Should the FTC Investigate Google's Location Data Collection? (engadget.com) 110
An anonymous reader quotes a report from Engadget: In December of 2017, the office of U.S. Senator Richard Blumenthal sent Google's CEO a letter asking for a detailed explanation of the company's privacy practices around location services. Based on a report at Quartz, the senator's letter had 12 specific questions about how Google deals with location data. In January, Google responded to all of the issues in a lengthy letter signed by Google's VP of public policy, Susan Molinari. Now, apparently unsatisfied with the response, Senators Blumenthal and Edward J. Markey have sent a written request to the FTC to investigate Google's location services, along with "any deceptive acts and practices associated with the product."
While Google's initial response refuted many of the claims made by Quartz, and explained again and again how Google and Android handles sensitive location data, the letter to the FTC again uses the report as its main basis. The crux of the new letter appears to be this: "Google has an intimate understanding or personal lives as they watch their users seek the support of reproductive health services, engage in civic activities or attend places of religious worship," wrote the senators. All it takes to expose users to data collection, say the letter's authors, is to allow an "ambiguously described feature" once and then it is silently enabled across all signed-in devices without an expiration date.
While Google's initial response refuted many of the claims made by Quartz, and explained again and again how Google and Android handles sensitive location data, the letter to the FTC again uses the report as its main basis. The crux of the new letter appears to be this: "Google has an intimate understanding or personal lives as they watch their users seek the support of reproductive health services, engage in civic activities or attend places of religious worship," wrote the senators. All it takes to expose users to data collection, say the letter's authors, is to allow an "ambiguously described feature" once and then it is silently enabled across all signed-in devices without an expiration date.
Why single out Google? (Score:1)
Re: (Score:1)
They sort of have to. How else do you expect calls to be routed to you? Magic?
Re: (Score:3)
They sort of have to. How else do you expect calls to be routed to you? Magic?
Yes, obviously. Didn't you know modern cell phones operate almost exclusively on magic?
Re: (Score:3)
However traditional telecom systems are more regulated then tech companies. Which is part the reason why your Cell phone bill is so high. Not to be complaining about it, as some of the regulations are for our own protection. However it does raise the cost.
That is why VoiP is often cheaper. It isn't because of the technology (Which often can be scaled up for cheaper), but the amount of regulations involved to stay in business.
Tech Companies move faster then the law can adapt. Big ones like Google and Apple,
Re: (Score:2)
Re: (Score:2)
They sort of have to. How else do you expect calls to be routed to you? Magic?
They have to know where you are. They don't have to log the information.
Re: (Score:2)
Re: (Score:2)
What I find stupid about the E911 mandate is that nearly 20 years after they were first written into the law I STILL get asked where I'm calling from every time I call 911 from a cellphone. Most of the time I have zero clue what jurisdiction I'm in, I just give the highway and mile marker, something they should be able to easily get from a functioning E911 system without wasting time asking me.
Re: (Score:2)
No, they ask for what city I'm calling from so that they can direct me to the correct POP, something that should be obvious from the E911 data and which there's a maybe 5% chance that I know the answer to. Even when I'm near home there are 59 municipalities in my county alone, about 200 in the metroplex.
Re: (Score:2)
No, I call 911 whenever there is an accident on the freeway that is blocking traffic, because lots and lots of video evidence shows that many drivers are idiots and will drive into a stopped vehicle on the side of the road, let alone one in a travel lane.
Re: (Score:1)
I guess you guys didn't read this article: https://www.nytimes.com/2018/05/10/technology/cellphone-tracking-law-enforcement.html
Basically cellphone companies are giving away your location data to the highest bidder without a warrant.
So while Facebook gets caught giving information away to Cambridge Analytica, the cellphone companies are doing the same on the same pretense that it will only be used for legitimate purposes. I would say that is relevant.
Re: (Score:2)
Do pager companies have to track pagers?
Save you the time. The answer is no. Next question. Did the pager companies master magic?
Re: (Score:2)
its the most obvious target.. the laws enacted will be unilateral and will apply to any company, now or in the future. Companies that specialize in selling your private info to target you for advertising have the least need but commit the most intrusion.
Re: (Score:2)
Yes - I am sure most people would rather pay google 20 a month for search/email/maps etc.
People prefer and choose google's business model. There is nothing fundamentally evil about it.
Re: (Score:1)
Yes and so does a landline phone company. It’s basically a requirement to deliver calls.
This needs to happen NOW (Score:5, Insightful)
As a long-time supporter of FOSS, EFF, Copyleft and essentially open access this has gone beyond mere 'best practices' and humanitarianism
Nobody, not a government or a private enterprise, can be trusted with private proprietorship of this much data at this level of detail.
