Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Advertising Google The Internet Businesses Communications Network Privacy The Almighty Buck

Google Has Quietly Dropped Ban On Personally Identifiable Web Tracking (propublica.org) 155

Fudge Factor 3000 writes: Google has quietly changed its privacy policy to allow it to associate web tracking, which is supposed to remain anonymous, with personally identifiable user data. This completely reneges its promise to keep a wall between ad tracking and personally identifiable user data, further eroding one's anonymity on the internet. Google's priorities are clear. All they care about is monetizing user information to rake in the big dollars from ad revenue. Think twice before you purchase the premium priced Google Pixel. Google is getting added value from you as its product without giving you part of the revenue it is generating through tracking through lower prices. The crossed-out section in its privacy policy, which discusses the separation of information as mentioned above, has been followed with this statement: "Depending on your account settings, your activity on other sites and apps may be associated with your personal information in order to improve Google's services and the ads delivered by Google." ProPublica reports: "The change is enabled by default for new Google accounts. Existing users were prompted to opt-in to the change this summer. The practical result of the change is that the DoubleClick ads that follow people around on the web may now be customized to them based on your name and other information Google knows about you. It also means that Google could now, if it wished to, build a complete portrait of a user by name, based on everything they write in email, every website they visit and the searches they conduct. The move is a sea change for Google and a further blow to the online ad industry's longstanding contention that web tracking is mostly anonymous. In recent years, Facebook, offline data brokers and others have increasingly sought to combine their troves of web tracking data with people's real names. But until this summer, Google held the line." You can choose to opt in or out of the personalized ads here.
This discussion has been archived. No new comments can be posted.

Google Has Quietly Dropped Ban On Personally Identifiable Web Tracking

Comments Filter:
  • Who to blame? (Score:4, Insightful)

    by Anonymous Coward on Saturday October 22, 2016 @08:38AM (#53129467)

    Still the Google engineers who volunteer to implement these things in exchange for good payment and conditions, and excuse themselves as only following their employer's orders.

    Most mass anything is the result of willing engineers. We should never forget this, or we end up being the problem.

    • If these employees didn't follow orders, they'd be fired and replaced with employees who do. If a company fails to take actions that result in a higher bottom line, they may eventually fail altogether and be replaced by a company that does. The true root of this problem is capitalism, as it creates a survival-of-the-fittest scenario where the only measure of fitness is wealth. Obviously socialism and communism have their problems too. In my view, only socially-regulated capitalism can save us (too bad we do
    • by thsths ( 31372 )

      For what? For a news article on slashdot for something that happened "this summer"? I guess it is a slow new day. There you have it, the culprit remains abstract.

    • by lhowaf ( 3348065 )
      It is entirely possible that Google management didn't approach the engineering staff with a plan to build a Death Star or Soul Sucker. The very core of their business is to collect data. The decision to use some of that data for evil/greedy purposes doesn't require additional capability - just additional restraint. [not affiliated with Alphabet/Google]
  • by Anonymous Coward

    I assume some people might actually want to share their information for assimilation purposes. The question is whether it defaults to opt-in or opt-out.

    • Re: (Score:1, Insightful)

      by Anonymous Coward

      The big issue here is that folks with gmail accounts that predate this were under the assumptions about how the data is being used and now they have to either accept the new terms or go through the incredible hassle of changing addresses.

      This is a massive expansion of what they had been doing and there needs to be some sort of legal action taken against them as this isn't something that people have a reasonable option of opting out of. Between Google's products and the ones they bought when they were allowe

  • by Artem S. Tashkinov ( 764309 ) on Saturday October 22, 2016 @08:43AM (#53129491) Homepage

    I knew this day would be coming a long time ago so there's a very elegant solution to this madness.

    1) Use a separate IMAP/POP3 client (thunderbird is nice) to fetch your mail from Gmail
    2) Make your Firefox clean your session data on exit (cookies, web cache, offline website data - that's enough)
    3) Adbock+/Ublock Origin with anti tracking and anti social lists for good measure

    This still leaves your IP address unprotected but if you're concerned enough, use a provide which generates random IP addresses or VPN.

