They constantly berate you to deactivate no tracking preferences on google maps. When you're aware of this fact you start seeing it everywhere, not just on google. For example, on Pinterest they will berate you to sign up using highlighted buttons on land, and the x button is out of the way on the top right corner.
This end result is due to product managers/devs looking at conversion rates and optimizing for whatever their metric of success is, which in this case is creating accounts and users being more "engaged" with the platform. 3 or 4 rounds of A/B testing and you get the most efficient (read: manipulative) method of getting users "engaged". There may be no intention of manipulation but using empirical evidence to achieve your metric of success will tend to make your product manipulative.
Same goes for trying to turn on Voice Match (and the voice activated OK, Google), a feature that's supposed to take a snapshot of your voice and activate the assistant, like "Hey, Siri!". They will force you to activate: 1. web/activity history, 2. saving all your voice requests to the Google and they push you to activate Location History.
While Voice Match learning the sound of your voice sounds like a completely local task, they will force you to keep a history of all your voice commands, searches and activity. Voice activation and match won't even work without that on. Even tho the assistant works just fine if you leave those off.
Not to mention all the rest of these that happen, they even push for these during your first phone activation.
I got my first Android phone this year after taking a very long break from Google phones in 2014, due to getting fed up with how much of a mess Android still was around version 5 and Google's unwillingness to fix the issues so I ended up switching to iOS for years. Now I decided to switch my second phone to an Android purely out of curiosity to see what's been happening to the platform and all these creepy-ass prompts in version 9 don't instil much confidence.
Voice rec was local until about ten years ago. You could even buy software dictation products that installed from CDROM and didn't need a network connection.
I shouldn't need a network connection to do anything voice on my own device. It should only reach out to the network for things it doesn't have local knowledge of.
Can confirm. Microsoft Speech API of ~2007 with little training worked very well for me, even across the room on a crappy microphone I hand-soldered to a 2m cable. If that worked fully off-line without a big performance penalty on mid-end 2007 hardware, it surely can work now.
On my iPhone, the voice keyboard works pretty well in airplane mode. Not quite as well as when it has signal, but the difference is small… with the sole exception that it recognises everything as if it is English in Airplane mode, and only uses the language of the keyboard (if different) when I have signal.
there might be implementations that don't do this for instance Siri or Bixby but that doesn't mean Googles approach is wrong.
It can be unacceptable for your privacy and security threat model but for most it makes 0 difference wether the training continuously happens in the cloud or locally on the NPU inside your phone.
Saving all the clips as much as people love to fear monger it is literally the strategy that objectively leads to the highest quality implementation on the market. Googles Assistant by far understands language most naturally and we owe that to all the free vocal training data google diligently uses.
When I have the time (or have failed ten bloody CAPTCHA's in a row), I sometimes shoot out emails to whatever website or service I am trying to use, to advocate for the removal of reCAPTCHA. Unfortunately, as long as only a few people are complaining though, a lot of websites will continue to paste in Google code blocks willy-nilly.
I came to the same conclusion 2 weeks ago. Nowadays, I have to solve the captcha 15-20 times before it lets me in. So I have started purposefully making wrong answers-road instead of car, sky instead of cross walks etc. If self driving cars end up crashing, I may have contributed to it.
Similar thing happened with YouTube too. They would always show me the same ad over and over. Even if I skip, I would get that ad multiple times in the same video. It was a political ad and it starts with one guy saying how he can't get treatment because of some medicare changes. I got so annoyed I wanted to punch the guy talking in the ad whenever I hear him.
Aren't you doing anything weird with your cookies? For me recaptcha is almost always solvable from the first try. Regarding Youtube, usually reloading the page 2-3 times allows me to skip ads, but this trick doesn't work with all videos.
Recaptcha use many kind of informations, among those is your IP address. If you are browsing through a VPN for example it may see that you are not browsing from a home IP but from a datacenter. In that case I think it assumes that you're a bot and makes it much harder to pass.
I have my Firefox set to clear cookies on exit, with NoScript and PrivacyBadger addons. Also has ad/tracking blocking at router. Not sure if any of these can trigger the above behavior. One thing to point out is I was using the same setup in a different region before and never experienced this. Only started getting it after I moved to my current location and got a new ISP. I was never using VPN when I get this captcha issue.
Regarding YouTube, forgot to mention. I was getting that ad problem with Chromecast. I cast a lot of videos with the YouTube Android app. Whenever I get that ad, I would click on the skip ad button in app (which itself takes 2-3 tries sometimes). Then 2 or 3 minutes later, it would show the same ad. After I moved to my current location, I haven't experienced this behavior yet.
I'm not doing anything weird with my cookies, I'm just refusing most of them, and preventing webpages from accessing the rest (unless I'm on the page that made those cookies), as well as hiding some of the personally identifying information my browser sends out.
Really it should be the default, and in fact most webpages have no issue respecting those settings, google's recaptcha is about the only thing that actively refuses to cooperate.
> No, we just need to stop buying from companies whose business model is anything other than you give them money and they give you stuff.
So, stop using the internet, then?
Uncoordinated collective economic action like you call for doesn't really work, especially when it's against the shareholder-value maximizing interest of a corporation.
I have an iPhone over an Android because Apple’s business model meets that criteria and nothing about the Android ecosystem does.
I have Roku TVs but they are set to automatically go to the HDMI input with my AppleTV. So I don’t have to use a remote that has hard coded buttons that go to the highest bidder and where half the home screen is an advertiser.
I buy business Windows PCs or laptops from the Microsoft store because they don’t look like a NASCAR car with all of the stickers and trialware.
I pay for ad free streaming services.
It’s not the “internet” that’s the problem. Websites have limited tracking ability if you use an adblocker. It’s your devices vendor that you have to worry about.
A/B testing is the way Satan interacts with this world. Optimizing for business metrics eventually leads to dark patterns, and also provides a convenient excuse ("data says so!").
Like when online publishers like Ars and TechCrunch A/B test headlines and pictures and I end up with a photo of singer Taylor Swift accompanying an article about Apple's iOS programming language Swift.
This end result is due to product managers/devs looking at conversion rates and optimizing for whatever their metric of success is
Just wait until the product managers and devs are taken out of the loop and A/B testing becomes automated A/B...X/Y/Z testing through AI. Web interfaces will start to look like those crazy AI-generated YouTube videos. Anything to feed the shareholders.
My big question is whether that sort of deranged AI-output look will work when it arrives. It does for Youtube videos, but they're both aimed at children and searching for maximum intensity (via both character recognition and zaniness) to hold attention.
As is, I strongly suspect we're already over-testing on frontends.
First, because frequent change has a cost in user retention, and so does instability. I get A/B tested enough that I notice it happening, or notice that instructions I give for a program don't reflect what other people on the same device are seeing. And since I use multiple Gmail accounts, I've also had the experience of different accounts falling into different branches of a significant UI test - it was a horrible and aggravating experience.
Second, because isolated tests are a terrible way of judging aggregate effects. They're not necessarily run with an eye on "irrelevant" stats, and they're almost never run against a clean, single-design baseline. (Also, they're frequently run with grotesque statistical errors like stopping tests at significance...) The risk, then, is ending up with a hodge-podge of features that produced 3% improvement on some metric but did nothing for overall value. Newsletter signups designed to improve subscriptions, which destroyed retention. Buttons locked into arms races where they improve clickthrough by cannibalizing one another's traffic. Evolved-in-isolation pages that get good responses but decrease brand recognition, and so on.
None of that means aimless AI testing won't happen; the combination of buzzword appeal and hands-off profit is probably too good to pass up. But I expect it won't be as valuable as people expect because it feeds into all the mistakes we're making already.
80% of the time, for all online services, users get the choice to opt-out from the tracking, but trackers are on by default and users are encouraged to keep them on. This is what I call the fundamental principle of privacy settings: all privacy settings are based on the assumption that the vast majority of users will not understand, care, or make an effort to toggle all the knobs to opt-out from the tracking.
This is how online services meeting the regulatory requirements and creating a positive image of being privacy-respecting, "we are giving people a choice over their data", meanwhile still allowing the unhampered collection of personal data in practice.
Or the principle can be worded as, "If everyone opt-out from the tracking in their privacy settings, our business is finished". You can opt-out, but their business model remains the same, and you are simply an outlier.
As I see it, the most interesting case study is Do-No-Track. When DNT has just became a standard, the response was mostly positive. Then something dramatic happened, Microsoft enabled DNT in IE 10 by default! Then amusingly, it triggered a total backlash from the industry. If you see the principle, it's easy to explain that.
But Microsoft surely understand this point. Then why did it decide to do this? I highly suspect Microsoft's decision was a conspiracy to intentionally kill DNT, even if most people won't active it anyway, but they may believe that having a simple and universal privacy toggle is still being a potential threat to the business of the industry, so they decided to sabotage it by making it default-on, thus nobody will treat it seriously, and Microsoft can use the "we care about your privacy" as an excuse.
One can't fix the privacy issues with a privacy setting. One needs to have an alternative business model in the age of Surveillance Capitalism.
> 80% of the time, for all online services, users get the choice to opt-out from the tracking
That's purely theoretical. My browser is sending to not track headers, I've uBlock turned on, I nearly always reject tracking, yet I periodically delete thousands of cookies.
(In case there are bored Safari extension developers who read this and feel the same: an extension that allows to whitelist cookies and rejects everything else would be nice.)
Try the (very unhelpfully named) Cookie app. It’s a little sketchy looking and the website is poorly designed but seems to work for me. Get the non-app store one.
(No affiliation, I’m also evaluating it as we speak)
I ran into that one last year when I tried to locate an extension, and didn't rule out buying it, but I ruled out using it because it didn't seem open source. I get that devs need to get rewarded for their time and so forth. But in this day and age where popular extensions get purchased and repurposed as spyware, I'm not keen on installing anything closed source that messes around with my browser. And it's a red flag, for me, that an extension developer doing something that revolves around privacy isn't like minded. (Plus, as you said yourself, it looks sketchy for some reason.)
I do understand this mindset (and I'm running a privacy-oriented open source app: https://getaether.net, so speaking from personal experience), however, not everything can be open source, and not everything can be free. There is a place for proprietary software, and the more we deny that, the more creators of those open source software join Googles and Facebooks of the world and make them even more invincible.
The blanket 'not open source, so I won't use it' general sentiment (not implying you have this) I see on HN nowadays doesn't hurt Google, it hurts small software makers that don't have the luxury and money to make things 'free*' with five asterisks like FAANG, like you and me, and actually strengthens the larger companies.
The trust issue is a legit one, though. I have the same concerns on that one. However, if I could fully trust it, I would have no problem with it being not open source.
It's not for Safari, but Firefox has container tabs, where this data is isolated per-container.
With the Temporary Containers extension, basically everyone gets their own container by default, and all that gets deleted 15 minutes after the container's last tab is closed.
> 3 or 4 rounds of A/B testing and you get the most efficient (read: manipulative) method of getting users "engaged"
Now replace “engaged” with “to buy stuff” and that’s essentially online advertising. You’re being tricked by gurus of the mind to send your money to someone else. How this is legal represents a gap between traditional laws and modern times.
The sad truth for us software engineers is, a lot of the most exciting work is at least tangentially related to refining this trickery: big data, machine learning, etc. For example, implementing GDPR where I work has been a bizarre experience from a human standpoint. On the one hand, we all surely feel privately it’s a good thing for people, but we talk about it to each other as if it’s a burden and a setback for our business (which it is).
> You’re being tricked by gurus of the mind to send your money to someone else. How this is legal represents a gap between traditional laws and modern times.
Eh, this has existed for decades at a macro level in over-the-air television and radio. 'If you're not paying for the product, you are the product' is a quote that has been floating around since at least the 1970s. Methods and techniques now have the ability to target you individually but the overall premise is nothing new.
