I scanned this essay for the inevitable "there is more work to be done" line. This time it's "we know our work here is never done, and we want to do more to stay ahead of user expectations."
Every controversial company seems to have one. For Twitter, it's "we're so sorry, we know we've let the community down, and we promise to do better in the future"
This I/O was all about On-Device ML. As ML chips get more powerful, a lot of these cool features that were only possible on the cloud will be moving to the device, lowering latency and working in poor network conditions. Google's use of Federated Learning is interesting too.
Yet they will all call home tracking your every action in an aggregate. So Google and co. can plausibly deny having direct data - except they wrote the ML algorithm to be useful for the purposes they want so who knows how recoverable real data is.
I suggest that Google's dependency on knowing everything about you puts them in a completely existential crisis with respect to privacy - your data is in their DNA, there's just too much at stake.
MS and Apple can be far more aggressive in this regard because they simply don't really need your data in the same way to make money.
And why is it that we all trust Google is unhackable? I won't be shocked if someday a torrent turns up with billions of private Gmail messages and user search history records.
"Equifax was founded by Cator and Guy Woolford in Atlanta, Georgia, as Retail Credit Company in 1899"
And the thing is that most people would never knowingly make the privacy vs utility trade-off. The risk (that the entire world gain access to one's search history) is not in the best interest of most users. Personalized search does not provide that much added value.
Ironic that you should bring Equifax up since they would literally sell everything they had on you to anyone who could pay until Congress stomped on them with the FCRA. If you thought they were ever a good steward of your data you weren't paying attention.
Equifax is in the business of selling data. I will grant you that's a good point. I suppose the issue now boils down to whether 20 years is a long time or not. I don't think it is, but I don't see a conclusive way to argue either side of that. I'm not sure how to continue at this point :)
I guess all I can do is say that 20 years of good behavior is enough to convince the state to release you for first degree murder, and most people seem to feel ok about that. I'd suggest that most people probably don't know their spouses or best friends for 20 years before trusting them, either. And you could declare bankruptcy twice in that time and still have pretty good credit. So as a society we seem to have accepted that 20 years is actually a pretty long track record. Not sure why our standards for infosec should be higher than any of those things.
There's been no widescale mass comprehensive breach of Google yet, that we are aware of. But that may simply be a matter of luck and time.
Google have said Gmail users should not expect privacy:
People sending email to any of Google's 425 million Gmail users have no "reasonable expectation" that their communications are confidential, the internet giant has said in a court filing.
And, though I cannot find a link presently, in the wake of the Snowden revelations, Google employees told the Guardian that integrity of Gmail and associated Google accounts (and they are all associated) could not be assured. Probably 2013-2014 timeframe.
At Google scale, and given the proved consequences, that's really not the case.
There was plenty in, e.g., the Podesta, Powell, and related hacks, to suggest at the least suspicion. The fact that single-password hacking is a keys-to-the-kingdom event is itself a major flaw. And it's not as if phishing is a new attack vector, the concept dates to at least the 1980s.
And also, Google have changed internal proceses in consequence. But a massive blame component absolutely falls squarely on Google.
There were and are mechanisms Google could implement (and to some extent has) to reduce the attack surface further.
Encrypting contents and doing so independently of access is probably the most significant. Google does not do this, and in fairness, no other major player, not even Protonmail, does this, at least not by default. The problem is hard, it intoduces inconveniences. It is not impossible. Lack of the feature has cost Google users, a small but aware and technical cohort, myself included.
(Protonmail's encryption prevents static-storage-on-disk attacks, including subpoena and insider access, but password compromise remains an extant risk. bI no principally use Protonmail.)
Patterns-of-use fingerprinting (which Google does), app-specific passwords for non-Web access (ditto), special attention to politically exposed persons (PEPs), and exceptional internal access and process controls, yes.
But the mass-sweep attack appears still viable through multiple potental vectors, stream, static, and dynamic (programmatic).