    • by Anonymous Coward

      Just block all google IP addresses at you firewall. Oh, and hit any Google employee hard in the face if you meet one.

      • by Artem S. Tashkinov ( 764309 ) on Saturday October 22, 2016 @09:06AM (#53129579) Homepage
        Countless websites on the internet totally break if you block google IPs.
        • Countless websites on the internet totally break if you block google IPs.

          True, but only in good ways.

        • by Khyber ( 864651 )

          Which totally defeats the intended ability to keep network traffic flowing no matter what.

          So it's safe to say Google has effectively broken the internet.

        • For uMatrix, I let it block
          doubleclick.net
          google-analytics.com
          googlesyndication.com
          googleadservices.com

          but have the following rules to permit Google stuff so pages work:
          * accounts.google.com frame allow
          * ajax.googleapis.com * allow
          * apis.google.com * allow
          * apis.google.com frame allow
          * chart.googleapis.com * allow
          * content.googleapis.com * allow
          * content.googleapis.com frame allow
          * fonts.googleapis.com * allow
          * google.com * allow
          * googlecommerce.com * allow
          * googletagmanager.com * allow
          *
        • by PJ6 ( 1151747 )

          Countless websites on the internet totally break if you block google IPs.

          I was evaluating game development platforms and couldn't install Unity because it required a connection to Google analytics, which is one of the many things I block at the hosts level.

          That's right. I couldn't get passed the install without an active connection to Google analytics.

          I concluded Unity wasn't as serious development platform.

    • by Anonymous Coward

      Could you please explain the advantages of using desktop mail client over webmail from a security point of view?

      • by Artem S. Tashkinov ( 764309 ) on Saturday October 22, 2016 @09:17AM (#53129615) Homepage
        Numerous: 1) You can set thunderbird to only show text by default (so no HTML/JS/etc madness, no ads, no nothing, except what's absolutely necessary) 2) Your cookies are not shared with your web browser 3) Less chance to enter your Google password somewhere where it doesn't belong (various scam websites/DNS injection/etc) Oh, and make sure you use OAuth authentication in Thunderbird - but at least the first initial connection must be made with real Google servers ;-) It will protect you against rogue SSL certificates/MITM attacks.
        • You can also set your email client to delete the mail from the email server as soon as it's transferred to your local mail client. Your 'inbox' folder is on your own equipment and mail only sits on the public server long enough for your client to retrieve it.

          • by Anonymous Coward

            No, I don't believe that auto-delete-after-transfer prevents Google from retaining the email. Slashdot has previously reported on a legal case in which the defendant was charged based on deleted emails recovered (years later?) by the provider. That may or may not have been Google, sorry I don't remember better details.

            Also, even if the email really is permanently removed from existence, I would expect that any data (tracking, customization) was wrung from it before deletion. Why wouldn't they?

          • You can also set your email client to delete the mail from the email server as soon as it's transferred to your local mail client. Your 'inbox' folder is on your own equipment and mail only sits on the public server long enough for your client to retrieve it.

            But then you're trusting that "delete" actually removes the item rather than just sets a flag indicating the item should no longer be shown to you. My experience with Google calendars (which I've detailed on Slashdot before [slashdot.org]) lead me to believe that the latter is - or at a minimum was at one time - true.

            • That reminds me - I sorta promised swillden I'd test that to see if it's still happening. I guess I should really go do that...

    • by Burz ( 138833 )

      Using a POP3 client doesn't change the fact that Google is scanning your emails and associating the content with you in their advertising system.