> The sad truth for us software engineers is, a lot of the most exciting work is at least tangentially related to refining this trickery: big data, machine learning, etc.
Well, I'm in Aerospace and there are plenty of interesting problems to solve here that have nothing to do with "trickery"; it's just that 100 year old companies aren't "sexy" to young kids, often don't "move fast and break stuff" and frankly don't throw obscene amounts of money to bait them.
I'm a relatively fresh grad working in development for a university. It's slow. It's stable. It's not very sexy. I could probably double my salary elsewhere. But, my conscience is pretty clean for this very reason. I build tools to make university operations more efficient, not to squeeze every last drop of data from our users or manipulate them into buying a product.
There are definitely problems to be addressed in higher ed and how universities are run, but it's nowhere near Silicon Valley's lack of ethics.
In NZ I find universities are an awful mixture of academic uselessness, and corporate greed (their incentives are mostly according to number of students moving through, not benefit to the students or society).
I have seen they can be fun places to work though, depending on the politics of the department.
> Eh, this has existed for decades at a macro level in over-the-air television and radio.
Advertising predates the internet, of course. What does not is the ability to personalize advertising to the individual using computer intelligence trained on volumes of data about people’s lives, recorded in microscopic detail. I don’t think the level of manipulation and personalization pre-internet is comparable to what advertising firms such as Google and Facebook are capable of now.
Another one is body sensors. I disabled body sensor permission for play services. Whenever I am using Google Maps, it would complain about the permission every few minutes. Thankfully, found later an option to disable that nagging in maps setting. Maps still worked fine.
It reminds me of Android 5 where every time you enable GPS, Google shows a popup asking you to share your location with them (very annoying). And besides, there is a checkbox "Don't ask me again", but if you tick it, the "Decline" button gets disabled to ensure that you don't make the wrong choice.
I've actively been avoiding Pinterest and Quora because I know they'll pester me about signing up an hide their content behind a soft wall. I don't share links to these sites with anyone anymore.
These are the basic forces of commerce. Or any interaction. Amazon, target, even my loca coffee shops are not aligned with what’s best for me. They’re aligned with what’s best for them, with an eye towards maximizing overlap.
But where they want the customer to do something the customer wouldn’t, that happens everywhere. It’s not limited to tech.
* switch default search engine to DuckDuckGo (can still use !s bang when one wants to see what Google has)
* use tracking blocker (uBlock origin, BlockBear on iOS)
* use anonymous/private/porn mode browsing most of the time (except for sites I actually want to be logged in permanently)
* use Zoho as a replacement for shared Google docs
* use Youtube either in private window, and/or download content with youtube-dl
* use Apple Maps or OpenStreetMaps instead of Google maps, though still revert to Google maps sometimes. It's good. (But never log in, and don't use the apps).
* long ago switched to different email for main email, and forwarded gmail account to it (nobody uses it anymore). (In fact, I use a catch-all domain now (very easy to set up), and a fresh email for basically every account. Quite handy.)
* for contacts, photos, etc. I use Apple's built-in stuff. I do trust Apple a bit more (and it's a different business model; quite evidently unfortunately when you look at recent iPhone prices.)
All in all, I think a fairly degooglified life is eminently possible.
The following command can be handy for one-off sessions. It won't interfere with your already-running instance of Firefox and uses a random profile in /tmp (which you can still monkey with if needed).
If you use Chrome, none of the steps you listed matter as far as protecting yourself from Google. I used to use Chrome until it really struck home with me what the incentives are for the world's biggest web advertising company to own the world's most popular web browser in a world where over-the-wire auto-updates are commonplace.
Opposite for me. I use Chromium on Desktop and Firefox on mobile. Firefox Focus for everyday's browsing, and Firefox Mobile for long term sessions (I have 200 opened tabs of hacker new on Firefox Mobile, it's ridiculous)
Plus, Adblock extensions on Firefox Mobile work great.
try Firefox Quantum in the phone. it's super slick and I've really been digging it.
the workflow is the for everyone but because it supports 1pass filling the constant clear doesn't feel that bad
Either Firefox is awful on windows or Chrome has something really great that I've totally missed.
Chrome on Linux is just all kinds of unpleasant, it's not even possible to use it at all with my current distro. I don't understand how everyone seems to like it so much.
When I first started using Linux day-to-day, Firefox, at least for me, was an absolute nightmare and didn't run well. I've switched to Vivaldi (Chromium-based, very power-user / I-never-want-to-move-my-hand-to-the-other-input-device friendly) for the moment, but I might just switch to Firefox again, I hadn't heard about the Multi-Account-Container feature, and that might just push me over the edge.
I've switched to FF and am mostly happy but for some reason it's terrible for videos. I'll get long hangups that never happen if I watch the same video on chrome
You can set up a filter to match all emails and have them forwarded to another address. There may even be a specific forwarding setting somewhere in Gmail.
Their “April Fools” jokes made me realize the devs think my phone was just a toy and not a tool. Not that they owe me anything. Made me switch immediately to iOS.
That's nice but a huge chunk of android has been moved into google's closed source "play services." It's pretty much impossible for the average person to have a functioning phone without that, they don't even maintain the open source mail client any more.
I've used it for a year without Google play services.
The basic OS utilites (camera, SMS, file manager, "phone" app, etc) are part of the Lineage base and don't need play services. You can also install f-droid which has a good variety of open source apps, including mail clients.
I even installed Whatsapp (downloaded the apk from whatsapp's website), which doesn't require play services.
Now, I don't think LineageOS is for the "average person", its for people who care about their privacy and like having control of their device, but you don't need to be some sort of long-bearded hacker to be able to use it.
This just switches being tracked by Google to being tracked by Facebook. They now have names, times, numbers, etc of people you talk to/interact with, as well as your rough location via IP, access point, or cell tower (which are shared with people who have location services enabled).
That's fine. The point the parent is making is that you can use whatsapp without google play services if you want to. This is not a given for a lot of other apps.
> * use tracking blocker (uBlock origin, BlockBear on iOS)
You could also use Firefox Focus in iOS. It comes with a built-in ad/content/tracker blocker. Since content blockers are common to all browsers on iOS (everything using Safari/WebKit underneath), it would help other browsers too.
Android users are pushed through a variety of techniques:
Deceptive click flow
Hidden default settings
Misleading and unbalanced information
Repeated nudging
Bundling of services and lack of granular choices*
Deceptive click flow is the click-flow when setting up an Android device pushes users into enabling “Location History” without being aware of it.*
Hidden Default settings is [when] setting up a Google account, the Web & App activity settings are hidden behind extra clicks and enabled by default.
Third one is users not given sufficient information when presented with choices, and are misled about what data is collected and how it is used.
Repeated nudging is users being repeatedly asked to turn on “Location History” when using different Google services even if they decided against this feature when setting up their phone.
And finally, bundling services when for example if the user wants features such as Google Assistant and photos sorted by location, Google turns on invasive location tracking.
I would believe most of us HN crowd are fully aware of the pros and cons of such tracking and make our choices accordingly (using these tools/software/devices). However, for the majority (yes, they may not appear to be interested in privacy as yesterday's FB quarterly report shows), are they aware of how much data is being collected, how it could be misused, etc.? We, as a society, should do our part in pushing back against such indiscriminate tracking. No specific call to action. For my older parents, I have switched them to iPhone 6S and have gradually gotten older family relatives to do the same as well.
I would've liked it if they included photos and videos of these "deceptive" interactions. Instead they have this flashy video which basically is just showcasing the Timeline feature, and pretending it's some secret malicious data collection plan.
Do you doubt that the deceptive interactions they describe exist as described?
Most people do not realise how much data Google et al. collect about them, and are genuinely shocked when it is shown to them (even though, yes, it's an existing feature well known to you and most HN readers).
The video demonstrates both a) how much Google collects (which comes as a surprise to most people), and b) that most people are not aware of it (which apparently comes as a surprise to you).
> pretending it's some secret malicious data collection plan
Of course, there's the maxim that one should never ascribe to malice what can plausibly be blamed on incompetence. But sorry, if you find these repeated dark patterns throughout again and again, in apps that have been carefully designed and optimised by huge teams of people, then it is justified to speak of bad intentions.
I kinda doubt actually. Personal anecdote : I disabled location history about a year ago, and it almost never asked me to enable it afterwards, obviously they dialed it down quite a bit lately. Other claims are also hand wavy. They should include tiimestamped videos with build ids otherwise, it is horse manure.
> Do you doubt that the deceptive interactions they describe exist as described
Not so much that I doubt it, but just a piece of text is pretty subjective. I would like to see and decide for myself if it's deceptive. Not have someone's biased opinion.
> Most people do not realise how much data Google et al. collect about them
Most people also just blindly skip through the setup. There's only so much Google can do to force feed help onto users.
I actually have location sharing on with a significant other, and Google emails me about it every other week to make sure I realize my location is being shared.
> Most people do not realise how much data Google et al. collect about them, and are genuinely shocked when it is shown to them (even though, yes, it's an existing feature well known to you and most HN readers).
I was surprised (even though I should not be) when I saw how conveniently all my Amazon purchases and travel plans (flight reservations, check-in, rentals etc.) were neatly organized when I went to remove all my personal information. I understand the convenience (with Amazon - being able to track the delivery, flights - automatic calendar scheduling etc.) but oh boy does Google like to gather all the data forever.
I particularly dislike seeing buttons like "Make Google Better" that if pressed will turn on search history.
That pushed me to Firefox and "temporary container tabs" add-on. Now I _can't_ be logged in while using search, so I can't accidentally press some deceptive button that will turn on additional collection. When the tab's gone, so are all the cookies. But mail.google.com and the login domains load in a persistent tab so I can still use those.
A search link fixer add-on prevents capture of what I clicked from that search menu, and the resulting page opens in a new temporary tab separate from the one I searched Google on originally. It's a second layer of separation so that I don't have to depend _just_ on ublock/umatrix to prevent what's sent back from resulting tab from correlating.
Still not perfect, but it makes me feel more comfortable. I still don't feel comfortable enough with results from DuckDuckGo to use it by default, but it has been getting a lot closer.
I tried using Google Maps without search history turned on. It's basically a downgraded version. They tied saving locations with the search history, so it won't let you search for friends' contacts, set a home address, etc. Is it on purpose? I don't know, but I find it weird that they would tie some unrelated features together. Why does setting a Home address require search history?
> Is it on purpose? I don't know, but I find it weird that they would tie some unrelated features together. Why does setting a Home address require search history?
I work at Google but not on Maps, opinions are my own.
I don't know if this is why they did it that way, but it wouldn't surprise me if the reason was merely that 99.9% of users opt in to location sharing and the developers didn't feel it useful to spend time supporting the use case for the 0.1%.
You have to also keep in mind that Google is just a company with thousands of individuals who each have their own motives and are given incentives by the company. If a developer is career driven (and many if not most are) they have to work on "high impact" things to get a good performance review. Since Google tries to be very objective, you have to measure your impact with data and sadly 0.1% of users is not really considered impactful. Unfortunately good will earned by customers is hard to measure.
>If a developer is career driven (and many if not most are) they have to work on "high impact" things to get a good performance review. Since Google tries to be very objective, you have to measure your impact with data and sadly 0.1% of users is not really considered impactful. Unfortunately good will earned by customers is hard to measure.
I find this very appropriate to modern times and employment. 'Tis A more modern update to William Gaddis's themes in J.R.
Well, in particular, if a developer "untied" these things (ie made the app more useful without signing in), and then the ratio of users who do sign in drops, then that is presumably a "bad impact" metric for the developer. Why would they do that?