The problem is neural networks, turning subjectivity into objectivity, and the unreliability of the source data. Whoever controls the data can use it for any purpose, and there is such a massive capability and potential for misuse, especially of human trust networks, that there simply is no acceptable level of trust.
All human governments and economic systems rely on trust. Before social media, social trust networks were the foundation of all government. Who do you know? Who knows you? When the answer is whoever has the data plus a few (maybe a couple of dozen) close family and associates, then the system is broken.
Most people can't possibly cover anywhere near the number of social connections that a single-process home computer can cover. My lab can millions of processes with petabytes of data and more than a TB of network pipe. That's a fairly good lab, but there are far better out there. With the right kinds of data, I can manipulate society like it's my own personal sandbox.
Without protections on the data, there is no way to detect, verify or validate who is doing what with it. One good person might be fine, but what happens when they die and someone else gets it? There just isn't any reliable assurance that it won't be misused, while history teaches us that it invariably will be misused by someone given opportunity.
Some kind of national infrastructure and protection must be placed around this level of power. It's not like nukes, you can't guarantee it won't fall into the wrong hands with traditional protection measures. Security has limitations... There is no other choice.
Re:This needs to happen NOW (Score:4, Interesting)
maybe society needs to spawn a anarchist hacking group. Instead of taking down these places, as they always have backups for their backups, maybe it should pollute it with so much false data that the entire data itself is no longer considered reliable. Make it appear you were in 3 places at once and take trips 50x more per day than you actually do. Make the data so unreliable and untrustworthy that advertisers stop spending money on what they perceive as 'snake oil' once word spreads on how unreliable it is. Why pay for a targeted ad when your likely to be sending some 80yr old man an advertisement on tampons when its cheaper and easier to just blast the tampon commercial to everyone and hope someone who needs them is watching.
Re: (Score:3)
Since this is getting modded up, I should point out the flaws:
The move by FCC Chairman Ajit Pai was mostly in order to control *validation* not information source. Those with the wealth, infrastructure and motivation to control opinion aren't blind to disinformation, they are masters of it. By channeling sourcing to a small subset of the internet and then giving these sanctioned-sources the official blessing from controlled interests they hope to be able to regulate *social trust*. This is a key point in
Re: (Score:2)
Next there is the philosophical reason: technology isn't bad, it is merely a tool. The tool can be used for great public good, or great public harm.
I tend to adhere to the idea that "Any government big enough to give you everything you want is big enough to take everything you have". Unless government positions were appointed like jury duty, with constant turnover, I will never believe the government will behave altruisticly, or that its officials will not behave badly in order to gain more power. The power that location tracking represents is too significant for any organization to be trusted. The potential abuse is so significant I really doubt anyon
Re: The movement has already failed. (Score:2)
American software industry nominal pay rates have been stagnant for over a decade, while cost of living exploded.
That's why smart young men no longer go into software.
Yet another way the Chinese are beating us at absolutely everything.
Re: (Score:1)
Re: (Score:3)
not just once, as someone pointed out that trying to avoid detection directly will make you stick out. Instead how about other devices that feed false information simultaneously and more regularly than reality. Say that at any given time you appear to be taking 3 trips to and from 3 different locations and with such frequency that it dwarfs reality significantly. Perhaps even randomize the number of simultaneous feeds to prevent basic process of elimination. But this would need to happen on a scale that at
Re: (Score:2)
not just once, as someone pointed out that trying to avoid detection directly will make you stick out. Instead how about other devices that feed false information simultaneously and more regularly than reality. Say that at any given time you appear to be taking 3 trips to and from 3 different locations and with such frequency that it dwarfs reality significantly. Perhaps even randomize the number of simultaneous feeds to prevent basic process of elimination. But this would need to happen on a scale that at least 70% of the population did this, or, at least, had their data altered, in order to make the entire database of information substantially worthless.
But that will get you banned from Pokemon GO.
Re: (Score:2)
With the right kinds of data, I can manipulate society like it's my own personal sandbox.
I don't disagree with you about the need for protections, but what interests me is that they didn't. Or couldn't.
Google, Facebook, etc. are clearly on the left of American politics. And they were not shy about trying to use their influence and power, to manipulate society.