    • by wbr1 ( 2538558 )
      Step one is useless. Whether you use an IMAP client or not, if its a google account, all inbound and outbound messages touch their servers, with id and authentication information. I use Gmail, but if you consider your data precious, using a mail client buys you no protection from the provider snooping. The only thing that can protect you is encryption or rolling your own server.
    • Ghostery [google.com] might be a good option if you disable the 2 Sharing options.
    • by Malc ( 1751 )

      Are you sure they're not using browser/device fingerprinting?
      https://panopticlick.eff.org/ [eff.org]

    • Isn't Google just going to scan through your mail before you download it? Even if your email ID isn't matching you name, I'd imagine most people are still easily identified by mail content.

  • by rmdingler ( 1955220 ) on Saturday October 22, 2016 @08:45AM (#53129493) Journal
    By and large, this opens up a larger revenue stream for Google with very little backlash from their users.

    It will be cussed and discussed on a few noble forums and everyone else will go on with their Facebook world, surrendering personal privacy for access to social media and the Google search engine.

    • Re: (Score:3, Insightful)

      by Anonymous Coward

      By and large, this opens up a larger revenue stream for Google with very little backlash from their users.

      It will be cussed and discussed on a few noble forums and everyone else will go on with their Facebook world, surrendering personal privacy for access to social media and the Google search engine.

      Keep that in mind every time you log into Slashdot.

      We live in an age where connecting points A1 - Z1,000,000 is easy to do. And with every business monetizing their users' data, privacy on the web is nonexistent. Why do you think just about every website out there wants you to create an account even though it's functionally unnecessary?

      And I'd like to point out that just think what Google would have done if Google Glass took off.

      This "Don't do Evil" lasts only long enough for their revenues to grow. When

      • by rmdingler ( 1955220 ) on Saturday October 22, 2016 @09:14AM (#53129601) Journal
        Keep that in mind every time you log into Slashdot. Et tu /.?

        While I suppose this is an argument for submitting anonymous content, I only run the risk of being hung for my own posting foolishness, while you could easily be mistaken for another coward.

        • Keep that in mind every time you log into Slashdot. Et tu /.?

          While I suppose this is an argument for submitting anonymous content, I only run the risk of being hung for my own posting foolishness, while you could easily be mistaken for another coward.

          Fifteen domains, including Google, are asking to run javascript on this page of slashdot.

          "Anonymous" is not a thing.

    • 'Not enough people care' because they've been indoctrinated and brainwashed by corporations and to a certain extent the government to believe that sharing your entire life with the world is normal and proper, and that not sharing every bloody thing with complete strangers is selfish and may be indicative of some sort of criminal activity or mental illness. Of course this is utter and complete bullshit, at around a certain age every child starts wanting privacy, and this is a perfectly natural and healthy pa
    • by Malc ( 1751 )

      I've been regularly getting the prompt from Google about their privacy settings that they show when you try to run a search. Every browser on a myriad of machines and VMs. This pop-up is really irritating because it takes some time to go through all the different options and install their opt-out plugin, etc. I'm sure they made this as onerous as possible to discourage people form opting out. My solution? I've stopped using Google for web searches. Really f****** annoying that I still have to go to th

      • On the one hand:

        Onerous as possible.

        On the other hand, the challenging nature of it certainly increased the resulting quality of the cull.

  • It looks like the best choice is to get non-targeted ads that will be dropped by the various ad-blockers.

  • by Anonymous Coward

    Anyone with even an ounce of cynicism has believed Google -- and everybody else -- was doing this same thing anyway. At least now they are officially on the record with it. Maybe it will finally catalyze some privacy legislation with teeth.

  • The data economy. (Score:3, Insightful)

    by Anonymous Coward on Saturday October 22, 2016 @08:47AM (#53129509)

    Why people are so stupid to understand that selling the user's data is the only working business model for free Internet services. User's data is the only asset they hold.

    It is so naive to assume that they would not sell anything for which there would be demand.

    • Re: (Score:2, Informative)

      free Internet services

      Google is number one ad selling platform on the Internet. They are also number one search engine with no competitors in sight (bing is pretty useless for anything peculiar/professional/serious, yandex' cache is very small, baidu is only meant for Chinese). They are raking in cash even without selling users' data.

      It's the "greed" economy, not "data" economy.