If the considerable part of consumers would stop using Google Search, Chrome, Android and other Google products due the privacy concerns, that would be a problem for Google - not an existential crisis, but a problem indeed. But we are nowhere near this imaginary scenario.
Good point, but Netflix for example is really not very invasive in terms of privacy. iTunes has not been really a problem for example, any more so than another e-commerce entity.
Search, e-mail, social - particularly as they relate to ads - this will be the problem.
This is pretty much the same tactic finance companies are using to stem the growing political fallout. First get in front of it by acknowledging the problem, then explain how you're not part of the problem, and most importantly, outsource the solution to "legislation".
Don't we want companies to outsource the solution to legislation? I'd rather have Congress than Google be in charge of deciding how much privacy everyone deserves.
Legislation and legislatures have already been in charge of your privacy, Google is just acknowledging that they have no interest in coming up with any real solutions that limit profitability.
They're agreeing with you in this step of the PR dance, then after the heavy lobbying they're already administering, they will attempt to de-fang any potential privacy legislation, then point out government incompetence while calling for a right to self-regulate.
Legislation is reactive rather than proactive, slow in its reaction, easily corrupted by lobbyists, and likely contains loopholes anyway. Not to mention that competent regulation acts as a barrier to entry for competitors.
> Don't we want companies to outsource the solution to legislation? I'd rather have Congress than Google be in charge of deciding how much privacy everyone deserves.
Until the legislation is written by the industry and doesn't rein them in one bit but imposes large compliance burdens on smaller competitors and further entrenches the incumbents.
The actual solution isn't corporations or governments, it's people being in control of their own stuff. Google and Facebook can't invade your privacy if your data is on your own device and not their servers.
What does "people being in control of their own stuff" even mean? Right now, people are in control and they choose to use software that is convenient for them, which happens to upload their data to the cloud. How do you force people to use software that doesn't do this?
It's also unclear whether in practice people being in control over their devices better protects the users - back when that was the case, malware was a bigger problem than it is now.
People don't choose to notify facebook that they're visiting a website that has a like button, the don't choose to let google track them across devices. Most tracking happens without any sort of awareness from users.
They choose to use websites and software, whose developers in turn choose to send usage data to third parties. Trust in this sense is necessarily transitive. In a complex world with long supply chains, almost everything works that way - I don't get to choose every ingredient in a restaurant meal either. Either way, the point is that users do have control today and that they use this control to maximize convenience at the expense of privacy. Thus the idea that "people being in control of their own stuff" will help is kind of meaningless - they are already in control. Even choosing not to be informed is a choice - people are not informed because consequences so far have been minimal relative to other threats in their lives.
My estimate is that nearly all negative consequences of lack of privacy on the internet have not been due to any sort of nefarious tracking and data gathering on the part of tech companies, but due to people voluntarily sharing information about themselves and those close to them and using various apps as intended. There's a lot of paranoia about how much data is out there, but I can't think of really any major consequences, especially given how pervasive this is all supposed to be. Meanwhile, people getting in trouble due to information they voluntarily shared is extremely common.
> They choose to use websites and software, whose developers in turn choose to send usage data to third parties.
Even that incredibly low bar isn't cleared. When you visit a random web site you get tracked by google/facebook before you can be aware that this site is sending your information to them, clicking a link does not imply trust or consent.
How is that bar not cleared? You have a choice as to which websites to visit and the website developer has a choice as to which third-party pixels are included.
I don't have an informed choice until after I visit the website. Even then it's only an informed choice because I'm a developer and know what's going on under the hood.
> What does "people being in control of their own stuff" even mean?
It means that Facebook et al don't have it to begin with.
> How do you force people to use software that doesn't do this?
Why do you have to force people to do anything? That conclusion requires some major cognitive dissonance.
There are two options here. One is that people are rational in not caring, and in that case there is no problem and nothing needs to be changed, so what are you complaining about? But let's suppose that's not it.
Then it's that privacy is important and people should care about it but they don't understand, in which case you don't have to force them to do anything, all you need is for them to learn what is happening and why they should care about it. It requires information, not regulations.