Yet it clearly didn't work, this past pres election, and no, it wasn't thwarted by a few Russian tech bros with a small wallet. Rather, a growing number of people were catching on that they were being herded and manipulated. And they did
Re:This needs to happen NOW (Score:4, Interesting)
Research doesn't agree with anything you said here. Google and Amazon weren't doing politics in 2016, just marketing and research. The few people calling out astroturfing were effectively powerless. Facebook wasn't even really fully aware of what CA was doing, they were focused on earnings alone. They took the money without really asking questions. That was their clearly documented corporate policy handed down from the execs, and there is a mountain of evidence that ignorance and incompetence, not malice, are the problem with Facebook.
The problem is largely that nobody *with the power to effect change* took the threats seriously if they were even aware of them at all.
Re: (Score:1)
Google and Amazon weren't doing politics in 2016, just marketing and research.
Of course they were. Further, the person you replied to talked about Google and Facebook, not Google and Amazon. Why did you switch them?
Facebook wasn't even really fully aware of what CA was doing, they were focused on earnings alone.
Of course they were aware. Just as when they were aware what Obama was doing with the data during the 2016 election.
there is a mountain of evidence that ignorance and incompetence, not malice, are the problem with Facebook.
No, there isn't. Facebook is trying to play dumb here, but their entire business model is selling user data. To that end they must understand what customers want from user data and how they intend to use user data. They must understand what they can leg
Re: (Score:2)
"Nobody, not a government or a private enterprise, can be trusted with private proprietorship of this much data at this level of detail." and "The problem is neural networks, turning subjectivity into objectivity, and the unreliability of the source data."
First problem, Google wasn't storing the data despite how hard the article attempts to imply it.
Second problem, the "level of detail" is pretty damned coarse and your cellular service providers have been selling that very data to the government with li
Re: (Score:2)
Training sets not being shared makes the results non-verifiable and manipulation virtually undetectable.
Not all NNs produce accuracy that can be verified easily. Lots of them produce inferences for researchers, especially social and political science research.
Peer reviewers do not typically get access to the source data, merely the sorting equations and algorithm detail.
Re: (Score:3)
one more thing... saying that Google wasn't storing the data is provably untrue. Mobile games like Pokemon Go and Ingress are based on cellular tracking data. Google maps stores location history and you can see it in your review recommendations and account history. The two data sets can be merged to recreate the data Google claims not to store.
Re: This needs to happen NOW (Score:2)
Neural nets identify patterns. Sometimes they identify bird and dog faces where there are no birds or dogs.
We are still a LONG way from a neural net providing anything approaching objective truth out of masses of subjective data.
Re: (Score:2)
I run into this a great deal, even from people who are otherwise technically sophisticated.
Here are some things to let you learn for yourself just what is and is not possible:
* https://www.ibm.com/watson/dev... [ibm.com]
* https://www.ibm.com/watson/ser... [ibm.com]
* https://www.safaribooksonline.... [safaribooksonline.com]
* http://devarea.com/machine-lea... [devarea.com]
* https://ai.google/research/pub... [ai.google]
In short, I can track real-time recombinant memetics geographically now. I'm trying to get permission from my employer to publish some animations I've been worki
Wait till autonomous cars (Score:5, Interesting)
My biggest concerns over companies like Facebook, Google, and Apple developing autonomous cars is not whether they can make them safe. Eventually I know that they will be safe. One concern is that these people will collect data non-stop about where I am going and how long I stay. I considered this picking up my daughter from school to take her to her pediatrician, specifically that its really none of their damn business that I did such a thing. That led me to my second concern for these 3 companies developing autonomous vehicles. Imagine every damn time you drive past a BugerKing or Wendy's having to suffer a damn commercial or have the car offer to stop because a Whopper is only $3 this week. Non-stop, never-ending barrage of advertisements. Think back to the scene in Minority Report when Tom Cruise's character had eye replacement surgery, replacing his eyes with a japanese businessman. It was more noticeable the second he walked near any store, how every single ad started addressing him by his stolen identity. The two technologies that ad-based companies should be forbidden from developing based on privacy concerns should be
1) any location based technology that requires knowing where you are to function (maps, gps, autonomous cars, etc)
2) any technology that specializes in identification (facial recognition, biometrics, retina identity, etc.)
Re: Wait till autonomous cars (Score:2)
Remove the wifi from your car. Problem solved.
Re: (Score:2)
i have a strong suspicion that the future of autonomous driving is going to be dependent on the evolution of something similar to the solar roadway project since that not only converts energy but also creates a communication network and very specific location markers. The cars will likely be required to be able to communicate with each-other in order to streamline traffic and avoid accidents. Removing network communication and gps would render the car inert. I am more in favor of a company developing the te
Re: (Score:2)
Imagine every damn time you drive past a BugerKing or Wendy's having to suffer a damn commercial or have the car offer to stop because a Whopper is only $3 this week.
