipient can do what they want with it, including delegating to Google and allowing Google to scan it for purchase information.
I don't agree that everyone thinks this is the case.
Does this work at all for location history? My web activity has nicer controls like "delete after 3 months", but Maps keeps everything years after I learned and disabled the 24/7 location tracking from my old Android phone.
What's notable is that when I search though DDG, Google still is able to see and track my search item there. I did not even think about that, but a bit eye opening. (I am using Chrome, afterall)
Ah yes, it's only when I use the !g bang operator. But if I recall, a selling point of DDG and searching Google via the operator was that lack of track-ability. Of course, again, I am using Chrome so not shocked, just notable.
Note that OpenStreetMaps isn't about maps. It's about Open Data for Maps. So technically you can use like maps but consider using apps or maps that use OSM.
Great example is MapsMe for Android and iOS. Works offline. However, there are ads in app and probably from Google
I used Maps.me for quite a while until they recently added ads. Anyone know of an alternative for iOS that's ad-free? (I'm more than happy to make a one-time purchase for an app that promises no ads now or ever.)
No, you can compile it yourself using free apple developer account. However there is a device count limits on free accounts - 3 devices can be "linked" to the account. You have to pay if you want to remove old device.
You can compile and install unlimited number of apps to your device. But you won't be able to send them over air (Ad-Hoc) nor send to Apple AppStore. You'll need to locally install compiled app using Xcode (Xcode supports installing and debugging over Wi-Fi, but first time usb connection needed)
Some additional info:
- Xcode can be downloaded directly without using Mac App Store. But there's no "Downloads" section for free developer accounts. Search for "Xcode direct link" and there would be stack overflow answer listing all actual versions
- You'll need to setup Apple ID to enable developer account. Existing Apple ID can be used as developer too.
- There may be a lot of errors indicating provision/bundle id mismatch. You need to use "Automatic Provisioning" from Xcode
- iOS Simulators won't count as attached devices
Arguments & discussions about google tracking you and how some products are crippled if you disable it (looking at you Maps!!) aside, they at least recently introduced a way for you to delete all the information here:
The only real solution is to fill your history and your Gmail purchases with fake emails and fake clicks and fake purchases. If you add so much random data then there's no way Google can pick up anything useful.
I think the other tactic to defeat Google is to click on EVERY SINGLE AD you see. It will destroy their ad tracking capabilities and it will also destroy their business since they won't be able to tell what is a good click and what isn't. I've started doing this and I don't think there's anything else that can get them to stop actively violating our privacy.
Let me pay for my Gmail account. Let me pay for good support instead of automated decisions and getting kicked off the platform with no recourse. Otherwise I will render myself useless to your algorithms by changing my behavior so that algorithms won't be able to make sense of it.
I pay for my Gmail account, but there is still no way for me to disable this harvesting as far as I can tell.
As for the ad tracking bit, there is an extension called AdNauseam that google has repeatedly banned on the chrome store, but it essentially does what you said - register a click on most ads while simultaneously blocking the ads from rendering.
Isn't there a 'not google' solution?
Real question.
Also I'm thinking/wanting the same for my phone.
(hardware and service). Is there a method for public owned cell phone service (not expecting it to exist, but as a feasibility question - regardless of current obstacles)?
Yes. There have been a few "linux phone" projects, including the ubuntu phone. I too want an open phone onto which I can install a variety of operating systems and would pay serious money for such a device. Sadly, no such product exists atm.
If anyone is listening: I could not care less about instagram or reddit's app. Forget the app store ecosystem junk. Just give me a phone that can make calls and runs a basic web browser. I'd like an alarm clock, and a map/navigation service might be nice, but those aren't deal breakers.
> The only real solution is to fill your history and your Gmail purchases with fake emails and fake clicks and fake purchases.
The only real solution is to delete your Google account(s), avoid using Google services entirely, and firewall off any access from your machines to Google servers.
It depends on what you mean by "escape Google". You can certainly stop your machines from talking to Google servers, and you can certainly not use Google services. You can even use Android without Google hearing a peep from your device. That all takes work, though.
You can't do much about Google's real-world spying, though, such as their use of credit/debit card usage and so forth.
Why do you guys care so much that google is tracking your purchases? They will just that use your own habits to give you more personalized ads or recommendations which is better than random ads not related to your own habits. How does it hurt you as a consumer?