You can't regulate a fox in a henhouse, you can only teach the farmers why fences are important before they learn it for themselves.
> It's also unclear whether in practice people being in control over their devices better protects the users - back when that was the case, malware was a bigger problem than it is now.
We need to give all our data to Facebook because malware? How does that prevent malware at all? What is Facebook's server going to do that your phone couldn't do for itself?
"But malware" it seems is the new "but terrorism" or "think of the children" as a generic excuse for every authoritarian policy in the book.
So what do you mean by "people being in control of their own stuff" - why even bother talking about something that will never happen? I mean other than maybe Richard Stallman, who even does anything remotely close to this?
Wrt: malware, what's definitely helped here is that people spend more time on centralized platforms that are able to tackle problems at the source, as opposed to visiting random unsafe websites and downloading random software. Likewise, telemetry in OS almost certainly helps greatly in fighting malware. Centralization in terms of both data and usage helps greatly.
I know how much privacy I want, and I take the appropriate steps to get it, even if that means not using otherwise convenient services. The question is how much privacy people should get even if they don't care or think about it.
This NYT 'opinion' piece is a textbook piece of public relations writing, perfectly pitched and complete with interesting illustration of 'the author' looking earnest...
Yes it's lip service but this whole narrative about online/digital privacy was seize on by traditional media to bash tech companies while driving traffic to their properties. It also gives some academics and "experts" an outlet to promote their books.
You have the right to choose not be watched while you're going to the bathroom but the whole online privacy "controversy" is a means by which foreign countries and other interested parties try to justify stifling US tech companies it's also more nonsense for the self appointed "elites" to philosophise over and pretend to know what's best for society, regular people don't care about it nor should they.
>the whole online privacy "controversy" is a means by which foreign countries and other interested parties are using to try and justify stifling US tech companies
Do you have a source? Would like to read up on this.
Never listen to experts! They think they can advise us on what to do, just because they happen to have deep knowledge and relevant experience with the issues at hand. How arrogant of them! </sarcasm>
Just like there's a difference between a month old account defending the tech behemoths with dubious claims and a real argument. We can figure the difference by ourselves no worries.
> this whole narrative about online/digital privacy was seize on by traditional media to bash tech companies while driving traffic to their properties. It also gives some academics and "experts" an outlet to promote their books.
[...]
> regular people don't care about it
Who's buying the books and visiting traditional media properties then?
Fair point, but there are lots of reasons to skim an article and not every academic is getting rich off of hawking their books, sometimes it's an excuse to talk about their publishings, and one could get consulting gigs out of the attention.
The masses though, they don't care:
"Facebook users care less about privacy than regulators"
If you have a Google account, it might not be such a bad idea to check on it occasionally and make sure there's nothing turned on that you want to be turned off or deleted? (In particular, connections to other apps that you might have forgotten about.)
Way back when, I had two Android phones and really liked them. I switched to Apple phone, tablet, and watch because of privacy.
The title is a little strange, almost like saying you don’t need those luxury Apple devices to get privacy, but that is wrong. For the mass market, I think Apple is the company that is least bad on privacy. I use some Google services like GSuite, Play Books, and Play Movies heavily but I cringe a little.
Not counting GCP, just consumer offerings: if Apple provided a good email service that supported custom domains, I would just use them for everything except deployment platforms like GCP and AWS.
> For the mass market, I think Apple is the company that is least bad on privacy.
You've fallen for an audaciously mendacious marketing campaign. Try developing an app for your iDevice without telling Apple who you are or where you live. The only way to do so is to set up a shell corporation. Try setting a map application that works completely offline as your default street address handler. Impossible on iOS. Try getting your location without telling Apple where your device is. Also impossible. (Not sending your location to Google is not only possible but the default on even Google-flavored Android devices.) That's just the tip of the iceberg. Even better, Android lets you set up multiple users on a single device and easily switch between them to sandbox your private apps from your "get things done" apps.