It seems rather obvious that there is little incentive to provide usefulness without tying it as closely as possible to data collection.
>It seems rather obvious that there is little incentive to provide usefulness without tying it as closely as possible to data collection.
That seems about right. Other than services that you actually pay hard cash for (like gce), all other metrics will eventually trace back to some kind of ad/data related metric.
Your opinion is incorrect - it was possible to save home, work etc without agreeing to "Search & Web History" until a few months ago. Google had to add new flows on the save buttons to get this opt in from users. Anyway, there is no logical reason to need Search & Web History to store a couple of map labels.
The real impact the team was looking for was building better advertising profiles on users.
Additionally hypocritical since turning location history back on will restore your home address — Google's been keeping it all along and just denying you access to it.
Even worse. Using navigation to your home address, they will actually ask you to "Save your home address", but then pop up a permission to track your search history.
Want to use the assistant to turn on your lights? You better believe that requires the huge "Web and App activity" which also includes location.
Wow this really does make it worse. Google is intentionally inconveniencing users who turn off location tracking, not for any technical or privacy reason but just to try to get them to turn it back on.
This seems pretty reasonable to me, although perhaps they named the switch poorly. My guess is that the product manager is trying to provide a single simple "privacy fiend" setting.
You apparently want fine-grained privacy controls ("save my personal locations, but not my search history"). It's reasonable to want that, but it seems awfully entitled (not you, but many others on this thread) to demand it. Especially since we've seen from past history that a multitude of fine-grained privacy controls tends to propagate the narrative "Evil corporation confuses users with complex privacy UI".
Product management is way harder than you are giving it credit for.
I only described my personal experience, I'm not making assumptions of evilness on Google's side, just pointing out that it feels a little restrictive. As somebody else pointed out in this thread, the information is still stored on Google's servers (favorite places, friends' addresses, even my home address is still on there), it's just all of a sudden no longer available when you disable history.
Sure product management is hard, I never said it wasn't. Google maps is wayy ahead of the competition in the field, with or without those history things (cue the whole Apple maps fiasco). But users will always complain about features they don't like, and they won't always give credit for what works.
Honestly I don't care that much, I mostly adhere to the idea that Google & co. don't give a damn about any user's individual data. To them, we're just numbers in a database, and a bunch of metrics to optimize (engagement, revenue, etc.). However, I do think that governments, once they know all this data is stored on centralized servers, are tempted to exploit it, for good reasons or not, which is why at some point I want to limit the gathering of data, when I find it is not explicitly warranted or needed. Case in point, Google Maps doesn't need a history of ALL the places I've been on a day-to-day basis to index my saved locations in it's search box.
This is disingenuous and unreasonable. The setting is unnecessarily restrictive. It's simple:
"Do you want us to store your data on our servers?"
Answering "no" should mean you store it locally, not that you don't store it at all. If you tell Google not to save your search history on their servers, they just disable it completely, when they could just save it locally.
This is nowhere near a product problem. The setting is per-account, so it's not like it'd be disabled on one device and enabled on another, so they'd get some weird UX, they just like crippling their app to force you to give them data.
> Answering "no" should mean you store it locally, not that you don't store it at all. If you tell Google not to save your search history on their servers, they just disable it completely, when they could just save it locally.
I think you are ridiculously underestimating the complexity and issues that would arise with two separate mechanisms for saving the same kind of data, and an option to switch between the two. Do you download account-saved locations locally when changing to local storage? What if there are conflicting pieces of data?
I bet there would be a lot more outraged people about the bugs and limitations that would arise with this system than there are today with your complaints.
Headline: "Big company degrades user experience for users who choose to opt out". I'm absolutely certain that there are people who'd get mad that their history is gone if they went from "collect it in the back end" to "collect it in the client".
Obviously. I'm asking what you do before that. Do you just throw it away? That's going to piss people off. Do you overwrite the local data? That's going to piss people off. Do you try to reconcile it? That's hard to do and messy, and probably will piss people off.
I'm not sure I understand. Overwrite the local data with what? If you have history on the server turned on, then there's only one set of data, you don't need to overwrite the local data with anything. You just keep it where it is.
> If you have history on the server turned on, then there's only one set of data, you don't need to overwrite the local data with anything.
This is a bad assumption and why you would ruin a product like google maps if given the opportunity.
Google already had this problem for years with Contacts. I had local contacts on my phone, and contacts stored in my google account. It was a complete clusterfuck of duplicates, stale data, etc. Years later after I had this problem, Google added a fairly complicated power-user tool that let you reconcile this data. And then years after that, the tool became not-a-power-user tool and wasn't bad.
But we're still talking years of issues, for data that is probably a hell of a lot less complicated than what maps stores.
edit: And that said, I still have issues every now and then with that contact reconciler tool, it doesn't always do the right thing.
I have no idea what you're talking about. I'm talking about having server history turned on and then turning it off. What's the synchronization problem you see with that? I have no idea why you're talking about contact syncing, and if you mean that you need to sync locations like you sync contacts, then how is that a problem Google doesn't already have?
Most people have multiple devices. If it's all local, how do you keep it synced? I have a work PC, home Windows PC, Macbook, linux laptop and chromebook in addition to a phone. How do I sync across devices at all times? New contact is created on one device but how does it get to the other devices if there's no common server? New work location; new restaurant; new anything? Or are you assuming everyone only has one device.
I'm sure you've got it all figured out. You should go work at google and implement it.
I don't know what you aren't getting about this: Maps already has to implement sync. Disabling location storage on the server means that they don't have to implement sync. Each device has its own history. I can't explain it more simply.
It's not that complex, especially for Google. They could use localstorage, cookies or whatever, no reason the users data has to go to Google to make personalized experiences possible.
> Answering "no" should mean you store it locally, not that you don't store it at all. If you tell Google not to save your search history on their servers, they just disable it completely, when they could just save it locally.
This is nowhere near a product problem. The setting is per-account, so it's not like it'd be disabled on one device and enabled on another, so they'd get some weird UX, they just like crippling their app to force you to give them data.
I work for Google, opinions are my own. I could go on and on about this so apologies for the long post.
Obviously I am biased, but I think you're being a little too cynical.
People's habits largely depend on the incentives given to them. There is no incentive for the Maps team to take in more data, if anything there are incentives to have less data because they'd have to go through less security and privacy reviews.
What they DO have an incentive to do is to get more users, since that largely determines how much funding your team gets. Having users share location data, admittedly at the expense of privacy, provides a superior experience.
Each team has limited funding/headcount, so obviously they would use their resources as much as possible to try and get more users. Supporting the use case you described, which is not used by the vast majority of users does not align with the incentives given to them.
Recently, Google updated its values (I can't find it externally but I hope you'll believe me). One of these values is "Respect the User". I personally think that your use case would fall under this umbrella. Ignoring whether the specific feature is the best use of engineering time even for this value, the reality is that values mean nothing without incentives.
And there aren't incentives. You don't get a great performance rating for following the values, you get one for impacting some large percentage of users or improving the performance or conversion rates.
Even if you had a team of monks, completely driven by their morals and not career-driven whatsoever, this would not be sufficient because if they didn't hit performance goals then the team would just get defunded, unless the person above them was also the same, and the person above them, and so on.
> Obviously I am biased, but I think you're being a little too cynical.
Very possibly.
> Supporting the use case you described, which is not used by the vast majority of users does not align with the incentives given to them.
I think you have causation wrong here. Users leave search history enabled because Google makes it unnecessarily hard to use the app with it disabled.
> Recently, Google updated its values (I can't find it externally but I hope you'll believe me). One of these values is "Respect the User".
I have no reason to disbelieve you.
> Ignoring whether the specific feature is the best use of engineering time even for this value, the reality is that values mean nothing without incentives.
If the values mean nothing without incentives, they aren't values, are they?
> You don't get a great performance rating for following the values, you get one for impacting some large percentage of users or improving the performance or conversion rates.
So what you're saying is "there's no incentive for allowing the user to have a good experience using the app without sending us data", or did I get that wrong? That doesn't sound awesome.
> Having users share location data, admittedly at the expense of privacy, provides a superior experience.
Especially when you don't bother providing a similar experience without people's data.
Ultimately, this isn't a question of "which would make Maps better, if users shared their data or if they didn't?". That's not your choice to make, so it's a question of "the user doesn't want to share their data, do we bother to make the experience good for them or not?"
If your answer to the latter is "No", I don't care if your values say "The User is the Alpha and the Omega, thou shalt have no other priorities before the User", it's a red herring because you aren't following your values, you're following the money.
> I think you have causation wrong here. Users leave search history enabled because Google makes it unnecessarily hard to use the app with it disabled.
That's a fair point. Nevertheless, most people on the team were not there when this feature was first introduced and we can only work from where we are now. To undo the status quo is something few are in a position to do.
> So what you're saying is "there's no incentive for allowing the user to have a good experience using the app without sending us data", or did I get that wrong? That doesn't sound awesome.
Correct.
> If your answer to the latter is "No", I don't care if your values say "The User is the Alpha and the Omega, thou shalt have no other priorities before the User", it's a red herring because you aren't following your values, you're following the money.
I think we are in agreement.
I don't think anyone is following the Values because the incentive structure doesn't align with it. I would like to believe it takes time for these changes to manifest but frankly I'm skeptical it will ever happen.
I'm not trying to convince you things are great or even okay. I just would like to dispel the notion that everyone or every team at Google is scheming together to get as much of your data as possible. Google, like any company, is made of individuals who largely are there to make money and whose actions are driven by the incentive structure. As it stands, the incentives are largely around getting more users and there is very little incentive to create privacy focused solutions (customers don't really seem to care.. or know..?)
It does, indeed, sound like we are in agreement. I'm not saying everyone in Google is evil and wants the worst for the user, but that Google doesn't really care about the user and that shows.
I guess everyone in the company is complicit to that, with a share of responsibility proportional to the amount of power they have, as with any organization...
I think it's more accurate to say Google doesn't care very much about privacy concerned users since they represent a very small portion of the user base.
The language here bothers me to the core. User? That's the same term drug dealers use to describe their "customers", who are nearly all captive to them or others who peddle the same thing. Does it get the point across? Sure. However, there are better ways to word this sentence, such as "respect the people who use our services" or "respect your customers", though the last one ought to read as "handle product with care".
I feel like you may have entirely dismissed the issue that location-based advertising is quite possibly, the most valuable form of advertising Google can conduct, and Google has massive incentives to collect location data. Statements like "there is no incentive for the Maps team to take in more data" feel like they completely ignore your employer's primary business model.
So I in fact work on the maps team. There is absolutely no _personal_ incentive for me (or anyone on my team) to help Google collect more location data. I will not get a bonus for it, I will not get an increased perf rating for it, any benefit I would get from it (increased stock price, I guess?) is so completely abstracted away that it simply does not register.
There is an incentive to have increased usage of the features I'm in charge of, many of which are intrinsically tied to (or superior with) location access. I don't believe that's the same as incentivizing the collection of location data, because it's not our real goal - if Apple would provide it I would absolutely love to provide users with a 'one-shot' location feature (it's probably too clumsy but the idea is when the user hits e.g. the directions button, the OS pops up a permission box and if they agree then maps gets one and only one GPS fix and then the permission is back off).
Yeah. Tying setting the home address to search history is pretty sleazy and there is no good explanation for this other than bullying people into turning on tracking. I am really getting tired of companies that want to suck up every piece of data.
By providing these services and features for free previously, they killed the majority of the competition, and only then removed the ability to use them without tracking. It's an interesting mixture of anticompetitive behavior and extortion.
Either that or you weren't here for early versions of Google Maps, haven't heard of OsmAnd, Mapbox, OpenStreetMaps, etc. or you just really like calling people 'entitled'.