      • by thsths ( 31372 )

        Yes, and how much are users paying for the top search engine?

        Exactly. If you are not paying for it, chances are that you are the product.

    • by Rob Y. ( 110975 )

      Well, there *is* a difference between selling targeted ads based on the users' data vs selling the data - which Google still does not do. But I'll grant you this, the imperative of a public company is to keep the stock price growing - profit is almost beside the point, except as reflected in the stock price. That means that Google needs to constantly find new sources of revenue. I wish they'd get serious about building up their cloud hosting business and their corporate hosted application business. I do

    • I think many people understand it, they just don't care. They'd rather give up that info than pay.
    • You're right, it's the only business model if you don't pay. I'd be willing to pay (for at least some things) if I could be reasonably sure that means they don't sell my data. Alas, neither Google nor most web services that are usuarlly financed by ads and data have that option
  • by Anonymous Coward

    I'll wait and see until the dust settles and the "I knew it" paranoiacs get out of the way.

    However, I'm kind of sceptical about this kind of "the world is falling" article, since such an act would be particularly out of tune, considering google is already under intensifying scrutiny from all kinds of (not always reasonable) angles. Doing something like this, which would draw immense amounts of fire, particularly in the EU, doesn't just seem tone-deaf but outright stupid.

  • Complacency Broken (Score:4, Interesting)

    by organgtool ( 966989 ) on Saturday October 22, 2016 @09:11AM (#53129593)
    This is enough to break my complacency of using Google products. I already just finished uploading my files to a cloud server that I'm hosting as an alternative to Google Drive. Does anyone have any recommendations for Chromium-based browsers with optimized privacy and security such as SRWare Iron or Comodo Dragon? How about privacy-based secure e-mail services such as ProtonMail? My last steps will be to switch over to DuckDuckGo for default search and find a custom Android ROM that is frequently updated and allows lots of visual customization.
    • ... Does anyone have any recommendations for Chromium-based browsers with optimized privacy and security such as SRWare Iron or Comodo Dragon? How about privacy-based secure e-mail services such as ProtonMail?

      For those of you interested in data privacy and security but wanting a mainstream browser engine:
      https://iridiumbrowser.de/ [iridiumbrowser.de]
      It is based on Chromium but maintained by a group of German companies mainly making a business out of services around Open Source.

    • Comment removed based on user account deletion
    • by AHuxley ( 892839 )
      Anything in the USA falls under a NSL or PRISM like collection. For privacy-based secure e-mail services create your own one time pad. You won't get anonymity on any email product but the message will stay private.
      Don't create the plain text message on network facing computer and then encode.
      Other than that flood the privacy breaking brands with all the disinformation, random news, fiction, fun and unrelated creativity possible.
      Use their platforms to present any creative message or new product range
  • Well, it seems that Google is only going to become more and more evil from now on. It was a good ride while it lasted. We got more than most companies, a solid ten years of good service. But now, the new crop of executives is in place and to them, "don't be evil" sounds like the stupidest motto ever. The old internet culture of sharing and open source and being trustworthy...well it just has no place in today's Google. The new breed just doesn't get it, or understand why it's important. It can be enfo

    • by Khyber ( 864651 )

      I would have thought someone with your username and low UID would know how to run your own fucking mail server by now...

      • Six digits is a low number now? *boggle* Yeah, I don't run my own mail server because I got out of the computer industry. Today, if I need IT services done, I fucking hire someone and let them deal with the grief. Never again will I be paged at 3am because the fucking server is down.
        • by Trogre ( 513942 )

          Attitudes like that are precisely the reason we are having this conversation now.

          Let someone else deal with your data and just assume they're trustworthy.

    • Re: "Don't be evil" (Score:4, Informative)

      by Anonymous Coward on Saturday October 22, 2016 @09:27AM (#53129659)

      I use fastmail, you pay money, they provide email. Nice simple relationship

    • by wbr1 ( 2538558 )
      You can get Google Apps email fro 5 a month. /sarcasm
    • It's called the race to the bottom. The "don't be evil" motto was based on the idea that users would not just offer up their personal information without some proof that it would not be misused. It turns out this was not true. People will upload their most personal information (and that of their closest friends and even their children, which is even worse) for what amounts to services worth less than $100 a year. It's sickening.