> They will just that use your own habits to give you more personalized ads or recommendations
That's one reason I care so much right there. I 100% don't want "personalized" ads. But I don't for a minute believe that's the only thing they do with that data.
More generally, it's simply none of their business unless I choose to share it with them, and it makes me very angry that they don't have a basic level of human respect about that. (To be clear, I don't single Google out on this -- I have this objection to the entire internet advertising industry.)
I don't need to show any kind of imminent harm in order to object to that. I'd also object to someone coming into my house and photographing everything in it without my permission, even if they never did anything with the photographs.
but why. Everyone just says they don't want personalized ads but why? Also its not the same thing as someone coming into your house and photographing everything at all, false equivalence.
I don't like personalized ads for three main reasons.
First, because personal ads are a strong indicator that my web usage is being tracked.
Second, because nonpersonalized ads provide information to me about the site they're appearing on -- they can act as a sort of quickie indicator about what sort of audience the site is intended for. Peronalized ads eliminate this.
Third, because what little usefulness ads supply to me comes from serendipity. Personalized ads eliminate this, too.
In exchange for removing what value ads may have brought me, personalized ads give me exactly nothing in return.
> its not the same thing as someone coming into your house and photographing everything at all, false equivalence.
I think the comparison is apt when it comes to claims that spying on people is OK as long as the spies aren't directly harming you. In both cases, someone is recording your personal data, in both cases, they aren't harming you with it, and in both cases it is extremely objectionable regardless.
This is great. Now I can see in a single place how YouTube mixes other people's history with mine. It seems I watched "Funny Dinosaurs in Poop Fight", "Poop Cartoon 04: Fried Sh*t" and "Pirate Pete's Potty: Potty Training Video for Toddlers" yesterday. Fun.
(I've been getting some other kid's watched videos in my history, and Google doesn't care about this kind of history mixing, my reports got me nowhere).
Replying in bulk: yes, I am sure it isn't from my device, and yes, I jumped through all the hoops, including changing passwords, logging out all devices, clearing histories, etc etc.
It is not my device. I am getting somebody else's history.
I also reported it to Google, providing additional details, late last year I think. No change. And I have done everything I could, short of deleting the Google account. So all I can do now is tell others.
The amusing thing is how whenever I mention it on HN, it gets immediately downvoted. There sure are some hard Google fans here.
My machines are: a Mac, an iPhone and an iPad, all running latest OS versions.
I find this bizarre: by now I expect the next suggestions to be that I'm sleepwalking and watching these myself, rather than a more probable explanation that Google isn't doing something right (gasp!).
Personally, I think it's more likely that there is an issue on your end rather than a multi billion dollar company mistakenly thinking you have a secret love of poop videos. No way for me to confirm either way though
(I didn't downvote BTW, happens to me all the time. People abuse it as a disagree button like on reddit, but it's even more toxic on this site as its only available to a subset of users)
Normally it is impossible. Normal logs have the user name and IP address removed, they even do stuff to truncate URLs in case a website is hiding usernames or passwords in the URL. If to perform your job it is needed to access a user's data (I'm not actually sure what that job would for consumers), that goes through a separate system which where every access is logged and audited.
Yes, it's owned by Facebook. I went back to check, and noticed I visited these profiles through Chrome and not the app. That's how they ended up here, I was confused there for a second.
It's obviously always listening since it has to respond to the trigger word. I assume that it's got a little buffer, and when it detects the trigger word it uploads the spoken text plus a little buffer of time before the trigger word was spoken.
I believe the device is always listening for the keyword (all done locally), and likely has a buffer of the last few seconds within the device at all times. Then when the keyword is triggered, it starts to capture and relay the request to Google.
search history is useful. google should provide me "query suggestion" based on my social circle.
without collecting user data, google,/FB etc can't exist, they can't improve their services. As a user, I don't care much on the data they collect, as long as they follow law system in the country they operate. if these huge companies went beyond the control of the governments, then only the real problem starts.
This looks like fb comment page than a hacker news one.
So I just downloaded all of my search activity into nice JSON files, and now I am going to apply a bit of data science and magic stuff using Python and Node.JS and I will have a nice profile of myself for the past 11 years:
1) What kind of questions did I ask google? (beginning with how, when, where etc) - how do these questions connect to my personal and career development?