Very true. the first versions were very straightforward and only later on they did stuff like connecting saving a location with location tracking. From casual observation I even think they turned this on and off several times. They still show me some locations I saved years ago but I can't modify them or add new ones.
The annoying part is that google maps is really good at searching locations. None of the open source alternatives can do stuff like "Indian buffet Venice" so I often have to use Google maps to find something. Once I have the location saved I would say OpenStreetMaps apps are totally competitive.
I don't feel entitled and I rarely use them but it's still sleazy behavior. There are a lot of people who don't understand what consequences using Google or Facebook has to their privacy and these companies happily prey on them.
Snowden put it pretty eloquently:
Saying you don't care about privacy because you have nothing to hide is like saying you don't care about free speech because you have nothing to say.
I think people understand at some level that there is something wrong with companies collecting enormous amounts of data on them even if the immediate consequences are hard to describe.
One consequence is that your personal data gets sold to whoever wants to pay for it. In the long run a serious consequence will be that all the data they collect could be used by a dictatorship to suppress opposition. I am sure Hitler and Stalin would have been very happy with the data Google and Facebook have. Once you have full-scale surveillance and the means to analyze the data in a country any kind of political opposition will be very hard.
I don't feel entitled in that way, and therefore avoid using Google products, but use alternatives, some of which I have to pay for (explicitly, like more storage in the Apple iCloud, or implicitly, in more expensive devices).
Having said that, yeah, I do "feel so entitled" that I think sleazy companies should not sneakily manipulate me (and my parents, and other less technically savvy people) into divulging much more than they are aware of. Yes, imagine that, I feel entitled that companies should not manipulate me and lie to me (the carefully worded EULAs etc. do not fundamentally change that, as you very well know).
And guess what, there's the GDPR in Europe that recognises that entitlement and makes it just a bit harder for companies to do that, and I think that's a good thing.
It's even worse than that. The toggle they make you turn on in order to save an address in Maps is "Web and App Activity". This includes your search history, app activity (including third party, non Google apps) and most worryingly your location history.
So in order to have my home address saved in Google Maps, I have to let Google monitor my location 24/7, see how often I use my banking app, and which medical complaints I've been searching recently. This seems pretty excessive and I think it's designed to be so (as the article linked above suggests).
I appreciate the services Google provides but the cost is becoming excessive. A paid option (with everything enabled and no tracking at all) or at least more granular permissions seem like the bare minimum as people become more privacy conscious.
It's very stupid to me, just as a policy, and I would love if someone could explain it to me. I would understand completely if they didn't let users view traffic data or have their routing done based on traffic data if they don't share their location; don't put in your data, you don't get to take advantage of the rest of the dataset. But tying two unrelated features together like this is confusing, aggressive, and downright illogical as far as I can tell.
I think they would get back a good amount of goodwill if they did so, and would keep a large portion of the userbase on board without looking like (and being) assholes. Plenty of people use read receipts in WhatsApp, for example, in order to see others' read receipts.
Basically useless is pretty hyperbolic. Saying "Navigate to 12 John Street, Bullocks NY" is very simple. The main features work quite well without search history.
Though I'd agree setting a home address shouldn't be tied to search history, if that's the case.
As manipulative as Google can be, we should keep in mind that Google Maps is incredibly useful and we get to use it for "free". Yes we pay with our data and privacy and Google can do a better job of making that transparent but we can only get so upset when we don't get the full version of a product when we don't want to give our data.
I wouldn't. I also would rather not pay a fee for wikipedia. I would rather not pay a fee for Google searches.
I'm willing to pay a fee for many things but these three services redefined the entire world's productivity levels. Maps, Search and Wikipedia are world-changing (and miraculously, Wikipedia is a non-profit and still manages to exist and be stable. Please donate if you have the means, etc.). The reason they are world-changing is because they're free.
Free: Available to everyone, everywhere, without payment or account gating. It's a huge fucking deal for the world that they are and remain free.
You want to change the world? Make something massively useful to the planet. Then, make it free.
There are plenty of paid-for satnavs. Tomtom Navigation GPS Traffic (Android)/ Tomtom GO (iOS) get good reviews for motoring. Citymapper is free and great for public transport. I'm sure there are many others.
The satnav in my car is pretty good, and doesn't violate my privacy.
Unfortunately, I haven't been able to find one for walking around. All the battery powered ones seem aimed at hikers, so they're loaded with great wilderness maps, but won't help me find a coffee.
Maps is not free - as you mentioned, you pay with data.
However, there are FOSS and privacy respecting alternatives, most are based upon OpenStreetMap - wikipedia style map of the world. Some data is still lacking, but at least you yourself can fix it if you want to.
I've typed the same postcode into Maps almost every day for the past 5 years - Google, could you maybe help it be the first autocomplete result when I enter it manually?
I don't get why this is downvoted. I have the "spy on me all the time" stuff left on and I've found Google maps Autocomplete hilariously awful. Like, when I submit and get locations back it's generally okay, but the Autocomplete suggestions are just insane.
Like, they know exactly where I am all the time, why are they Autocompleting locations that are nowhere near me or any of my typical destinations?
Anecdotally, I have a few locations I put in weekly or so to make sure I have an accurate ETA or to see if one of two routes is obstructed. They autocomplete as soon as I type the first letter of either, and they're in the dropdown list of locations under either "This Week" or "Previous Searches". These are both named locations, so maybe that's different from an address?
it is absolutely on purpose. a workaround is you can set pins on the map. instead of a list, you have to zoom out of the map, but then you can click a pin, for example for quick directions to your home address.
Google either do or used to automatically detect your home and work based on your history. While I agree it should be settable without it, that may be the reason why they were tied.
Quite possibly, though I have a very uncharitable reason for my guess. Google likes to go for "don't worry we'll do it automatically!" but they're overconfident and often terrible at it. This seems to happen throughout the business and is a huge downside to me. I wonder if they added the feature without thinking it'd be worth letting people set it themselves because they're so good at doing it automatically. This also has the benefit of being a decision made at a lower level rather a larger "add more tracking" push.
I've had to turn off lots of automated Google things like ticket reminders (that tell me to catch the wrong train because they can't read the email right).
It doesn't, they "paywall" features, as they get better data and can better monetize you.
In order to have youtube app work when the screen is off, you have to pay for youtube. Its something they could provide but if they can force you to pay or give up more data (paying in a round about way) they are going to do it
It's pretty useful when you use your phone a lot for navigation / GPS. Saves you a bunch of time, but true it does have the cost of letting Google know where you live (although there are so many other ways for them to get that information that I'm not worried about that part).
I keep all my addresses as "starred" I don't set anything as home or work. I figure it will protect from a cursory db search, but anyone interested can figure out both trivially.
What pisses me off is that everytime I turn on my phone gps it defaults to "high accuracy" mode which scans all the wifi ap's around, among other things. I have to manually set it to gps chip only every time.
Your home address is never secret unless you completely disconnect from society. All the data aggregators with an entry on you will get updates soon after every move.
This dark pattern seems to be spreading. Amazon recently pushed out an update to their (beta last I knew) web app that allows you to use their smile.amazon.com charity donation through the app. But in order to turn that on, you have to turn on all the notifications the app has, including their rather constant pushes of "deals I may be interested in". They're holding you hostage to their notifications because "it's for charity!"
Not that this is news, but clearly Silicon Valley has no intention of retraining itself in any manner. Every wheedling trick in the book will be used to track you, up to and including holding arbitrary charities emotionally hostage.
Amazon finally exceeded my tolerance for slimy behavior last year, and I let Prime lapse. The amount of time and energy they have put in to making it hard to compare prices in their own goddamn store was enough by itself; behavior like this is motor-oil icing on the garbage cake.
I had to readjust a few common purchases, but I was far less habituated to them than I thought I was. Having to actually pay attention and look meant I found cheaper options. And I never cared about Video or their other goofy add-ons.
Still handy for pricing data-points when buying elsewhere, though.
As much as Amazon seems to be throwing their mud in consumers' collective faces, the Waltons are 100% not better people and Wal-Mart's entire success is based on exploiting low-wage workers and subsidizing your workforce through social programs.
I'm fascinated that you cycled through the U.S. Did you happen to write anything about your travels that you're willing to share? I'd love to hear your experiences seeing America.
I also like to use boxed.com for quite a few bulk items that one might otherwise find at Costco. And compared to Amazon, I have found some competitive pricing at Smart & Final for other items I used to purchase online.
Nothing seems like a 1-1 Amazon replacement but buying stuff from actual online stores has worked out pretty well for me since I research products too much before I buy anyway.
Their music app is actually great, because it automatically shows lyrics for songs while they're playing. You get 2M songs with Amazon Prime, but the full library costs the same as Spotify/Google Play/Apple Music/Tidal/Pandora/etc. You can also scroll through the lyrics, and click the lyrics to seek directly to that part of the song.
Amazons search is TERRIBLE! I'm beginning to think sites that don't just let you download the catalog and search it yourself are probably trying to hide something. Amazon being the prime example of that.
> I'm beginning to think sites that don't just let you download the catalog and search it yourself are probably trying to hide something.
You know what would be a great feature? Letting you prioritize different categories, in relation to each other- on AliExpress, "fist sort by price, then by shipping arrival date" would be incredibly helpful- I'm totally willing to spend a bit more to get stuff here 20 days faster, and searching through everything for that is a PITA.
Same. Also, Target and Walmart free shipping usually ends up being 2 or 3 days for me whereas it seems Amazon now intentionally delays free non-Prime shipping to make Prime more attractive.
Prime shipping has only about a 50% 2-day delivery hit rate for me. Sometimes I order a Prime product and get it in 3-5 days. One time it was about 8 days. In most cases, delivered by the Amazon U-Haul trucks with people who pop out, toss your package against the door, then pop back in.
I think the ad-tech industry has tapped into what can only be called -- and no offense to anyone here -- "virtue signalling." There's no doubt studies done on this, hence the new "controversial" sort of nature of some of the advertising. Who knew that Gillette and Nike were so interested in social issues, and not a bottom line PNL result. In the same way, perhaps, Amazon marketing teams found some research to suggest that same "heart-string tugging" mechanism can be combined as a "sweetener" to get you to do things you otherwise wouldn't do -- like subscribe to "buy this too" notifications.
It is not a very conspicuous signal. I don't know which one of my friends use Amazon Smile. I don't think the dark pattern would work well if Amazon Smile was only social signalling. Seems to me it relies much more upon the fact that actual money is given to charities. Pretty gross of Amazon to add unrelated self serving conditions to such giving.
what you’re pointing out is corporate social responsibility (CSR), which emerged decades ago. it’s an extension of branding, which advertising, among other marketing tools, supports.
virtue signalling is on the consumer side, where consumption of the brand has the (positive) side effect of showing how with it and magnanimous you are.
in any case, i also don’t see how it applies here (as sibling commenter points out).
the prius is a prime example of virtue signalling used in marketing classes: honda was puzzled at why its civic hybrid wasn't selling while the prius sold like hotcakes, until it realized that the prius, with it's unique body styling, signalled virtuous environmentalism, while the civic hybrid, with it's standard civic styling, had no (additional) virtue signal.
> Silicon Valley has no intention of retraining itself in any manner.
Historically, no industry, once became major, intended to retrain itself to be more positive to the society. If any improvement happened, it was forced from outside.
This is true, by virtue of the fact that industries cannot have intentions, only incentives. Incentives can re-align based on many forces: social, environmental, political, all of which underlie the desire for everyone to keep their jobs and/or keep their stock price high enough fill their retirement accounts.
If the "tech industry" can be considered a single entity, it appears that the incentive re-alignment is happening from all these forces at once.