> if Apple provided a good email service that supported custom domains, I would just use them for everything
Even assuming that Apple's marketing were true, how does this make sense? Email servers are supposed to store all your mail to make it easily searchable across all your devices. At the point a service is storing all your mail and making it searchable, its privacy implications exactly match Gmail's (but are worse than Gmail's for users in China).
I made the Android - Apple jump for the same reason four years back. Indeed I was so happy with Apple's privacy features and their business model in general. I did miss the tight integration of Google Maps and mail but felt justified for the privacy gains.
Then their growth started to slow so they jacked their prices to ten Benjamins, when really good Android phones cost half that. I really had to evaluate how much I valued my privacy from Google in particular, and it didn't feel like worth 500 every two years. Important point being compromising with my data with just Google and blocking all the other companies (Facebook, etc). Google while it's collecting a metric fuckton of data about me, seems to be a lot more transparent about it and gives clear ways to clean my slate. Also doesn't look like it shares it with any other partners. So I just figured I'll stop paying the apple tax for now, and reevaluate later if the situation changes.
If you cringe a little you're really almost-acknowledging that you haven't /really/ done anything for your privacy. Maybe using Apple products is a bit of g33k virtue-signaling?
>I think Apple is the company that is least bad on privacy.
We have no lasting friends, no lasting enemies, only lasting interests. - Someone.
I trust Apple not because of my optimism that they will do good, I trust them because of my pessimistic view ( Comparatively Speaking , it seems every negative thoughts in Silicon Valley are considered as pessimistic )that everyone has an interest, and it is Apple's interest to sell me expensive ( comparatively ) devices and Services while making a profits, and not selling product and services and zero net margin subsidiser by selling my Data.
This is just a response to the ScreenTime piece that ABC and Dianne Sawyer just put out. Really great watch but it did make Google look bad (and Apple pretty good).
Says ceo of a company who’s business model is predicated in tracking people.
Much like facebook’s idea of privacy, they are conflating your actual privacy with themselves not selling your raw data. Eg. Just because they track you, and have access to all your data, doesn’t mean they’re violating your privacy - the line only occurs if they sell that information directly.
There business model is not predicated on tracking people. That's Facebook and Google tried to copy them. Their model is based on data mining. They belive lots of insights are available then. And a better product can be made available then.
I think what he meant was that Google's methodology prioritizes in anonymizing their data in the pipeline as to not to link it with any specific individuals, as opposed to Facebook's data which is often directly tied to a person. This makes sense because Google is all about Search so it really depends on keywords popularity where Facebook Ads can target very specific individual groups down to their interests.
If we believed in Eric Schmidt's prediction that future internet is going to be split into two halfs where one is controlled by China and the other by the US, and since China is restricting privacy and increase surveillance then the only sensible direction the U.S should adapt is by embracing the opposite values and promoting digital privacy. Those who place importance on these values will naturally follow their path.
There is definitely some distinction to be made between Google's and Facebook's approaches to privacy, but data anonymization is a more of a PR technique than a privacy one. It can be done if you accept that you may lose nearly all of the valuable structure in the data, but that is always going to be a hard sell.
Recently there has been a lot of discussion in Sweden (maybe elsewhere too) about anonymized mobile phone location data that is sold online. In that case "data anonymization" usually meant swapping out personal identifiers for some token. If that was the only information you had you'd be more or less fine, but what if you have access to some correlated side-channel information that IS personally linked? In the location data example, just combining with publicly available home address data is enough to de-anonymize nearly every person in the dataset (i.e. where does anonymous token X go every night and leave every morning?).
This problem emerges very quickly as soon as you start linking together multiple pieces of anonymized data (or just sampling the data with high enough resolution). The only real virtue of data anonymization is that it prevents casual snooping by the people that work with the data.
I'm not sure why everyone here is so concerned about the fact Google collects data, but doesn't actually sell it? Google might connect ads and your data anonymously, or use algorithms applied to your data for their services, but they've never been shown to actually give your data to anyone, nor to abuse it in any way.