      For personal email might suggest hover.com. But I think there are many se

    • I for one use https://mailbox.org/ [mailbox.org] , a privacy-oriented 1eur/mo service, with encryptable inbox, various security and privacy features, throw-away emails, cloud storage, etc Been using it for 6 months now, excellent service and no complaints. Together with https://ovpn.se/ [ovpn.se] and a variety of adblockers / private browsing, it is pretty nice :D
  • Do no evil? Must have been some other company named Google that promised that.
    • Yeah, I know Google never said that. They did, however, say Don't be evil. An person (entity) who is not evil can do evil. It's then just personal judgment of whether an evil act or two makes an entity evil or not.
  • What are the good, secure alternatives to gmail and yahoo mail? And no, I'm not going to setup my own server.

    • It doesn't have to be a huge global company. Check your area for local ISPs. They may offer email at a reasonable monthly rate.
    • I have had great luck with email hosting by 1and1. They are huge and based outside the USA, which is a plus these days too.

    • by lgw ( 121541 )

      Outlook.com is fine. MS may intend to harvest your personal data in some way, but they're not competent at it, so no harm done.

  • Android and all google services are nothing more than a huge surveillance system. We need to fork Android and make open source mobile phones asap.
    • I knew nothing about Android until I bought a tablet last week. I was hugely unimpressed with the level of blatant surveillance, and started looking for an alternative.

      I don't know enough about it yet to tell you for sure, but I think Cyanogenmod might be just the fork you're looking for.

    • You can use off-the-shelf Android hardware without ever logging into Google on it. There are alternative app stores out there, including the big one Amazon hosts.

      I am sure there is still plenty of Google survellience you are subjected to, but significantly less if you never, ever, log onto Google from your Android device.

  • Good thing (Score:4, Funny)

    by JustAnotherOldGuy ( 4145623 ) on Saturday October 22, 2016 @10:59AM (#53130071) Journal

    Good thing they're not being evil about it. *cough*

  • Isn't associating non-Google app and web site activity with Google information sort of necessary in order for Google Now and Google Home to work properly?

  • I doubt Google cares much about non-moble systems, why ? Because smartphones have GPS, are locked down and on all the time. Google can then determine were you are going, what stores, malls, events and sell that data for targeted adverts. It may even be possible to determine were you live. Also,I thought I read somewhere that some stores even track where you are walking and what shelves you linger at. This type of data is very valuable to Google.

    All one gets from a desktop or laptop is approx where you

    • Well, they already know where you live and they even tell you. The Google app in Android phones tells you where it thinks you live and work by analyzing where you spend most of the time.
  • ... because we - the FOSS experts - are sitting on our hands and asses.

    It takes a dedicated small crew of developers just a few weeks to develop a full-stack replacement of the E-Mail protocol and service, daemons and end user clients included. Fully encrypted, signed and 100% anonymised by default, with a distributed meta DNS to handle routing.

    Likewise replacing the web can't be that hard either. Sure there is rendering, but remove 2 decades worth of document markup and build a working alternative, removin

  • https://www.eff.org/privacybad... [eff.org] Better than nothing...
    • by Mal-2 ( 675116 )

      Privacy Badger will not be working with Pale Moon 27 because its underlying SDK is being removed from the code.

  • Maybe google can finally serve me a relevant ad *before* I've bought the product...

    Failing that; they could just email me and I'd tell them what I want to see ads about.

  • There was a big notice on my Google account, asking me permission to use my web browsing habits to server ads. I'm not sure how an Opt-In feature that interrupted my login to ask me specifically can, in any way, be described as 'quiet'.

"Why should we subsidize intellectual curiosity?" -Ronald Reagan

Working...