Google already does this in Android. There's several "features" that enable this bullshit.
2 or 3 are buried in the Google Maps settings, and the others are related to network settings (such as Bluetooth beacons).
If you've got an Android device in the default config and you walk around your typical shopping area you'll get popup ads ("toast notifications") for things that are near you. You'll also get notifications for suggested "moments" or whatever they call it in Google Maps (ads) asking you to check o
Donate to the EFF (Score:1)
Often when you read about what the Electronic Frontier Foundation is doing you may think you should be helping them somehow, but don't want to actually directly donate money.
By using smile.amazon.com (if you shop there) you can donate every time you make a purchase. I highly recommend it.
The FTC Should Investigate Facebook's Location ... (Score:2)
Yes.
But start with Facebook. I'm sure Google grabs just as much if not more information, but Facebook seems to be more creepy in how they use it. Google doesn't bother me yet, but I won't install any Facebook apps on my phone.
Re: (Score:2)
during the Obummer presidency, Google's Director of Public Policy, Johanna Shelton, had more visits to the whitehouse than Facebook, Comcast, Oracle, ATT, and Verizon combined. That should tell you something creepy is going on. To put this in perspective, from 2009 - 2015 she was in the logs as visiting the white house 128 times.
Shelton's visits were just the tip of the iceberg. The Google Transparency Project found a total of 427 White House meetings involving employees of Google or related firms — m
Absolutely (Score:5, Insightful)
Re: (Score:2)
What if WANT Google to have my location? (Score:3)
I am aware of all (or at least countless) risks involved. Even if I don't and didn't have anything to hide I've been sending PGP encrypted emails since more than 20 years. And I stopped doing so for more than 20 years. I lived for half my life in a dictatorship where you could "go away" and never been heard of for less than 5 words said to the wrong person. I am in no way naive or uninformed, I've been following up on security (not only computing security), privacy, heavy handed governments and so on; this is not something you can turn off.
BUT I'm happy with Google having my location. All the time, the more precise the better (well, preferably without killing my battery). I tried to do it myself and keep a GPS log since 2006 or so. I was having a GPS with me with multiple batteries that I would replace over the day but of course I couldn't do it very often, it had to be only on special occasions.
It was very painful to melt tons and tons of files (I still have them) and in the end rather pointless. I managed (barely) to find a perl script that would at least tag my pictures with their location but there is no good software to manage the pics (if you have a lot of them, not only a small folder), even if they have proper GPS tags. Google Photos (yes, I give them my pictures too) finds places where I've been instantly. It even finds them if the pics are coming from non-GPS cameras, by correlating the location from the phone (the same thing I've been doing very painfully back in 2006-2007). Google Timeline (including the decent mobile version from Google Maps) helped me find again places I didn't know in advance I had to bookmark and once even answered the question "I know what you did last night" - because I DIDN'T (no joke, years ago I remember an article, most likely on slashdot too, that was half-jokingly saying google can tell where you've been last night if you can't remember - and that came in hand this Christmas...).
Funny thing is EU used to (for more than one decade if I remember correctly) force mobile providers to keep your metadata (including the location, albeit not as precise as Google does it now, but those were other times) for at least 6-24 months (at least, without any obligation to age it off). And make it available to the state when needed of course. Everything at your expense of course (as part of your mobile contract). And -here's the kicker- YOU COULDN'T GET THIS DATA. Even if you went to Vodafone and said: ok, I pay you already to store all my shit for at least 24 months, what about letting me have it too? I can pay extra for your trouble, how about that? Nope, no option. At least with Google you can download it via Takeout and use it how you like it and you can use it in the built-in Google Maps/Timeline and Photos too.
YES, I wouldn't give my mother or my significant other access to my timeline. But I'm happy with Google having it. Yes, I understand the risks and I understand there are meta-risks I can't even imagine now. But this is a risk I'm willing to take. And I'll be really, really pissed if the government comes and says I can't just tick a box and agree that Google tracks me, as much and as accurately as technically feasible.
Re: (Score:2)
YES, it is opt in. Without giving explicit permission not even Google Maps (the default navigation app on your phone, at least for those related to Google's ecosystem) would access your location, not even once. Storing your location is again a different step in the wizard (separated from accessing it in the first place). If anything there's TO MUCH opt in but hey, you asked for it!
Now let's say they "trick you" this way and you opt in to something you didn't want to, just because you like to opt in to every
Re: Opt In (Score:2)
#GoogleShill
Re: (Score:1)
Re: (Score:2)
Or he considered the all the advantaages he gets from google collecting and managing his own data for him in an interesting manner, and then weighs that against google selling that data for advertisements, and decided it was worth it. You know, like a rational adult would think through anything.