Compare this to how lazy other companies have been with data breaches (Apple, Sony, Equifax, a ton of others), or companies that will actually sell your data (phone providers, credit card providers, various discount cards, etc..), I don't see why Google is always targeted.
When I had a Hotmail account back in the day, it got hacked (and I've always had strong passwords). Gmail has never been hacked. Windows has ads and spyware throughout Windows 10, Google shows you ads when you search for something. Yet MS gets a pass these days, people forget about Apple's weak account security in the past not to mention apps abusing permissions, but Google is constantly demonised.
I don't get it. Of all the tech products I've had over the years, the Google ones have been the best, the most secure, the most useful. They collect more data, but as far as I've seen, they also protect it the most.
I was in the same boat as you. Loved Android, didn't mind sharing all my data with Google. Worked with startup colleagues on google cloud.
And then came Google ban bots. 24 hours ago they deleted one of my friend's account because of a keyword picked up in his reviews on app store (Apparently the bot thought he was being compensated for reviews which goes against their TOS), some of gsuite users had all accounts frozen and everything deleted because one of their dev had multi-login.
Some were suspended for credit card denials in their billing (falls under financial fraud). Then "Youtube heroes" where people could flag each others videos.
I really wanted to try out their new ML products but the console is insisting on me adding my credit card and I am so paranoid about getting my account blocked/deleted by Google if for any reason the credit card charge is rejected.
I give two shits on a popsicle about NSA snooping on me. I am more worried about google taking away chrome,search, gmail, android.. how did even get here where google controls essentially the whole of internet.
> I don't get it. Of all the tech products I've had over the years, the Google ones have been the best, the most secure, the most useful. They collect more data, but as far as I've seen, they also protect it the most.
They're way less sketchy than Facebook and data brokers, and better at not letting people's data leak out ("sorry"), but the sheer volume they collect is frightening. For the average Android user, they collect every search query, complete browsing history, complete location history, and more, all "anonymized" but easily correlated to a real person, and store it more or less forever.
They've avoided Yahoo- or Equifax-scale breaches, as far as we know, but it's just a matter of time until someone hacks the world's biggest store of personal data. Even if that happens years from now, I wonder how they will monetize all of that data when merely slinging ads no longer satisfies investors.
Yes, it should be bottled made available as cheaply as possible branded in two different flavors Google Privacy In A Can™[0] and Google Privacy On The Go™[0]:
"So right away, let us cast aside the technological protocols, that are usually referred to as “the internet”, that of which was built upon that make accessing or publishing information public between two or more machines…
Because talking about such things would require most internet users to cast aside social constructs they willingly suspend on a daily basis upon engaging with such technology/services (without any care to understand for oneself, one might add) and then demand collectively in retrospect to have their cries pacified while continuing to use such services (of which, most for free).
Yup, let us look past all that and believe (because that’s all we can do for ourselves) that institutions/organizations/companies/governments, that all consist of our fellow human beings in all of our qualities and flaws, can provide for the individual that which he chooses not to do for himself, to a satisfactory level in which his desires are forever coddled and placated."
[0] We will give access to our preferred government bulk data buyers on the grounds of National Security.
76 comments
[ 0.78 ms ] story [ 51.9 ms ] threadRight now they are so behind user expectations that the above statement is not even funny, it's almost insulting.
The only company they seem to be beating is FB, and not sure if that is the company they want to keep, or probably they do...
MS and Apple can be far more aggressive in this regard because they simply don't really need your data in the same way to make money.
And the thing is that most people would never knowingly make the privacy vs utility trade-off. The risk (that the entire world gain access to one's search history) is not in the best interest of most users. Personalized search does not provide that much added value.
John Podesta: http://www.thesmokinggun.com/documents/crime/how-john-podest...
Colin Powell, and others: https://www.theguardian.com/commentisfree/2016/sep/15/colin-... https://www.nytimes.com/2016/09/16/us/politics/email-hacking...
Tibetan activists, broadly: https://www.sfgate.com/business/article/Tibet-activist-s-e-m...