So who was forcing the many famous Victorian philanthropist industrialists to build their railway and model villages, with free schools, hospitals and more for workers?
I'm not seeing the philanthropy. They were trying to obtain effective workers without being destroyed by angry outside forces:
> The Swing Riots of 1830 highlighted poor housing in the countryside, ill health and immorality and landowners had a responsibility to provide cottages with basic sanitation. The best landlords provided accommodation but many adopted a paternalistic attitude when they built model dwellings and imposed their own standards on the tenants charging low rents but paying low wages.[3]
That was definitely for their benefit of their workers rather than the greater society, and on the whole doesn't seem much different than the larger Silicon Valley companies of today.
Take Facebook for example. They have a large utopian-esque campus for the benefits of their workers. In this campus they have bikes for getting around, free bars and restaurants (and an ice cream shop), an on campus doctor, bicycle repair shop, and in fact have somehow managed to convince CBP and USCIS to visit their campus to conduct Global Entry and Visa interviews instead of the workers having to travel to an office.
Couple this with the free employee shuttle buses for employees to travel from their homes to the campus, and it seems very much like the "Model village" you described.
> and in fact have somehow managed to convince CBP and USCIS to visit their campus to conduct Global Entry and Visa interviews instead of the workers having to travel to an office.
Not to detract from your point, but this is a common service for employers above a certain size-- not some shady negotiation. My last few (not even close to FAANG) employers have all offered this perk.
I'm not trying to suggest it's shady, but it's clearly an employee perk that is not available to society at large. It's another effort by the company to make an "exclusive" community that benefits their employees and as a result helps retain talent for as long as possible. None of it is a philanthropic effort as originally suggested.
None of these things are shady. The parent was just using them as examples of companies trying to make their employees' lives better as a means of helping to retain them.
Mostly God, e.g. Titus Salt is listed in that article
"Salt's motives in building Saltaire remain obscure. They seem to have been a mixture of sound economics, Christian duty, and a desire to have effective control over his workforce. There were economic reasons for moving out of Bradford, and the village did provide him with an amenable, handpicked workforce. Yet Salt was deeply religious and sincerely believed that, by creating an environment where people could lead healthy, virtuous, godly lives, he was doing God's work."
Now, God doesn't exist, so as an external motivation he's a bit of a problem, certainly it doesn't seem to make _more_ sense to cite a non-existent God as forcing Salt to build this village than it does to credit it to his basic humanity.
Without pointing a finger, but onsidering the (so-far) lost potential of this new medium - once so promising, now the dismay of so many ... it has become 'Sellout Valley'.
On the website I always found it quite interesting that the "if you shop on smile.amazon.com its for charity" pop-up does not contain any link to the current page on smile.amazon.com; even the domain is plain-text. You need to type it in manually in the address bar.
Computer Science does not have the same heightened degree of Ethical Concern that exists in other sciences. E.g. genetic manipulation of human embryos is highly scrutinized, and action is taken when behavior that would corrupt future generations of humans is identified. Not so with CS.
CS Ethics is muted, often conflated with Corporate Ethics whose "Greed is good" line seems to have won out above other ethical mantras.
Yet, computer scientists implement these systems, while being fully aware of the consequences.
If hospitals order doctors to do $BAD_THING, they protest. If an advertisement company orders computer scientists to implement $BAD_SYSTEM, they just comply.
I believe the biological sciences have a higher degree of ethnics training than the other science fields, if only because most academic biological research requires oversight by an ethics board.
Other fields of science do not have the same heightened degree of Ethical Concern as biology, and many have less ethics training than CS programs.
For example, when I was at university, the CS program required that the students take a course in ethical topics related to computers. I believe that was due to ACS or IEEE accreditation requirements.
The physics program had no similar requirement for their students.
Amazon used to remind me when I wasn't on smile.amazon.com back when I used to go to www.amazon.com instead sometimes. Testing it right now, it doesn't seem like they do this anymore. :(
Not just amazing Samsung is constantly bugging you to sign in with a Samsung account and that apps like galaxy store REQUIRE access to contacts and sms. Just to download an app..
Same here. Samsung does not impose anything on you especially if you don't want to use their services you are free to ignore or uninstall those apps. Theres no black UX and theres excessive notifications about transgressions like accessing mic or camera in bg.
Besides all that the android permissions system is broken on a verbage level. contacts permission is often only needed for login, like authentication but also grants permission to scrape data. so you end up with little visibility into what data you are giving up.
People end up rightfully fearing apps asking for contacts and calls and location services, when the apps just need access to some api that is bundled under vague unbrella terms like location services
Huh? Are you talking about adding a shortcut to smile.amazon.com to your homepage or do you mean the actual native app? I can add a shortcut (on iOS) to smile.amazon.com but I don’t see why that would ever send me a notification. The native iOS shopping app has no option I can find to default or even select smile. Am I missing something?
It's the native app, albeit in beta, so you may not have it yet. You can turn on smile functionality in the app, but you must turn on all notifications.
"Also what does Amazon have to do with SV?"
Amazon is part of metaphorical Silicon Valley. So's Microsoft, for instance. Metaphorical Silicon Valley is too large to fit in literal Silicon Valley.
Is IBM included in metaphorical Silicon Valley? What about Expedia? Or Concur? Seems very arbitrary. Is metaphorical Silicon Valley only applicable to negative actions of tech companies or does it apply to all big tech companies? I searched for “metaphorical Silicon Valley” and didn’t see anything relevant.
Also how did you get into this beta and where is the actual option? Is it under notifications? I’d prefer to use the native app and still use smile.
Curious how you would define the set of values. Microsoft has dramatically different values from Google, so much so that Google's company values were in many ways explicitly a dig at Microsoft.
I would define a Silicon Valley company as a venture funded startup that leverages tech and has a set of ideologies that is usually left leaning American, usually values growth over profit, usually is fine with taking the law less serious if it's in the way of growth or profit, usually has elements of hacker culture, ...
... or any company that started out this way, which is why Microsoft can be considered to be a SV company.
Except that Microsoft didn't take venture money until right before IPO, has always valued profits over growth, and has sort of the antithesis of hacker culture. (See eg. Bill Gates' famous "Open letter to hobbyists".)
in this context, "silicon valley" is used to mean the tech industry, and everyone here knows what the comment means.
it's as if you're complaining that somebody referred to "wall street" during the discussion of an investment bank because they're actually located in CT.
As do Amazon and Microsoft. For that matter, "Detroit" (as a metonym for the auto industry) also have offices in Silicon Valley - Ford Greenfield Research is near Stanford, GM Advanced Technology in Sunnyvale, and GM Cruise Automation in SF.
When it comes to multinationals, physical location matters little - Google employs thousands of people in NYC and Boston and has offices all over the world.
>Is IBM included in metaphorical Silicon Valley? What about Expedia? Or Concur? Seems very arbitrary. Is metaphorical Silicon Valley only applicable to negative actions of tech companies or does it apply to all big tech companies? I searched for “metaphorical Silicon Valley” and didn’t see anything relevant.
Right, and while we're at it Goldman Sachs shouldn't be considered part of Wall Street. They're headquartered on West St after all!
Goldman Sachs is obviously a “Wall Street” company because they are based in NYC and participate in the financial industry.
Amazon, Microsoft, Concur and Expedia are all headquartered in Washington State which is nowhere near Silicon Valley. Similarly IBM is headquartered in New York.
My question is what makes a company outside SV a “SV Company”. This usage of the term is new to me so I am attempting to get a more complete understanding of the meaning.
NYC had Silicon Alley. Utah has Silicon Slopes, London, Seattle etc all harbor "SV-style" companies which mostly are internet services with clients.
Its not a confusing or uncommon term especially because theres a lions share of these cheaply made internet services being created left and right in silicon valley and beyond.
Not all South Bay companies have the same culture, either, so maybe the category should to be adjusted, and to me, I think the actual category is internet companies, which I think are more congruent in their goals than they are if evaluated by geography.
That and their notices "hey you look at this" are just a bunch of shit products that I have no interest in.
Amazon's Prime Day and other efforts to sell me low quality garbage products are such a turn off. I don't typically think of Amazon like Wall-Mart but they sure as hell are trending that way.
Ethically I think the good old days of software products were superior to the current days of software services. Services are paid for by subscription or ads or selling data, so that they are forced to optimize for continued use. Products are sold as-is, with the hope that they are useful enough that enough people will buy them once and own it forever.
It should work this way: you spend N months making a useful product that fills a real need, start selling it, and ideally make just enough money to cover the time you spent working on it. As soon as you start selling it and money comes in, you start working on another product. This has flaws though. You have to have the cash up front to pay your own bills for the first N months. And you risk not making up the time you spent.
But what I see happening is worse: people make products that sell, get greedy over the money they can make, and milk that product to death, first by paid upgrades (which isn't inherently unethical) but then turning to subscriptions or free but selling you to ad- or data-companies.
Having worked on desktop software, I much prefer the services model.
There were endless conversations about a support matrix and patching older versions for customers who refused to upgrade. We were hamstrung by old design decisions and backporting fixes making any change onerous. We couldn’t add value for new customers as fast because we spent a majority of the time supporting older customers. Now those older customers probably preferred it that way. They had software that worked (until a new vulnerability was discovered at least) and that they had paid for and liked. But as the decades (literally software that old) dragged on they became like technical debt that we couldn’t detach.
As a developer, the incentives were clear. If I’m spending half my time supporting people who had already paid and weren’t likely to pay again, then I can be more productive elsewhere, creating more additional value at a company that had a services model. So I left.
Having worked on desktop software, I much prefer the services model.
I think that's one portion of how we ended up where we are now: The companies thinking more about what is easier for the company than the needs of the customer.
The companies will always think about their bottom line. They will think of the needs of the customer to the extent that actually affects said bottom line. But customers demonstrated, through their behavior in the marketplace, that they also prefer the service model - or at least they don't care enough to preserve the old model. And so, here we are.
Software tends to spread from person to person, and any given piece of software in context is usually non-substitutable - therefore I believe consumers weren't really given an option to voice their opinion on product vs. service. Companies started to migrate to service model, and customers had to follow suit, because they didn't have any choice.
Customers had a choice in many cases. For example, Office is still offered as both a boxed product, and as a subscription service. Every time I see a discussion on one versus the other online, most people prefer the service, because it's cheaper (even long term).
On the other hand I think subscriptions have vastly improved the quality of software.
Having to win your customer's business every month or year forces the product to continue improving. If the product doesn't get better, then customers leave.
I disagree. I think vendor lock-in is actually much worse with SaaS because you rarely control your own data or infrastructure. Quality can slowly erode over time and migrating from one SaaS provider to another is often more technically and contractually onerous than migrating between on-premises software products. SaaS apps are often data silos, where interoperability is no longer a necessity (or selling point).
We are a B2B SaaS, generally used by all employees of our client organisations, and there is truth to both sides.
We do continually improve the product which benefits all our clients: sometimes features for new sales, sometimes better responsiveness or error management, sometimes in response to competitors.
But our customers are quite locked in by momentum - it would cost them a lot to change and they wouldn't see much benefit, and certainly any costs in our area are pure overhead for their business (i.e. our product doesn't directly produce their product or service).
However there is a low bar below which our competitors would eat us.
We do strive to improve the product, and we actually really care about end user usability, partially because we believe happy users do influence sales to other organisations.
I applaud your user-centric philosophy, I really do. And I don't mean to insinuate that all SaaS providers are out to take advantage of users (I've worked at a few and feel that we've always looked out for our users).
That said, my concern is that users have little protection against a change of philosophy or business model at their supplier. If one of my SaaS vendors decides to double their price, impose restrictions on use or neglect their product to the point of it becoming unusable, I may have little choice but to conduct a costly migration.
