This is one of the reasons why it's great that the source code of web pages/apps is (relatively, compared to binaries) easy to reverse-engineer - because of their environment inside a browser, web apps have such a low barrier to "phoning home" and making requests that privacy-sensitive information being leaked may otherwise be difficult to notice. Imagine if they were all encrypted/obfuscated binaries...
I don't use Google Docs (and probably never will), but if I did, all those requests - "these /save calls every time I typed something" - would be enough for me to investigate why it's generating so much traffic. I'm using an OS that still has a useful network activity indicator icon, so I easily know when there's data being transmitted/received when there shouldn't be.
There's a line of thought that says those sorts of indicators are unnecessary and a distraction, and that maybe valid justification for removing them, but I can't help feeling like their removal is making users more unaware of what their machines are doing - and thus easier for companies to do things like this to them.
When you say that "privacy-sensitive information" is "being leaked", you make it sound much worse than it is. The information being sent seems completely normal for an online word processor with a revision history, and it's not being "leaked" to anyone besides the company providing the word processor.
The information being sent seems completely normal for an online word processor with a revision history
When most people hear "revision history", they think of the versions of the document that exist between explicit saves or periodic autosaves, and not extremely fine-grained per-keystroke activity logging.
I don't use Google Docs (and probably never will), but if I did, all those requests - "these /save calls every time I typed something" - would be enough for me to investigate why it's generating so much traffic. I'm using an OS that still has a useful network activity indicator icon, so I easily know when there's data being transmitted/received when there shouldn't be.
There's a line of thought that says those sorts of indicators are unnecessary and a distraction, and that maybe valid justification for removing them, but I can't help feeling like their removal is making users more unaware of what their machines are doing - and thus easier for companies to do things like this to them.