NSA and other surveillance operations claim access to Google, and other online service providers: https://www.theguardian.com/world/2013/jun/06/us-tech-giants...
There's been no widescale mass comprehensive breach of Google yet, that we are aware of. But that may simply be a matter of luck and time.
Google have said Gmail users should not expect privacy:
People sending email to any of Google's 425 million Gmail users have no "reasonable expectation" that their communications are confidential, the internet giant has said in a court filing.
https://www.theguardian.com/technology/2013/aug/14/google-gm...
And, though I cannot find a link presently, in the wake of the Snowden revelations, Google employees told the Guardian that integrity of Gmail and associated Google accounts (and they are all associated) could not be assured. Probably 2013-2014 timeframe.
And Google allowing the NSA access is not them getting hacked either.
Google reading your mail is not hacking either.
We're talking someone hacking into G and grabbing millions of emails or passwords, I don't think that has happened.
There was plenty in, e.g., the Podesta, Powell, and related hacks, to suggest at the least suspicion. The fact that single-password hacking is a keys-to-the-kingdom event is itself a major flaw. And it's not as if phishing is a new attack vector, the concept dates to at least the 1980s.
And also, Google have changed internal proceses in consequence. But a massive blame component absolutely falls squarely on Google.
There were and are mechanisms Google could implement (and to some extent has) to reduce the attack surface further.
Encrypting contents and doing so independently of access is probably the most significant. Google does not do this, and in fairness, no other major player, not even Protonmail, does this, at least not by default. The problem is hard, it intoduces inconveniences. It is not impossible. Lack of the feature has cost Google users, a small but aware and technical cohort, myself included.
(Protonmail's encryption prevents static-storage-on-disk attacks, including subpoena and insider access, but password compromise remains an extant risk. bI no principally use Protonmail.)
Patterns-of-use fingerprinting (which Google does), app-specific passwords for non-Web access (ditto), special attention to politically exposed persons (PEPs), and exceptional internal access and process controls, yes.
But the mass-sweep attack appears still viable through multiple potental vectors, stream, static, and dynamic (programmatic).
They'd be out of business pretty quickly.
Search, e-mail, social - particularly as they relate to ads - this will be the problem.
Surely, you haven't heard of Windows 10's horrendous surveillance?
Data collection: https://news.ycombinator.com/item?id=9976298
Ads: https://news.ycombinator.com/item?id=13835733
Phone home: https://news.ycombinator.com/item?id=10053352
These shenanigans are not existential to their business.
MS could quit that instantly and they'd be fine.
As privacy becomes a thing, they are well prepared.
They're agreeing with you in this step of the PR dance, then after the heavy lobbying they're already administering, they will attempt to de-fang any potential privacy legislation, then point out government incompetence while calling for a right to self-regulate.
The last thing I want is more government power.
Until the legislation is written by the industry and doesn't rein them in one bit but imposes large compliance burdens on smaller competitors and further entrenches the incumbents.
The actual solution isn't corporations or governments, it's people being in control of their own stuff. Google and Facebook can't invade your privacy if your data is on your own device and not their servers.
It's also unclear whether in practice people being in control over their devices better protects the users - back when that was the case, malware was a bigger problem than it is now.
My estimate is that nearly all negative consequences of lack of privacy on the internet have not been due to any sort of nefarious tracking and data gathering on the part of tech companies, but due to people voluntarily sharing information about themselves and those close to them and using various apps as intended. There's a lot of paranoia about how much data is out there, but I can't think of really any major consequences, especially given how pervasive this is all supposed to be. Meanwhile, people getting in trouble due to information they voluntarily shared is extremely common.
Even that incredibly low bar isn't cleared. When you visit a random web site you get tracked by google/facebook before you can be aware that this site is sending your information to them, clicking a link does not imply trust or consent.
It means that Facebook et al don't have it to begin with.
> How do you force people to use software that doesn't do this?
Why do you have to force people to do anything? That conclusion requires some major cognitive dissonance.
There are two options here. One is that people are rational in not caring, and in that case there is no problem and nothing needs to be changed, so what are you complaining about? But let's suppose that's not it.