If a traditional, product-model software supplier suddenly doubles upgrade prices or turns evil, generally I am able to stay on the last version I've purchased and simply not upgrade. I really appreciate Jetbrains' licensing model where you pay a subscription for continual upgrades but get a perpetual license for the last version (released at the start of your last 12-month term) should you decide to quit.
I think one of the clearest examples of this is "old Microsoft" vs "new Microsoft". Windows used to be something you bought (or pirated...), and then MS would just leave you alone. But Windows 10 is definitely headed towards the "service" model; despite being a product that can be bought, it's also full of deeply embedded nearly-impossible-to-remove telemetry and gives Microsoft power to arbitrarily disrupt you with forced updates and other unwanted changes.
What if we thought of software not as a product, or a service, but a utility or a public good? There doesn't seem to be any way to monetize software that isn't destructive to users, either through paywalls or tracking/advertising, so why not publicly subsidize its development and release it for free?
If you do that you still want to allocate money in a way that encourages constant improvement as well as rewarding successful radical new ideas. And that's not easy to do in a way that doesn't generate problems very similar to the free market.
For example if "time spent in application" would be one of the metrics you use to allocate money then every user interface will be redesigned to require as many clicks as possible for frequent tasks, with fake loading screens in between.
I think there are ways to measure public good. Not perfectly, but certainly better than the market does. Open source libraries create a tremendous amount of public good, yet their creators are paid next to nothing. Meanwhile malicious practices like vendor lock-in, proprietary software and tracking are rewarded.
There exist organizations that treat software as a public good -- Software for the Public Interest, GNU, the Linux foundation, etc. These are relatively small in terms of funding but have a disproportionately large positive impact. Imagine if an organization the size of Google or Microsoft existed like that with public money, or if one or more of the big 5 tech companies were nationalized? It sounds unimaginable because of the political climate in the United States, but I can't see how this would be anything but a good thing. Tech companies behave much more like infrastructure, and thus are in my mind a very reasonable target for public ownership.
Whenever you tap a link in the iOS YouTube app, it starts nagging you to download Chrome, or continue with the old boring Safari... There's a pre-checked switch at the bottom of the dialog that says "Ask me which app to use every time". Now, even if you uncheck the switch and choose Safari, they will only let you off the hook for around a day; after this cooldown period you're "offered" to download Chrome yet again, ad nauseam!
Just a gut feeling, but I think if I had installed Chrome once, they would never show me this dialog again... :)
Seriously Googlers, how do you look into the mirror each morning?
Also, the Gmail app doesn't open links in the "proper" Safari app, so you're never signed in to anything!!! It's infuriating and I began switching e-mail provider because of it.
Google Maps works just fine with the GPS from my phone's sensors, but _every single time_ I bring up the app, it asks me to enable device location and Google Location Services.
I stubbornly (and maybe foolishly) keep opting out of every Google tracking option, it's crazy how annoying they are if you do this.
This happens to me too, various opt-in nags on both desktop and mobile. Using google maps has become a chore for me. I used to like going to the site or the app and browsing around for fun to learn about a new place. Now I only use it when I absolutely need to.
I'm now trying to use OSMAnd wherever possible. If there's a location I can't use it to find, I'll revert to Google Maps (and click 'no' to the opt in nag). When home, I'll make sure to update OpenStreetMap to make their map more useful.
I'm convinced that open data is the better option. Certainly, I'm happy to volunteer my time and effort to contribute to things like OSM (and Wikipedia), but I'm loathe to part with my personal data for 'free' to a huge advertising behemoth.
My biggest gripe with OsmAnd is the fact that plug-ins are actually part of the source code, meaning that I would need to recompile the entire project to accommodate, say, a plug-in that could pull in traffic data. That's my largest use case for maps apps - avoiding traffic on my lengthy commute.
There are some gross hacks to get traffic overlays on the map, but the navigation still chooses routes independently of that data (driving you right into traffic)
I do exactly the same thing. I've raised support requests, given feedback, starred support items for years about this knowing full well that it is a by-design choice. Other map apps seem to cope without it and manage to record your preference.
It's like trying to brush off an unwanted advance -- it gets creepy after a while.
I have had to visit the #nixos channel in Freenode (IRC) lately on a computer with all tracking disabled and the Recaptcha that is usually just click and continue becomes a multi-minute endeavor finding street signs, cars and buses. You really get punished if you opt out of tracking.
Which makes sense, seeing as they use account data and other heuristics to determine if you're a bot or not. The streetsigns are their fallback for when they don't have enough data.
No, it's not that simple. When recaptcha particularly wants to punish a user they start fading in tiles which doesn't make the captcha any harder for ML to solve, it only frustrates real humans.
Furthermore, when the security level of the captcha is configured by the web admin to the lowest level, users are able to use a noscript version of the captcha. When you do this, it becomes clear that the javascript version is deliberately rejecting correct answers to make you solve more and more challenges just because they're in the mood to fuck with you. This becomes clear because the noscript captcha from the same IP and same browser will accept the correct answer the first time, every time.
I'm sure this isn't done, but I do have to wonder if it'd be possible to identify a user by their unique behaviors when interacting with the extended Recaptcha puzzles. Something like writing style analysis, but applied to patterns of mouse movement, click timings and positions, or recognition rates for particular types of problems.
With a large enough dataset, I bet you totally could. But if someone were completely anonymous, it might require too many inputs for it to be practical in a one off situation. I’d guess you could identify someone with enough time after they got a new computer.
I for one are happy to be tracked so that my experience is optimal.
Edit: I understand the potential issues and especially with someone like Google using it for other things. But I am more concerned about the backlash against using data to improve our world.
There are many different areas which would be improved greatly from more data and would be to everyone's benefit.
Personally I have always shared as much as I can as I believe that the more we share the more the problem corrects itself. But each to their own.
Of course you are and that's fair. Would it also not be fair to have these privacy settings available with any of the deceptive tactics mentioned in the report?
I don't see people willing to share their data (with companies like Google) as the issue. The problem I'm concerned about is that there is a decreasing amount of choice in the matter. While you ultimately have a choice in a lot of these privacy-concerning cases, it's increasingly difficult and annoying to do so. People eventually cave and Google (et al) profits greatly by pushing them to do so.
> There are many different areas which would be improved greatly from more data and would be to everyone's benefit.
I agree wholeheartedly that data can be used for some really fantastic things, but it should not come at the cost of choice/freedom nor privacy.
I'm also thinking about it in terms of opportunity cost.
Namely, companies like Google and Facebook are poisoning the waters for would-be data-based companies that would have much greater impacts on quality of life for everyone. While they help some things at the moment, I think they are ultimately hurting would-be bigger and better data driven endeavors.
Yeah but that's the problem of technology though especially the AI-driven one.
It forces consolidation of data as a way to compete. You can't both have lots of competition and good use of data as the value is in the accumulated data.
What I think we still need a revolution in is how to make consumers data brokers of their own data. There are some attempts at making this a reality but it's not clear what the utility which will force this transcendence is going to be.
I choose to give Google my location data because I hope I am making a tiny contribution to good causes (optimizing public transit routing, training self-driving cars etc)
Is your perspective that if everyone shared everything, that we'd all see that we've all got embarrassing/illegal/otherwise unsavory aspects and would eventually change society to see people more realistically? Sort of a "nude beach" perspective? I'm just trying to understand where you're coming from.
My perspective is more that if everyone shared everything then whoever decided to fuck you up would fuck everyone else up too and thus it would be easier to establish new security measures which work for everyone. I believe in security through mass adoption.
Privacy is like drinking water: no one in the US cares about it until it's on the news.
Why don't people care about clean water? Because federal agencies set standards and test for them. You could bore someone to death talking about it until Flint happened. And sure some people buy water tests to verify they're not getting poisoned, or setup their own filtration systems but most people don't want to waste the time or don't have the knowledge. Just the same as privacy.
Not every can or will get educated about privacy, and really they shouldn't have to, it should be a waste of their time. But it's not because we don't set standards for it. Most people give it away without knowing it's value only to have it bite them in the ass later through identify theft, data breaches, or eventually giving into a surveillance state where the government and big corporations know more about your than your mom does.
This is why it needs government intervention, because without it corporations will claim to give you a choice every step of the way but no one will understand what those choices entail, and it turns out they'll badger and pester you to make the choices that benefit themselves.
Relatedly, this is why I am OK with iOS being a walled garden. Sure, they make bank from it, but that incentivises them to make it protected. As I said in another thread, they're the only one capable and willing of enforcing privacy rules until the government steps up.
FTA: "Bundling of services and lack of granular choices - If the user wants features such as Google Assistant and photos sorted by location, Google turns on invasive location tracking."
I unplugged my google home precisely for this reason. It wouldn't operate with all kinds of web and location tracking turned on. And when I turned them off it would only respond with something along the lines of "you have to turn on <tracking_feature_x> for google home to work properly."
The hell I do. Amazon doesn't require me to turn stuff like that on to work just fine.
It was blatant and a bit nauseating. After that I understood the google-free movement very well.
I would still like an all-on-site voice assistant that respects privacy.
There was an article posted here recently about a device that feeds white noise to devices like that until you give the new device they keyword it's looking for. It was supposed to look like a fungus or something. Lemme see if I can find the article...
Wouldn't help with location tracking, but might put your mind partially at ease if you own a creepy home assistant thing.
At some point we need to sit down and map, exactly what kind of information can be extracted from which meta-data sets.
For instance, screen time is also sleeping habits, for some its toiletbreaks. If its toiletbreaks, its stomach/health related. Couple that with location, its eating habits and risk factors. Couple that with phonelogs its much much more.
Once we have that mapped out, we can do an honest evaluation of whats being tracked, because every extrapolation possible will at some point be turned into usable data (my theory).
On the subject of Dark Patterns, Linkedin has to be one of the biggest offenders. Almost every time I open their app (which isn't very often), they try to trick me into uploading my contact list. I wonder if it'll come to some sort of regulation that requires companies to respect your opt-out answer and not continuously badger you into opting back in.
Definitely. I think the initial setup of an android phone is pretty similar to that of windows 10. You have to read everything very carefully to avoid all the dark patterns and hidden consents for tracking.
The thing that drives me nuts is (at least last time I set them up) Google Home and Android Auto both require Location and Web Activity permissions at an account level. I don't understand why Google just can't offer a subset of functionality on these devices rather than forcing you to have enable these permissions.
What Android desperately needs is an additional API layer that provides apps like Google and others with fake location data and fake contact data so there's simply no way they can tell that you're holding information back. Turning off these data sources just makes them use dark patterns to get you to turn them back on; spoofing the data is the real solution.
The privacy settings user interface on my Android is deceptive. It lures you into thinking that you have changed all the settings and does not show all the settings in one go. Google is creepy.
Another example of Google not even trying to give the account holder an option to pause tracking is the purchase/order-linking feature for purchases history. They scan the users Gmail account for orders/receipts and quietly storing that information into the purchases history as can be seen by going to https://myaccount.google.com/purchases.
Instead of giving the account holder an option to delete this history, their helper section vaguely mentions you can go to Gmail and "manage" the corresponding message. https://support.google.com/accounts/answer/7673989
I read an article a while back, that argued[1] that openness to tracking and surveillance may be linked to helicopter parenting.
The argument goes that because millenials have been raised to be under continuous adult supervision, that predisposes them to view surveillance as benign and benevolent.
This was (essentially) the assumption that made me decide that teaching my daughter to expect privacy by respecting hers was the only way to go. It turned out well, and I feel like a lot of other positives emerged out of it.
I might not mind it so much if I had access to sufficiently granular data to make it useful, such as automatic workout tracking. I'm sure they have the data and the AI to notice that I'm on foot/bike moving at a higher-than-normal pace and on one of my usual workout routes. Or, to provide nice detailed reports of my commute (min/max, variance, total time, etc.)...