I don’t see how anyone could make such an “adult” decisions seeing as no one can foresee in what ways that data may be used against them in the long run. Sure you could imagine most ways, but who knows what life events will occur that could make that data harmful to the GP? What if he angered that authoritative regime from his old country and they hacked Google’s server and used that data to harm him or his family? I am sure he would totally think it was worth having his photos aut
Re: (Score:2)
You can't foresee what would happen if you go to the bakery. You might have an accident and lose an eye or a leg or your life. Or you can find the love of your life. Or the one that would "peck your soul out". It's called life. It's my decision. I don't worry about google having my shit. It's enough to be worried about insecticides, pesticides, food additives, carcinogens, worried about radon gas, worried about asbestos, worried about saving endangered species.
Re: (Score:2)
You can't foresee what would happen if you go to the bakery. You might have an accident and lose an eye or a leg or your life. Or you can find the love of your life. Or the one that would "peck your soul out". It's called life. It's my decision. I don't worry about google having my shit. It's enough to be worried about insecticides, pesticides, food additives, carcinogens, worried about radon gas, worried about asbestos, worried about saving endangered species.
Well of course you cannot. There are only two guarantees in life: death and taxes. But there is a huge difference between a random chance event at a bakery and the irrevocable loss of privacy that comes from Google sucking up all that data about you. One is an instantaneous moment that will come and go. The other never disappears. And therein lies the problem. You may someday wish that Google did not know so much about you but you will have no way to undo that. If you want the bakery to stop knowing
Re: (Score:2)
Actually I wanted to post explicitly that I wouldn't give my location history to my employer but I was thinking it went without saying if I said I don't want my mother or spouse to have it. So yes, if Google/Alphabet was my employer I would most likely NOT have my location (or email or pics or documents or anything) stored with them. ... you must be VERY naive if you think storing MY location would influence either way the share price.
As for having shares
No, and Quartz should be ashamed of this hit piece (Score:2)
The article published by Quartz was irresponsible fear mongering. They did exactly zero research on this story aside from apparently hassling a Google employee about the practice. One would think they could have at least asked the person who supplied them with their screenshot what they thought the software was doing, but instead chose to take a Mulligan with: "It is not clear how cell-tower addresses, transmitted as a data string that identifies a specific cell tower, could have been used to improve mess
Re: (Score:2)
The problem? Cell phones don't use multiple towers at the same time and that would be required for the triangulation the article mentions to take place.
HTH, HAND [wikipedia.org]
Re: (Score:2)
obviously someone unaware of reality since you want to assume that trump would be the one bribed.. your former manchurian candidate was in bed with them non-stop. If anyone would have an axe to grind it would be someone who perceived he was cast in a bad light by google.
http://www.googletransparencyp... [googletran...roject.org]
Re: (Score:2)
For the record I never whined about MS being sued, and as a libertarian, I never voted for bush. MS was the first, and should not to be forgotten, evil empire. since then many more evil empires have arisen to dwarf MS. MS' biggest revenue stream is that of being a patent troll over bullshit patent infringement claims toward Android, to which are merely paid only because Samsung found it a cheaper alternative than proving MS was full of shit. However MS has re-emerged with their new Pro-AI campaign. Given t
550 MBs uploaded without data plan (Score:2)
Looking at my pay as you go phone (Moto E), on Fido in Canada without any data, I've used 667 MBs this month (no idea when the month started) with 549 Mbs used by Googles Play Services.
This is creepy and if I was paying for data, expensive as Canada has even more expensive data then everyone else. I'd guess a lot of this is location data.
Sort Of Outside Proper Process. (Score:2)
Re: Sort Of Outside Proper Process. (Score:2)
Do you suffer from Trump Derangement Syndrome (TDS)? Do thoughts of Donald Trump fill your every waking moment, and often intrude on your sleep? Are you unable to resist mentioning President Trump unrelated conversations?
At last there is help! New Donaldizole has been proven safe and clinically effective at treating TDS.
Side effects include deplorability, reduced capacity for self-deception, war weariness, and raging diarrhea.
Ask your doctor about new Donaldizole, and get help today!
Re: (Score:2)
Re: (Score:2)
Re: Sort Of Outside Proper Process. (Score:2)
Duuuuuuude - calm down, remember to breathe.
Uh-oh, it looks like you got so excited that you soiled your pants! Better go get changed...
Irony... (Score:1)
Re: (Score:1)
Re: Shame on Prince Harry (Score:3)
Why do you care who a living tourist attraction / inbred upper class twit marries?