Then it's that privacy is important and people should care about it but they don't understand, in which case you don't have to force them to do anything, all you need is for them to learn what is happening and why they should care about it. It requires information, not regulations.
You can't regulate a fox in a henhouse, you can only teach the farmers why fences are important before they learn it for themselves.
> It's also unclear whether in practice people being in control over their devices better protects the users - back when that was the case, malware was a bigger problem than it is now.
We need to give all our data to Facebook because malware? How does that prevent malware at all? What is Facebook's server going to do that your phone couldn't do for itself?
"But malware" it seems is the new "but terrorism" or "think of the children" as a generic excuse for every authoritarian policy in the book.
Wrt: malware, what's definitely helped here is that people spend more time on centralized platforms that are able to tackle problems at the source, as opposed to visiting random unsafe websites and downloading random software. Likewise, telemetry in OS almost certainly helps greatly in fighting malware. Centralization in terms of both data and usage helps greatly.
You have the right to choose not be watched while you're going to the bathroom but the whole online privacy "controversy" is a means by which foreign countries and other interested parties try to justify stifling US tech companies it's also more nonsense for the self appointed "elites" to philosophise over and pretend to know what's best for society, regular people don't care about it nor should they.
Do you have a source? Would like to read up on this.
Zuboff, Solove, Schneier, etc.
[...]
> regular people don't care about it
Who's buying the books and visiting traditional media properties then?
The masses though, they don't care:
"Facebook users care less about privacy than regulators"
https://www.reuters.com/article/us-facebook-growth-analysis-...
Feels like a trick: Login, give us your info, and then privacy checkup.
Just thought it’s funny. Either way, can’t complain the for the efforts being done
And then log out.
The title is a little strange, almost like saying you don’t need those luxury Apple devices to get privacy, but that is wrong. For the mass market, I think Apple is the company that is least bad on privacy. I use some Google services like GSuite, Play Books, and Play Movies heavily but I cringe a little.
Not counting GCP, just consumer offerings: if Apple provided a good email service that supported custom domains, I would just use them for everything except deployment platforms like GCP and AWS.
You've fallen for an audaciously mendacious marketing campaign. Try developing an app for your iDevice without telling Apple who you are or where you live. The only way to do so is to set up a shell corporation. Try setting a map application that works completely offline as your default street address handler. Impossible on iOS. Try getting your location without telling Apple where your device is. Also impossible. (Not sending your location to Google is not only possible but the default on even Google-flavored Android devices.) That's just the tip of the iceberg. Even better, Android lets you set up multiple users on a single device and easily switch between them to sandbox your private apps from your "get things done" apps.
> if Apple provided a good email service that supported custom domains, I would just use them for everything
Even assuming that Apple's marketing were true, how does this make sense? Email servers are supposed to store all your mail to make it easily searchable across all your devices. At the point a service is storing all your mail and making it searchable, its privacy implications exactly match Gmail's (but are worse than Gmail's for users in China).
Then their growth started to slow so they jacked their prices to ten Benjamins, when really good Android phones cost half that. I really had to evaluate how much I valued my privacy from Google in particular, and it didn't feel like worth 500 every two years. Important point being compromising with my data with just Google and blocking all the other companies (Facebook, etc). Google while it's collecting a metric fuckton of data about me, seems to be a lot more transparent about it and gives clear ways to clean my slate. Also doesn't look like it shares it with any other partners. So I just figured I'll stop paying the apple tax for now, and reevaluate later if the situation changes.
Hm, if you are still using GMail and GMaps (and possibly also Google Search), what privacy did you gain?
We have no lasting friends, no lasting enemies, only lasting interests. - Someone.
I trust Apple not because of my optimism that they will do good, I trust them because of my pessimistic view ( Comparatively Speaking , it seems every negative thoughts in Silicon Valley are considered as pessimistic )that everyone has an interest, and it is Apple's interest to sell me expensive ( comparatively ) devices and Services while making a profits, and not selling product and services and zero net margin subsidiser by selling my Data.