But no, the only data we get is rough, 'you visited store X yesterday, want to review it?', when I actually only visited the much smaller store nearby...
There is already starting a backlash from this massively greedy -- in both data & money -- culture. It would not surprise me to see it overshoot and seriously cripple the industry if the participants don't become a bit more self-aware.
Installing LineageOS without any Google apps (including Google Play Services) might be the only way to continue using Android minus the tracking. You lose quite a bit of convenience for this, though. And of course, you’re still being tracked by virtue of it being a cell phone with a baseband processor (see my comment at https://news.ycombinator.com/item?id=18821444).
Before you deactivate them, I suggest looking through the data Google has saved in them for a while so you grok the full scale of how horrible those settings truly are.
That's what it's become for me and my circle. Got my parents the older iPhones (6S) late last year and got the same for myself this month. I miss being able to access the local storage (one small hack I found was using the Firefox app local folder to store my files)
Well, I just turn my location services off. I can't stand the Apple ecosystem even if I have to give them a huge props that they take integrity way more seriously than Google.
If you're really willing to go to a dumbphone... just get an iPhone and don't install any apps. That way, at the very least, you still have a killer camera.
This aspect of Google (forcing you into full surveillance mode before they will enable services) is the reason my wife is looking at an iPhone for her next phone. To the extent that others follow that move will be interesting to watch.
Even for those of us all-in on Google services -- like me with Gmail, Drive, Maps with history and sharing, YouTube Red -- iOS is way better. iOS and all the Google apps works great, and you can dump Google at any time.
Great article, thank you for sharing. Love the list of deceptive practices - reads as a blueprint for what to avoid if you respect your users.
The "data helps us understand usage and build a better product" narrative is all over these comments and in product teams. Revealed preferences are helpful for building better products. I suppose the story gets twisted when "better" for the business diverges from "better" for the user. Are there ways to achieve a win-win here by sufficiently anonymizing data or explaining why tracking is helpful and asking for explicit consent? Would love if anyone has links / reads on this.
There are more than 40000 individuals in Google in SV working to stalk you 24/7 and monetizing the data with different teams thinking up more ways and means to do it, other teams working on thwart any regulatory or other challenges to ensure business continuity, other envisioning a future in which they can grow this business unhindered.
This is an entire organization devoted just to this, and they in turn enable ecosystems of hundreds of thousands all interlinked driven by profit.
Yet on a technical forum which probably has a large proportion of people involved in this intimately as their jobs we do not have informed discussion, instead we pretend as if its not happening, or a one off by a 'misguided program manager', or the motives are 'benign' or unquestioningly accept self serving attempts to 'normalize' this surveillance dystopia.
This is an insult to informed discussion and enables an environment and discussions where blatant bad behavior is consistently overlooked and control of standards that benefit toxic business models are glibly handed over without scrutiny, skepticism or challenge. And then when one day one wakes up in dystopia some will wonder how it happened, this is a culture of delusion.
Actively having to take extra steps to just log out of any of their services is the biggest little deception. Once they changed their login screen (cannot even remember when) you had to click multiple extra times to remove an account explicitly or you were still tracked/logged in/Google was aware of you. I started deleting history in Fx whenever the browser is closed which helps with this but I have windows/tabs open for weeks for a reason and can't always close the browser. I've just some to accept the extra steps it takes to actually logout though it pisses me off slightly each time I do it.
I've taken no steps to confirm they are actively getting info from my browser if I don't remove my account or if they are not if I do because I have turned off as much account data tracking/opted out of as much as I could for my Google account. But logging out of YouTube, which gives you no indication that you are actively logged in in the active browser window, and then going to mail.google.com will show you that Google is still aware of your account. Bullshit.
Scannning the comments here it does not appear anyone is considering the cost of network activity and bandwidth.
The user is subsidising the tracking.
Google does not pay for the cost of the user's internet access or her mobile data plan. In some cases, the user might only need an offline map however instead she is coaxed into accessing the same map over a computer network again and again, day after day, year after year. The cost of that access is carried by the user, not Google. Multiply this cost over millions of users.
Users are paying, in many cases unnecessarily, to send tracking information to Google.
When Google coaxes a user into accepting the settings that Google prefers (24/7/365 tracking), users are not merely agreeing to be tracked in exchange for something, a price not easily measurable and thus perceived as "free". Users are agreeing to pay for the costs of that tracking, namely the transmission costs to get the tracking data to Google. Those prices are measurable, though few users might be measuring them.
Of course users are not opening an application and hitting a "send" button everyday to do this task; it is not conscious spending. They are permitting Google to do it for them in the background, using the user's CPU, memory, storage and bandwidth.
None of those resources are "free". Whilst users may have generous amounts of privacy and personal data to trade away in exchange for some perceived benefit, users did not have to pay for those "assets". They might not put much thought into whether each exchange was truly necessary.
On the contrary, users must pay for computing resources and internet access. It stands to reason that they might not wish to trade away those acquired assets where not truly necessary.
I understand the article is not about web site tracking, but the Norwegian Consumer Council should not be permitting readers of that particular piece to be tracked by Google, or have an eight-month tracking cookie dropped by them. Either way, it's good to read another authority detail such unethical practises.
That is correct. In an earlier comment [1] I have checked what options are enabled by default when registering or adding a Google Account to an Android Phone. For example, checkboxes "Backup to Google Drive" and "Save web and app activity" are enabled by default.
I suppose that many Android users might agree to these options without understanding completely what they mean or even without noticing because some of the options are hidden behind spoilers.
Android is an example of a case where you become a product although you have paid for the phone.
Google no longer has the benefit of the doubt...these things would have gotten traction a few years ago. Or, Googlers, must be doing this to cure cancer or something, they're so good and nice. Now, all that goodwill gone.
I didnt know about location history and web & app activity. It is indeed quite hidden and when I disabled them, i saw along with web and app activity, there was a bunch of other history google was storing like search history, browsing history etc.
The really evil bit about Google is that, even when you disable them, Google does not delete the already collected history, they just "PAUSE" that so that they can keep old history.
Speaking of Google Maps location tracking, are there alternatives (for iOS) that can let me track myself, without putting all the location data in the cloud?
I want to disable Google's location tracking, but I want to know where I've been so that I can go back and recall. A sort of location diary.
The only app I know about is Life Cycle, which is quite good, but it doesn't quite have the granularity I want.
The reddit pattern doesn't work on all of us. I just use reddit less now it is less pleasant on mobile. I use it less when not mobile too as the changes there are not something I'm keen on either.
Another example is sites like Amazon and Wish changing their adverts on facebook and elsewhere to take you to the Play store instead of to the product page you were interested in if you don't have the app installed. Again this doesn't work if, like me, you either give up at that point as you weren't that interested anyway or you google the product and get to their page or a competitor's that way.
I think I'm in a minority though. I assume from the fact this behaviour is expanding, that enough people cave and install the apps it makes the few of use who do not worth losing from that sales vector.
Oh man, tell me about it. I lurk on Reddit from time to time from my smartphone and the experience nowadays is terrible. I have like half a dozen elements disabled using u-block to make it somewhat bearable. From the pulsating button at the top of every page to the multiple dialogs taking turn to harass you into installing the app...
On top of that I've noticed that the website keeps getting slower and slower to load what's effectively a few KB of plain text comments.
The state of the web in 2019 is frankly shameful. Those are tactics that you should expect from shady websites, not some of the biggest players in the field. Everybody is trying to trick you into going against your best interests.
The GDPR did a good job at highlighting that for me, suddenly all the websites in the world deployed a wealth of ingenuity to develop new dark patterns to trick you into opting into the tracking, using ambiguous controls and confusingly worded instructions.
I hope this is only a phase and we'll move away from this toxic ad-driven business model sooner or later but honestly at this point I'm not holding my breath.
>The state of the web in 2019 is frankly shameful. Those are tactics that you should expect from shady websites, not some of the biggest players in the field.
Because of ad networks, every site is now a shady website.
They are getting more and more aggressive about it too. Recently they add a full modal covering content and forcing you to “choose to view in app or browser”.
It's not aggressive, it's a multi-flank stochastic attack. They have about
5 different UIs for pushing you to the app, with different
shapes, wording and locations on screen, and they cycle between them, to stop you from learning habits like "just smash the lower left corner on the first page load"
Also, the redesign is very privacy invasive. The post has since been deleted, but it can be seen on archive.org [1]:
> Reddit has been trying to redesign their website to feel more "modern", but I have noticed that the redesigned UI also features more tracking.
> For one, the new UI (and the new userpage) features session replay tracking everywhere (recording of your mouse movements, keystrokes, and how you interact with the website), as evident by its use of the mousemove JavaScript event listener for the entire page. I found out using Luminous (this isn't an endorsement or ad), which is an extension that detects (and can block) JavaScript events. The old UI also listens for the mousemove event but not everywhere (I have only noticed it on the "submit post" page, but there are probably a few other places), though I'm not sure if this is due to session replay tracking. I cannot say for certain that the old UI doesn't have session replay or something similar, but to me it doesn't seem like it for most pages. Perhaps someone who has investigated this further can confirm or deny.
> Session replay is another form of tracking what you click on (possibly negating attempts to opt out of "regular" tracking of outbound links), can be used to fingerprint a user (how the mouse moves), and will negate attempts to delete posts and comments (for example, ones that accidentally contain personal information or passwords). Even accidentally pasting something like a password in a text box will result in the password being sent to Reddit (and/or a third party) and being stored in plain text. I don't know how Reddit manages user data internally, but with session recording it's possible that a Reddit employee playing back a session to assess user reaction to a new UI update may end up seeing your private messages or posts in private subreddits simply because it was there when you interacted with the page.
> Also, the Reddit redesign completely breaks without JavaScript enabled, to the point where you can't click on links or even see the page content.
> The old UI is still available to users, either through a setting in your account or (if you're not logged in) through old.reddit.com. You can also replace the 'www' part of the URL with 'old' on any Reddit page to get back to the old UI. I really, really hope they don't remove this.
It's a pain if you follow links to reddit that don't explicitly link the old subdomain. I think maybe if you have an account you can force it (?) but for us lurkers it's annoying. Of course I could create an account to browse reddit but then... well they've already won, haven't they?
A few years ago I made a comment about how funny it was that I would immediately delete all the Apple default apps and replace with Google apps (gmail, maps, etc). Now I'm back on the flipside and only use Apple Maps, Mail, etc. Unless Apple really F's up, they are going to win the privacy game and see a lot more usage of their native apps and services.
My "favorite" Google dark pattern is suggesting "Privacy Checkup" when I'm logged out. The checkup of course requires signing in.
This is so cunning — they make it look like they care about my privacy, while in reality they upgrade from no tracking (signed out) to at least default tracking they allow themselves in the ToS.
Why is this a dark pattern? There could be a lot of people who sometimes sign in and sometimes stay logged out, the privacy checkup is useful for them, even you might have some settings from past you might want to see. This is not a dark pattern, HN became hysterical.
You cant use wear OS, or really any wearable on Android anymore without enabling location tracking. They bundle "low power bluetooth" settings in the same permission set as GPS in order to force you to leave it on at all times.
Google is notorious for refusing to allow users to say no.
They misread the book "Nudge" and use the nudge techniques t to shove or one could use less charitable descriptive words.
e.g. I would like to make the choice to NOT bind my location data to my identity. In theory I can do that by not logging into Maps. In practice Google refuses to allow that choice, constant nagging, attempts to force their desired choice by nerfing logged out features. When you don't allow your uses to say no you're not actually providing them any choice at all.
