Posted in War on Privacy

Slate writer: “I used to trust some of [Google’s] products, like Chrome. I increasingly don’t.”

People like Matthew Green are waking up to reality.

A couple of weeks ago, I noticed something strange was happening to my Google Chrome web browser. Where Chrome had always allowed me to browse the internet as an anonymous user, suddenly my browser had signed itself into my Google account.

A bit of investigation (and a visit to a nerd forum) pointed me to the cause: Chrome had logged itself in after I visited my Gmail account.

The change in Chrome’s behavior, it turns out, was not a bug. It’s part of a new technical “feature” in the browser called “identity consistency between browser and cookie jar.” Despite the gritty technical name of the feature, it represents a truly fundamental change in the way Chrome works.

For the first 10 years of Chrome’s existence, Chrome was simply a typical web browser. You had the option to sign the browser into Google—and thus take advantage of Google’s many data-sharing and cloud-synchronization options—but you never had to.

In the stroke of an update, the sign-in became mandatory: If you happened to visit a Google property, the browser would attach itself to your Google account.

To Google’s credit, it recognizes the privacy implications of this change, and simply signing the browser into Google does not immediately send your data to Google’s servers. But it brings users within an accidental click of sharing their bookmarks and browsing history with Google.

It is truly a tragedy that so many people use Google Chrome when there are better, privacy-respecting browsers available, like Mozilla Firefox. Mozilla now even makes a special mobile version of Firefox that cleans up after itself called Firefox Focus. Google will never, ever make a tool like that, because it is anathema to Google’s objective of collecting as much data about everyone as possible to monetize all of us for advertising purposes.

It was inevitable that Google would change Chrome to make it easier for it to spy on its users. We’ve been warning of this for years. Unfortunately, many people haven’t listened.

Posted in War on Privacy

Google and Mastercard Cut a Secret Ad Deal to Track Retail Sales

Big Brother Is Watching You:

For the past year, select Google advertisers have had access to a potent new tool to track whether the ads they ran online led to a sale at a physical store in the U.S. That insight came thanks in part to a stockpile of Mastercard transactions that Google paid for.

But most of the two billion Mastercard holders aren’t aware of this behind-the-scenes tracking. That’s because the companies never told the public about the arrangement.

Alphabet Inc.’s Google and Mastercard Inc. brokered a business partnership during about four years of negotiations, according to four people with knowledge of the deal, three of whom worked on it directly. The alliance gave Google an unprecedented asset for measuring retail spending, part of the search giant’s strategy to fortify its primary business against onslaughts from Amazon.com Inc. and others.

Remember, Google has made it their business to attempt to learn everything… EVERYTHING…. about you. The company’s aim is to eradicate the whole idea of user privacy, one blow at a time. They’ll do whatever it takes to get their hands on our data, whether convincing us to give it to them, buying it, or secretly capturing it without our knowledge.

Posted in Menacing Monopoly, War on Privacy

Google employees protest secret work on censored search engine for China

Some of the people working for the Monster of Mountain View still have a conscience, even if their bosses don’t. Via The New York Times:

Hundreds of Google employees, upset at the company’s decision to secretly build a censored version of its search engine for China, have signed a letter demanding more transparency to understand the ethical consequences of their work.

In the letter, which was obtained by The New York Times, employees wrote that the project and Google’s apparent willingness to abide by China’s censorship requirements “raise urgent moral and ethical issues.” They added, “Currently we do not have the information required to make ethically-informed decisions about our work, our projects, and our employment.”

The letter is circulating on Google’s internal communication systems and is signed by about 1,400 employees, according to three people familiar with the document, who were not authorized to speak publicly.

Props to these brave souls for speaking up and letting management know they’re not comfortable doing secret work on a project that could result in Google collaborating with Xi’s authoritarian regime.

Posted in War on Privacy

Google records your location even when you tell it not to

An important catch from The Associated Press, via The Guardian:

Google wants to know where you go so badly that it records your movements even when you explicitly tell it not to.

An Associated Press investigation found that many Google services on Android devices and iPhones store your location data even if you’ve used a privacy setting that says it will prevent Google from doing so.

Computer science researchers at Princeton confirmed these findings at the AP’s request.

The article goes on to say:

Storing your minute-by-minute travels carries privacy risks and has been used by police to determine the location of suspects. So the company will let you “pause” a setting called “location history”.

Google says that will prevent the company from remembering where you’ve been. Google’s support page on the subject states: “You can turn off Location History at any time. With Location History off, the places you go are no longer stored.”

That isn’t true. Even with “location history” paused, some Google apps automatically store time-stamped location data without asking.