2) Apply some sentiment analysis using sentiment.js on the search terms and find out if the particular search term was positive, negative or neutral (this will give me a nice overview of my mood for each day I searched for the last one decade)
3) do some filtering and data massaging to pick out the exceptions (ok just a cursory look at the file helped me discovered a forgotten website project I did 10 years ago as part of college summer project - a work I am extremely proud of during that time and even now.) - which days, months, the year I searched the most (or what events triggered the searches - a breakup, a job search or a side project)
4) discover interesting patterns of my search profile (what I searched most during college time, after college when searching for a job, before marriage, after marriage etc.)
5) make a video on the lines of https://www.youtube.com/watch?v=nnsSUqgkDwU
so many fcking brilliant things I can do with my data. But what? Google has a copy of the same too? baby cry* What am gonna do? In a larger scheme of things, my data profile is just too insignificant.
To quote from the front page of Hacker News post, "The second volume of “My Struggle”, Karl Ove Knausgaard’s enormous, maddening, brilliant autobiographical novels, contains some depressing life advice. “If I have learned one thing,” he sighs, “it is the following: don’t believe you are anybody. Don’t bloody believe you are somebody…Do not believe that you’re anything special. Do not believe that you’re worth anything, because you aren’t.”
Not worried if Google tracks a skipped song history or an irrelevant app install on the gazillionth device I own. More worried about google's anticompetitive behaviour (blocking youtube on edge chromium and more recently making jobs of ad blockers even difficult) and even more larger questions such as what if Google starts to non exists tomorrow? Life after Google?
You're right when you say that you are insignificant, but on the other hand no one really cares that Google has your data.
A lot of people care that they have the data of billions of people, because this gives Google immense power. And certainly not everyone in that data pile is insignificant.
So insightful to call people babies and compare comments to facebook comments to make yourself feel superior. Great content filled putdown.
so many fcking brilliant things I can do with my data. But what?
All things you could have done, if you had configured your browser to save your searches on your terms.
Not worried if Google tracks a skipped song history or an irrelevant app install on the gazillionth device I own.
Nobody is worried about this strawman.
Google has a copy of the same too? baby cry What am gonna do?*
Extrapolate this bit "google's anticompetitive behaviour" in your mind to the point where it affects you personally, then realise that it affects other people who aren't you, then legislate them hard before that happens.
So insightful to call people babies and compare comments to Facebook comments to make yourself feel superior. Great content filled putdown.
Not that I wanted to sound superior and compared comments to baby cry, just wanted to say that people are making a big fuss about something that is completely trivial.
All things you could have done, if you had configured your browser to save your searches on your terms.
No, I couldn't have done that until I discovered this post on hn today, even getting an idea to do that thing would have been chance encounter. Even if I was interested, seriously, are you suggesting I would have implemented a custom solution for all of the devices I ever used (since a decade) not to count different environments and oses they would operate on? My argument was in the spirit of converting a curse into a boon. Making good out of something supposedly bad.
Nobody is worried about this strawman.
If you really go through the arguments against this activity tracking, you would find even more such examples. It's not strawman, it's what actually bothering the people a lot (if you can go through rest of the comments)
Extrapolate this bit "google's anticompetitive behaviour" in your mind to the point where it affects you personally, then realise that it affects other people who aren't you, then legislate them hard before that happens.
Completely I do understand everybody's unique situation, my approach could have been malformed but the intention is not. Just trying to show people something positive out of negative.
> just wanted to say that people are making a big fuss about something that is completely trivial.
Completely trivial to you. I say that's fair and I respect your stance. It's also fair that there are people for whom this is not trivial at all. You should be able to respect their stance.
If you are leaving your account logged in on a computer you are sharing that's kinda expected I'd say? The person could also just read all your emails, reset all your passwords or look at all your pictures.
> It is your responsibility to understand the terms and conditions
Terms and conditions are written to be very opaque and to obscure what you're "agreeing" to. What you're saying is that you need to effectively be an attorney in order to be able to have informed consent.
> You did legally consent.
I didn't say otherwise. I was talking about actual consent, not legal consent.
> Or read commentary about it. Which exists in abundance.
Commentary about terms and conditions doesn't really help for a whole bunch of reasons.
What I mean by "actual consent" is that I've been fully informed what the deal is and I've actively said "yes".
