> knows they will never voluntarily provide a complete opt-out to data tracking
In the sense that they lack the will or in the sense that it's a technical impossibility? I think there's a lot of detail in the definition of the term "complete opt-out to data tracking" that needs clarification to evaluate a statement like that.
(For one thing, your Waymo joke is kinda serious. ;) )
This article says that holding your location history is creepy but holding your search history is harmless and you should let them do it.
I find the opposite is true. I have no use for my search history, but I like to see my timeline to help me remember. I have a bad memory. Looking up past events, trips I took, places I've been and the context of my old photos is important to me.
So my question is, why does CNET want me to delete my timeline but not my search and app usage history? My location data is of no use to them, (but it is of use to me,) so location data is "creepy" but my search history is very important to keep? Huh? Why exactly? Why do I need to remember that 2 months ago I searched for "python ppa ubuntu"? Useless. Delete it please.
PSA: Before you delete your location history, please consider downloading it for personal use later, via Google Takeout. Several tools (that you host) may make that data useful/interesting to you (especially for trips/vacations/events).
There are a couple tools that will extrapolate your location from a bunch of location sources and apply it, to, for example, images and videos that don't have direct GPS metadata. The only tool I've used is https://exiftool.org/geotag.html
(I'm a huge fan of ExifTool: I wrote both the ruby and node wrappers for it!)
FWIW I will be adding this location extrapolation to PhotoStructure at some point soon, as all my dSLR images don't have GPS tags.
"Whether you have an iPhone ( $699 at Apple ) or Android phone, Google Maps logs everywhere you go, the route you take to get there, when you arrive and what time you leave -- even if you never open the app."
Where iPhone link actually is an affilate link to Apple Store which (I assume) pays money to CNet for advertising it.
Am I the only one that considers this a bit suspect? Especially in an article that's talking about Apple's competitor?
you are 100% correct. one day i found my 5 months old comments on youtube, which i deleted. i expect someone had restored a backup due to some kind of failure. so yeah, 100% breach of GDPR right there. but an individual, that is the product here, cannot do shit about it, that's just a illusion. only government have the power to actually fix this mess.
I’m curious about how they make use of their knowledge of multiple accounts. In Chrome and the Gmail app they definitely understand that these x accounts belong to the same person, and I imagine there’s some kind of Uber-profile on me.
I keep waiting for the day I’m filling out one of their captchas and after a couple failed attempts it’ll say, “c’mon, (my actual name), you know what a traffic light looks like”.
> I’m curious about how they make use of their knowledge of multiple accounts. In Chrome and the Gmail app they definitely understand that these x accounts belong to the same person, and I imagine there’s some kind of Uber-profile on me.
At the beginning they actively discouraged these, but in the end they gave up and make multiple personal profiles supported. Of course the have our uber-profile, after all, I situations where multiple Gmail accounts in one phone are shared by different people must be extremely rare. So I guess they embraced it and try to learn more about the user by analyzing how these different accounts are used.
Whether or not they use it for aggregate tracking, it's necessary for fraud detection. Creating a thousand ghost accounts to multiply the force of an attack via (or upon) Google services is "black hat 101."
That would open them up to costly litigation, especially under GDPR. Not saying "companies never break the law", just that doing it this explicitly is a much higher risk profile to them. That, in turn, makes it less likely they'll do it.
What you say is reasonable. However, in order to prove that, someone would have to analyze the code. SV companies are not exactly the best examples of complying with the law; one of the biggest of them had programmers actively adding code that was designed to confuse municipal officials trying to regulate it, and I'm not sure today's Google is very different. (I want to believe it is.)
I never understood this "they sell our data" argument against Google. They track us all, they profile us in all imaginable ways, but they are guarding these data jealously as it's their most important asset. Selling access to our data is an inaccurate description, they sell profiled ads in a way that you as the buyer never contact the end user directly, Google is always the middleperson.
It's pretty easy to go to the main privacy settings and turn off all tracking and also 'delete' whatever info they've accumulated. I tend to do that every month or to, as Google's dark patterns on my phone or some other site almost always turn them back on, especially location.
Regardless, it seems like a pointless exercise. Besides the easier to find 'privacy' settings that Google makes available, you can actually request to download ALL the data Google has on you. Last time I tried, I filled out the form and the reply is that Google will need almost a week of time to gather the data, upon which they sent me a link to download a massive (several GB) log file.
So let me get this straight. I supposedly deleted ALL my data in the privacy settings. Just five minutes later I can then download the GB of data they still have on me?
I'm guessing the easier to find privacy settings don't do much at all except delete some advertiser ID that is used a primary key in their main caches, used with cookies and on Android.
On the other hand, using more complex analytics, they could easily put together a profile of every single bit of data they've got on my for the last 10 years.
assuming no smartphone in this scenario, every time you visit any o their services you are being tracked via ip and headers you sent(referrer for example). this way they can build a profile, even if they do not have your personal details. you think you are "safe" if you do not use their services but 99% of websites use their google analytics, cdn or social widgets/sharing buttons... which allows them to track you. so the only way to avoid this breach of privacy is to keep your hosts file updated and never let your browser access any of their websites. i would also be concerned with their dns over http now.
facebook is the same but due to its nature it does it only via its social sharing widgets that people put on their websites and the embedded comments and things like that.
google's cdn is the most dangerous of these things.