Much like facebook’s idea of privacy, they are conflating your actual privacy with themselves not selling your raw data. Eg. Just because they track you, and have access to all your data, doesn’t mean they’re violating your privacy - the line only occurs if they sell that information directly.
If we believed in Eric Schmidt's prediction that future internet is going to be split into two halfs where one is controlled by China and the other by the US, and since China is restricting privacy and increase surveillance then the only sensible direction the U.S should adapt is by embracing the opposite values and promoting digital privacy. Those who place importance on these values will naturally follow their path.
Recently there has been a lot of discussion in Sweden (maybe elsewhere too) about anonymized mobile phone location data that is sold online. In that case "data anonymization" usually meant swapping out personal identifiers for some token. If that was the only information you had you'd be more or less fine, but what if you have access to some correlated side-channel information that IS personally linked? In the location data example, just combining with publicly available home address data is enough to de-anonymize nearly every person in the dataset (i.e. where does anonymous token X go every night and leave every morning?).
This problem emerges very quickly as soon as you start linking together multiple pieces of anonymized data (or just sampling the data with high enough resolution). The only real virtue of data anonymization is that it prevents casual snooping by the people that work with the data.
True bounded anonymous data is done by aggregation and/or mixing.
Compare this to how lazy other companies have been with data breaches (Apple, Sony, Equifax, a ton of others), or companies that will actually sell your data (phone providers, credit card providers, various discount cards, etc..), I don't see why Google is always targeted.
When I had a Hotmail account back in the day, it got hacked (and I've always had strong passwords). Gmail has never been hacked. Windows has ads and spyware throughout Windows 10, Google shows you ads when you search for something. Yet MS gets a pass these days, people forget about Apple's weak account security in the past not to mention apps abusing permissions, but Google is constantly demonised.
I don't get it. Of all the tech products I've had over the years, the Google ones have been the best, the most secure, the most useful. They collect more data, but as far as I've seen, they also protect it the most.
And then came Google ban bots. 24 hours ago they deleted one of my friend's account because of a keyword picked up in his reviews on app store (Apparently the bot thought he was being compensated for reviews which goes against their TOS), some of gsuite users had all accounts frozen and everything deleted because one of their dev had multi-login.
Some were suspended for credit card denials in their billing (falls under financial fraud). Then "Youtube heroes" where people could flag each others videos.
I really wanted to try out their new ML products but the console is insisting on me adding my credit card and I am so paranoid about getting my account blocked/deleted by Google if for any reason the credit card charge is rejected.
I give two shits on a popsicle about NSA snooping on me. I am more worried about google taking away chrome,search, gmail, android.. how did even get here where google controls essentially the whole of internet.
They're way less sketchy than Facebook and data brokers, and better at not letting people's data leak out ("sorry"), but the sheer volume they collect is frightening. For the average Android user, they collect every search query, complete browsing history, complete location history, and more, all "anonymized" but easily correlated to a real person, and store it more or less forever.
They've avoided Yahoo- or Equifax-scale breaches, as far as we know, but it's just a matter of time until someone hacks the world's biggest store of personal data. Even if that happens years from now, I wonder how they will monetize all of that data when merely slinging ads no longer satisfies investors.
"So right away, let us cast aside the technological protocols, that are usually referred to as “the internet”, that of which was built upon that make accessing or publishing information public between two or more machines…
Because talking about such things would require most internet users to cast aside social constructs they willingly suspend on a daily basis upon engaging with such technology/services (without any care to understand for oneself, one might add) and then demand collectively in retrospect to have their cries pacified while continuing to use such services (of which, most for free).
Yup, let us look past all that and believe (because that’s all we can do for ourselves) that institutions/organizations/companies/governments, that all consist of our fellow human beings in all of our qualities and flaws, can provide for the individual that which he chooses not to do for himself, to a satisfactory level in which his desires are forever coddled and placated."
[0] We will give access to our preferred government bulk data buyers on the grounds of National Security.