Legal consent is a lower bar than that. For example, if a service lays out the deal in a document that can't be clearly understood by a normal person and/or that is ambiguous (meaning that a normal person can reasonably understand it to mean something that it does not mean), agreeing to it is legal consent, but not real consent -- real consent requires that each party fully know what they're consenting to.
You can argue that, but as I said, that would require everyone to be a lawyer in order to properly analyze and understand those agreements. I think that's an unreasonable expectation.
What I wish were different is three things:
1) That I am clearly and correctly informed what would happen to my data if I agree (and that those terms will not change without me being clearly and correctly informed of the change before it happens and my consent being obtained again).
2) That I have to explicitly consent rather than having consent "implied" by, for instance, just beginning to use a service. And if the data is going to be used or handled by an entity other than the one I'm directly dealing with, that entity also has to get my explicit consent.
3) That no data is collected about me in the absence of my overt consent.
To be honest, it's #3 that angers me the most. My data is constantly being collected without my consent merely by doing things like going to a web site, or playing a game, or that companies like Facebook and Google get data about me when I buy something in a physical store using a credit/debit card.
I actually think that might be a good idea. I feel like a lot of people's privacy concerns would would be muted if browsers defaulted to private browsing.
Increasingly as I see things used to extract money from people, rather than build a better world, I wonder why not?
If a program defaults to writing in a hidden folder, probably what it's writing is not for my benefit.
If it's for my benefit, and I approve of it, it can go in /home/name/clear-folder or c:\users\name\documents\folder in an open and documented format with an open API.
If it's going in /home/name/.hidden/cache/dont-look or c:\users\name\appdata\company\{GUID} in an undocumented opaque blob without my knowledge, approval or explicit consent, it's much harder to argue that it's "for my benefit" and expect that I'd agree with that claim.
Turn everything opt-in and your computer reverts to being a disconnected 1990s less-useful computer.
Turn everything opt-out and your computer is increasingly tempting to be someone else's tool, a wringer for your life, a cash-extracting manipulation and abuse tool that does things you don't know about and didn't agree too, for other people's benefit. And we're not talking a defensible social good benefit like herd immunity to vaccines, either.
The real shock in these comments is not that "HN is amazed Google gathers this" or "HN is blazé about Google gathering this", it's "HN hasn't been able to log their own plain text search queries locally onto a NAS if they want to"
It's honestly hilarious and sad to see so many commenters here defending and excusing Google because the services they provide are "free." Somehow Hacker News thinks this argument isn't applicable to Facebook. The truth of the matter is that both companies are committing huge privacy violations, but Google has managed to convince Hacker News and the US media (NYT in particular) that they aren't evil still. Good riddance to all of these companies.
You should probably refrain from using blanket statements like "Hacker News thinks that or does this".
I've see comments on HN by users from incredibly diverse fields, expertise, ages, countries, etc.
If you think a specific comment in this thread reflects your blanket statement then address it directly, but overall it makes me dismiss anything you've written.
I see this argument a lot of Hacker News and Reddit. While it's true that both websites are comprised of a large and diverse body of individuals who share differing opinions and various subjects, that doesn't mean you can't discern real trends and biases within them. I think it's quite clear from reading any of the past month's discussions on Facebook:
Yeah this is exactly it. And like I stated in sibling comment. People like me who don’t attack FB don’t defend it either. We are more interested in what we perceive as over the top hatred of FB that doesn’t make sense. Like you said, other companies get passes, but FB doesn’t.
There was a recent thread with more than one person comparing cigarettes with FB. Possibly even FB being worse than cigarettes. Something that has killed millions of people. But even in that no one defended FB. They just said FB isn’t as bad as people are making it seem.
That isn’t true. Straight Facebook defense is pretty rare on HN. Most non-FB attacks are people like me amused that people are so upset over FB. That’s not really a defense of FB. More a statement on HN culture. But by and large there is little FB defense on HN. Rare enough to not matter much. Definitely not plenty of people. Look at any front page FB story comments.
Like the OP responded, even if 100% of people aren’t the same, you can discern clear trends, behaviors, and feelings of the general commenting populace. Like we can for HN being abnormally anti-FB.
Yeah, Google knows everything about me. C'est la vie. At least it's useful. What exactly is the threat model that everyone is operating under which prompts all the comments here?