Google either needs to commit to allowing their users to say no or we (their users but also citizens) need to have our courts and governments force them to do it.
Note to you Google folks reading this (I'm looking at you Larry). Seriously. Step up now because you will be sued for this, and you will force legislation if you continue down this path.
I think companies will always find ways to track you. One solution would be to create a fake bot that will feed noise to these trackers by visiting random sites and doing random google searches on your behalf.
I disabled web and app activity and then voice commands stopped working in Android Auto so I had to turn it back on. Why does Android Auto need my web and app activity to process sppech and search for me? Sheesh.
I have launched yelp clone pagestan.com for Pakistan. And feeling helpless to compete against google's dominance. I am sure yelp is also reevaluating its business model
I used to use ublock origin and noscript a long time ago, but now after years of browsing with umatrix, I say browsing without it is like having unprotected sex with the internet.
So something that maybe not everyone knows, is that the Norwegian Consumer Council, is the Norwegian governmental entity tasked with protecting consumers right.
I'm not a lawyer, but my take on this, is that this is a governmental agency in a GDPR country, triggering legal proceedings against Google for violating the GDPR.
It is going to be interesting to see how this pans out, and imo. this case is going to be a defining case on what the GDPR is in practice.
This attitude makes me so off the charts angry, I struggle to put it into words. I think Jews in Germany in the 1920s didn't think they were doing anything wrong, or feel a need to actively hide it.
These kinds of practices are still going on right now. See the Anti-gay purges in Chechnya that happened in 2017. "The Chechen police and military have conducted entrapment schemes, in which a victim is lured on a date, beaten and humiliated". According to some sources, those entrapment schemes where using online dating apps.
Eric Schmidt's concept of privacy is so focused on the sort term where we live in free countries. Who knows what the future holds in store?
Imagine if in 50-100 years the political situation gets really bad in the US and they decide to pass such a law. That hypothetical future government could simply get all the data from companies like Google and pinpoint their targets with scary accuracy. Imagine being jailed for web searches that you have done decades prior.
As a trans person, that's the kind of things that keep me up at night. Especially since the ads that Google are presenting to me recently shifted and my shadow profile is clearly tagged as "trans" now.
Schmidt's attitude shows just how much Google thinks it owns the internet. There is so much data out there that people can live in relative anonymity online (95% of bloggers) however Google crawls and indexes so much that many things become quite easy to find. All the tracking and linking and indexing that is done without a person's informed consent makes that person's intentional behavior a warped spotlight back on them.
> All the tracking and linking and indexing that is done without a person's informed consent makes that person's intentional behavior a warped spotlight back on them.
Sure, but only in the minds of people who don't even know themselves, and can't make a coherent argument to save their lifes. They confuse the "data" they have on things with the things themselves, not to mention people -- same noobs doing the same shit, different day.
I think he was merely pointing out that All US companies are bound by US laws and when government asks them to dance they would eventually, reluctantly, dance.
It's fascinating how obviously smart people can rationalize their actions.
Schmidt and Google claim to be "progressive" but that kind of rationale of "nothing to hide" would mean that every progressive movement would have been shut down in its early stages had this kind of tech and surveillance been available at the time because it went against what was currently judged as right by the people in power
What was the point of you pointing out Eric's claim to a particular political ideology after a statement of his intelligence? Are you somehow implying one is more virtuous / intelligent than another? If we changed that to conservatism does that your meaning or what you were trying to convey?
I was more pointing out how either side can hypocritically rationalize things that run counter to their supposed beliefs because they make money off being hypocrites.
Nobody thinks they're evil, people can rationalize all sorts of crazy behavior.
I do, because evil is banal. Rationalizing crazy behavior is what evil usually looks like. Larger evils occur when "trivial" problems are ignored, allowing the deviant behavior to be normalized. Intentions are not relevant, because it's easy to rationalize away the craziest of behaviors.
"No one involved in an extralegal activity thinks of themselves as nefarious. I'm a businessman, okay?" - Quark, DS9 S6E25
>To the older generation, privacy is about secrecy. And, as the Supreme Court said, once something is no longer secret, it's no longer private. But that's not how privacy works, and it's not how the younger generation thinks about it. Privacy is about control.
I'm about the same age as Bruce, and I often respect what he's written. Not this time. In fact I'd bluntly claim he's wrong.
Let's not conflate privacy and secrecy and blame the old. Secrecy is not revealing the private conversations with a friend of the opposite sex is actually the surface of an affair. It would embarrass (or worse) if revealed. Privacy is not telling because there's no need, that's their business, but happy to tell SO if it came up for some reason.
For the older generation privacy is about control and agency too. Who gets to know mum or dad is ill, what they earn, who can see or use their information or their photo, even who their friends or habits are. The expectation is all of that goes to those who need it or others at the sole discretion of the individual or couple. Volunteered at their discretion unless a job or mortgage depends upon it. They just share a lot less than the kid's generation, but not for reasons of secrecy.
Quote: Google Inc. has blacklisted all CNET reporters for a year, after the popular technology news website published personal information of one of Google's founders in a story about growing privacy concerns for the Internet search engine, according to a CNET statement.
CNET on Friday reported "Google representatives have instituted a policy of not talking with CNET News reporters until July 2006 in response to privacy issues raised by a previous story." That story, by reporter Elinor Mills ran under the headline "Google balances privacy, reach."
Google spokesman David Krane told CNN the company declined comment.
> To underscore its point about how much personal information is available, the CNET report published some personal information about Google's CEO Eric Schmidt -- his salary; his neighborhood, some of his hobbies and political donations -- all obtained through Google searches.
Interesting that I remember this differently than how it is commonly quoted now. I thought (right or wrong) that he said "..., maybe you shouldn't be posting it online in the first place." which is easier to agree with than 'you shouldn't be doing it'
Beyond the obvious implications of this statement, it makes me consider Fredric Jameson's argument that the separation between modernism and postmodernism is that postmodernism replaces temporarily with spatiality. How this connects to Schmidt's statement is that it, too, denies the temporal dimension, in that an individual might have something they don't care is known, but that when is of prime importance, whether that be in in regards to what might be called more intense circumstances, or simply that, say, and author typically does not want the first draft of a book out there.
BTW (I'm not a huge friend of Barthes :-)
an excellent (and frightening) and short (!) book on this topic is Timothy Snyder's On Tyranny: Twenty Lessons from the Twentieth Century. Highly recommended.
Outlines the steps the Nazis (and other fascists) took to silence the opposition, get everyone slowly into line, undermine the "public sphere" and rational discourse, replace truth by obedience to power, etc. and then gives some hints what each of us can concretely do to stop these processes.
A good read on Google and Eric Schmidt's relationship with the State Department and federal government in general
"There was nothing politically hapless about Eric Schmidt. I had been too eager to see a politically unambitious Silicon Valley engineer, a relic of the good old days of computer science graduate culture on the West Coast"
Agreed. Wikileaks may have been reputable at some point in the past but they're not trustworthy now. It's not so much the 'focus on Hillary' but their focus on being pro-Russian state. [1]
The founder of Wikileaks, Julian Assange, has his own show on RT [2], which mean's he's essentially being paid by Russia's state propaganda media [3]. That, along with attacking the Panama papers leak for "going after Putin", and a string of other pro-Russia activity, means Wikileaks is not to be trusted.
Everyone ignore the fact that leaked documents layer out a plan by US Intel agencies to discredit Assange and WL via tactics just like this, these are now the leaks we're looking for apparently.
RT has some of the best coverage of some things around, and this constant talking as of it is putins right hand in media form is grounded in tribalism and not in careful evaluation of the facts.
That's a ridiculous assertion against a news org that has a better track record than just about any other news org in existence, and it's sad to see people falling for this line of thinking.
basically every claim is sourced as far as I can tell. Schmidt is pretty entrenched with Clinton considering he started a company dedicated to using tech to get her elected, Groundworks
Honestly tired of Europe pretending like they are so high and mighty for flagging tech companies for "privacy violations." Frankly it's insulting to say that adults cannot decide for themselves how they want their data used. At this point, users know if you turn on Google tracks you. It is worth it to many for the convenience of quality results Google delivers. If it isn't turn it off. But to say it is Google's fault is nonsense.
This is comical. I try really hard to keep Google from tracking me. I use DDG, FastMail, iOS, have pseudonymous accounts for logging into Youtube. But I know Google still has a pile of information on me through reCaptcha, trackers on various web sites (Google analytics for starters) and services that use the Google Maps API. So I'm left with the nagging sense that I'm still being tracked by Google, no matter what I do. There is no real choice available. Google will track you in some way, your "decisions as an adult" be damned.
It doesn't even matter anymore if they can tie your actions to your identity, so long as they can tie your actions to the information that they choose to let you consume.
So how do you expect adults to be able make an informed choice if Google is using deceptive design and misleading information?
I'm sure most of the people here, have the know-how and information to make an informed choice. But wouldn't it be nice if people that aren't working in the field or have a degree in STEM could to?
> Frankly it's insulting to say that adults cannot decide for themselves how they want their data used
All those laws really push is you have to actually let people know what you're using the data for, ask if you can (so that they're able to decide) and make sure you take care of it.
It doesn't say you can't decide for yourself, it just makes it an actual decision.
GDPR does not allow you to trade services in return for using your data for ads. A website can't deny you service if you opt out of tracking, so EU has decided that business model should not be viable even if both parties agree.
My Location History and Web & App tracking are off, and I'm still able to use my Home and Work addresses on Google Maps.
I see many people here have your same experience, which is pretty odd to me. I live in Israel, maybe there's a connection somehow?
Interesting, I'm on Android 9 and I can't set home/work without tracking, but it stays off anyway, it's too dark of a pattern for me to stomach. It was possible to set it several Android versions ago, but then I guess they got greedy
> GDPR does not allow you to trade services in return for using your data for ads.
Yes it does. If users consent to it in a lawful way, close to everything is possible under GDPR.
> A website can't deny you service if you opt out of tracking, so EU has decided that business model should not be viable even if both parties agree.
As far as I can tell, this is based on some pessimistic reading of the law, and no clear jurisprudence is available in that area yet. It will likely be available soon, but this isn't as clear cut as you make it seem.
If the EU had decided that this business model should not be viable they could have clearly outlawed personalized ad tracking in its entirety in unambiguous terms. They have not done that at all.
Even so, personal tracking ads are still available for those who consent to it. Many, I expect, will like them. In the worst case (if jurisprudence decides you can't deny services for opt-out - which we will need to away before jumping to conlcusions), it will be a bit harder to gain as much revenue out of it per user because you need to go through the revolutionary step to ask your users if you can track them. You can still show contextual ads just fine though!
But really, consider it ethically. If it turns out people lose revenue because people decide against tracking - as they now need to be explicitly informed and given the decision - how can you really have issue with that?
That makes no sense. If both parties legitimately agree, then there is nothing that the GDPR can do about it. The issue arises if one party decides that they no longer wish the other party to hold on to their data anymore, and the other party refuses to delete the information and withdraw services. The unacceptable business model for GDPR is providing a service that requires personal data in order to function. Google making search unavailable to those not providing PII would be in breach of the regulation.
>The unacceptable business model for GDPR is providing a service that requires personal data in order to function. Google making search unavailable to those not providing PII would be in breach of the regulation.
Seems like we are on the same page? This in essence means you can't pay for a service with your data. The service always has to be provided whether you choose to let them use your data or not.
This end result is due to product managers/devs looking at conversion rates and optimizing for whatever their metric of success is, which in this case is creating accounts and users being more "engaged" with the platform. 3 or 4 rounds of A/B testing and you get the most efficient (read: manipulative) method of getting users "engaged". There may be no intention of manipulation but using empirical evidence to achieve your metric of success will tend to make your product manipulative.