For nearly ten years, this site has been chronicling Google’s war on user privacy, so this is hardly a surprising development. Nevertheless, it shows the need for regulation. Google is never going to reform its ways of its own accord. Its entire business model is based on destroying privacy. And it will go on doing so while feigning to care about its users until governments compel it to change its business practices.

Posted in War on Privacy

Google, You Owe Us: U.K. based campaign seeks to fine Monster of Mountain View for clandestine iPhone tracking

This is great:

Google’s in trouble again over the “Safari Workaround”: the iPhone shakedown for personal information from millions of iPhone users.

In 2012, the workaround got the search giant fined by the US Federal Trade Commission (FTC) for $22.5m, fined again a year later for $17m after it got sued by dozens of states, and now has the UK’s Google You Owe Us campaign out for its own pound of flesh.

Make that a few pounds of flesh: The Google You Owe Us campaign has started the process of getting its own comeuppance, and the US fines pale in comparison to what the British group is after.

Monday marked day one in London’s high court, where the collective action is suing the company for what could be as much as £3.2bn (USD $4.3b), according to court filings.

The campaign even has its own beautifully crafted website, which is totally worth checking out.

Posted in War on Privacy

Multiple Google employees quit over company’s machine learning contract with the Pentagon

Bravo to these folks for taking a stand. Bravo!

It’s been nearly three months since many Google employees—and the public—learned about the company’s decision to provide artificial intelligence to a controversial military pilot program known as Project Maven, which aims to speed up analysis of drone footage by automatically classifying images of objects and people. Now, about a dozen Google employees are resigning in protest over the company’s continued involvement in Maven.

The resigning employees’ frustrations range from particular ethical concerns over the use of artificial intelligence in drone warfare to broader worries about Google’s political decisions—and the erosion of user trust that could result from these actions. Many of them have written accounts of their decisions to leave the company, and their stories have been gathered and shared in an internal document, the contents of which multiple sources have described to Gizmodo.

It takes a lot of courage to give up your job in protest of your employer’s business practices. But that is exactly what these twelve people have done. They have refused to compromise on their principles after learning what was going on. They couldn’t go on at Google because they knew Google was doing something immoral.

Posted in War on Privacy

Bloomberg: Google’s Facebook copycat moves leave it more exposed to privacy backlash

Facebook may be getting all the attention lately, but the Monster of Mountain View is still, well, a monster:

No one at Google envied Mark Zuckerberg last week as he was being grilled by Congress. But for years, they certainly coveted the personal data that made Facebook Inc. a formidable digital ad player. And the strategies they set to compete have now placed Google squarely in the cross hairs of a privacy backlash against the world’s largest social-media company.

A backlash that has been a long time in coming.

“Google, in every respect, collects more data. Google, in every respect, has a much bigger advertising business,” said David Chavern, president of News Media Alliance, a publisher trade group. Rather than “a Facebook privacy law,” he expects regulation to target the entire industry.

Google’s many brushes with controversy haven’t deterred the company from making its business practices ever more invasive. Mimicry of Facebook has been occurring for years.

In 2015, the search giant unveiled Customer Match, a tool letting advertisers target ads using consumers’ Gmail addresses. That mirrored a popular Facebook offering called Custom Audiences. Google Plus, the company’s social network, failed to catch on with users but did prompt millions of people to log in to Google’s other web properties, catnip for marketers. Those changes helped Google’s display ad business blossom. Morgan Stanley recently pegged its value at $36 billion.

Political advertisers are among those embracing DoubleClick. Last year, the unit touted a case study with i360, a marketing firm affiliated with the conservative power brokers Charles and David Koch. i360 uses its own data to slice online populations into segments, such as those for and against gun control and traditional marriage. A Google blog post explained how DoubleClick’s systems sucked in that information to help i360 boost the number of its ads people saw. i360 didn’t respond to a request for comment.

Google is incapable of regulating itself, so we clearly need an American equivalent of the European General Data Protection Regulation, or GDPR, as soon as possible.

Posted in Shoddy Security, War on Privacy

Google admits tracking users’ location even when location services are disabled

Big Brother is watching you. Even if you’ve told Big Brother Google you don’t want to be tracked.

Many people realize that smartphones track their locations. But what if you actively turn off location services, haven’t used any apps, and haven’t even inserted a carrier SIM card?

Even if you take all of those precautions, phones running Android software gather data about your location and send it back to Google when they’re connected to the internet, a Quartz investigation has revealed.

Since the beginning of 2017, Android phones have been collecting the addresses of nearby cellular towers—even when location services are disabled—and sending that data back to Google. The result is that Google, the unit of Alphabet behind Android, has access to data about individuals’ locations and their movements that go far beyond a reasonable consumer expectation of privacy.

Quartz observed the data collection occur and contacted Google, which confirmed the practice.

When confronted, Google claimed that the tracking was happening in part to improve message delivery, which Quartz rightly deemed to be a completely bogus explanation.

It is not clear how cell-tower addresses, transmitted as a data string that identifies a specific cell tower, could have been used to improve message delivery. But the privacy implications of the covert location-sharing practice are plain. While information about a single cell tower can only offer an approximation of where a mobile device actually is, multiple towers can be used to triangulate its location to within about a quarter-mile radius, or to a more exact pinpoint in urban areas, where cell towers are closer together.

The practice is troubling for people who’d prefer they weren’t tracked, especially for those such as law-enforcement officials or victims of domestic abuse who turn off location services thinking they’re fully concealing their whereabouts. Although the data sent to Google is encrypted, it could potentially be sent to a third party if the phone had been compromised with spyware or other methods of hacking. Each phone has a unique ID number, with which the location data can be associated.

Read the whole thing.

Posted in War on Privacy

Journalist’s Home Mini review unit was sending Google a recording of every sound it picked up

This journalist’s experience with a Google Home Mini is being called a glitch, or malfunction.

But let’s face it: these “smart home” devices are DESIGNED to perform 24/7 hour audio surveillance. And a user has no way of knowing when the device is “phoning home” without checking the logs. Anyone who installs one of these stupid things is signing up for the possibility of being surveilled, accidentally or intentionally by a hostile party, without knowing it.

The privacy glitch that befell Google’s new £49 ($49) Home Mini speaker last week was small but, critics might suggest, still revealing.

The trouble started when journalist Artem Russakovskii, who had been given a review unit at the launch event on 4 October, noticed that the Mini kept turning itself on even when not commanded to.

Deciding to search for clues in the device’s logs, he got a shock:

I opened it up, and my jaw dropped. I saw thousands of items, each with a Play button and a timestamp.

The Mini, it seemed had recorded and uploaded to Google every sound detected in its vicinity for a two-day period, which seemed to be every sound no matter how inconsequential. It even activated after a simple knock on the wall.

This behaviour could be disabled and recordings deleted but only at the expense of harming the system’s future voice recognition accuracy.

If you value your privacy, don’t install a so-called smart speaker in your home, whether made by Google, Amazon, Apple, or any other company. It’s not worth it. The fact that microphones and cameras are standard in laptops, tablets, and smartphones and can be remotely hijacked is problematic enough.

Posted in War on Privacy

Big Brother Google unveils Clips, a $249 semi-autonomous recording device

Yikes:

Google has just announced Google Clips, a new hands-free camera that takes photos for you. Instead of having to pull yourself out of special moments to shoot photos and videos, Clips will capture moments so you can be in them.

Software is at the core of the camera, meaning Clips can be made smarter and more powerful over time as Google continues to push out new updates.

Clips can capture a 130-degree field of view at 15 frames per second. Each motion photo moment captured by Clips lasts several seconds and is called a “clip,” and they can be browsed using your Pixel phone. No audio is recorded. Each clip can be saved as motion photo, or you can select a single frame from the motion to save as an auto-enhanced, high-resolution photo.

On the front of Clips is a button for capturing photos manually. With a tiny form factor, Clips is designed to be clipped to “almost anything” or set down to document things remotely.

Clips has facial learning features — the more it sees a person, the more it learns to capture more clips of that individual. It also learns to recognize pets like cats and dogs.

Google engineers have laughably attempted to address the privacy implications of their Orwellian creation by giving it an offline mode. In other words, they’re telling potential buyers you don’t need to connect it to the Internet to use it. But of course, you’ll be encouraged to do so — the device has been designed for semi-autonomous recording and the presumption is people will want to share moments they’ve recorded.

There’s also an indicator light — which is a standard feature of webcams.

Commenters at PetaPixel are rightly skeptical. Writes one:

This is not about memories. How many people actually have time to go back and relive the unbelievable amount of memories that would build up? This is about Google’s AI learning and growing. This is about amassing algorithms to make their AI smarter. Simply put, this is getting scary. A record of intimate moments kept on Google servers. But like you, I guess I have already given up freedoms because of my Google phones and tablets. What have I done?

Says another:

As if Google didn’t know enough of our lives yet….

And another:

I don’t like it… We’re getting into some real Orwellian #$%& here. Always listening microphones, bed facing cameras and 24/7 recording body cams… I don’t want any of this stuff, having a phone is bad enough.

Save your $250 and pass on Google Clips, another unnecessary invention the world doesn’t need.