Dick move extraordinaire by Google.
On Friday, Google announced an update to its terms of service that allows the company to include adult users’ names, photos and comments in ads shown across the Web, based on ratings, reviews and posts they have made on Google Plus and other Google services like YouTube.
When the new ad policy goes live Nov. 11, Google will be able to show what the company calls shared endorsements on Google sites and across the Web, on the more than two million sites in Google’s display advertising network, which are viewed by an estimated one billion people.
If a user follows a bakery on Google Plus or gives an album four stars on the Google Play music service, for instance, that person’s name, photo and endorsement could show up in ads for that bakery or album.
Luckily, we have an opt-out. Go to this page, remove the checkmark at the bottom of the page, and done – Google won’t be abusing your personal information for endorsements.
Even this requires you to trust Google. Can we really do that anymore? You’re trusting that their “opt out” will be honored. Somehow, I suspect they’ll have a way around it.
As for me, I think I’m done with Google services altogether. I was considering, after they stopped shoving ads into my imap inbox, maybe beginning to use Google’s services again. I was even considering a switch to Android for my next phone. I think I’m out, though. There’s only so much shit I can take before I give up and, while Apple are a pain in the ass at times with iOS, at least they’re only a pain in my ass and not my life!
Sorry Google, this is too damn much! I don’t care how “open” you are, if this is what you’re turning “open” into then I’m out for good.
I want to do the same, but they are still leagues ahead of everyone else in search.
When I DDG something, and need the answer quickly, I find that I’m constantly adding ” !g” to everything, because not doing so means lots of scouring irrelevant results.
You don’t need a google account to use the search service
No, but the point is avoiding the creepy tracking.
I’m sure that even with ghostery, DNT, ABP and going to google through DDG, they’ll get just as much info out of you.
The same can be said about every single company doing business on the internet. You should trust google no more or less than anyone else.
Edited 2013-10-12 05:18 UTC
Yes, I think it will be about the same, Google might have a lot more data and profiles than most, but Google has a lot more to lose if they do something that will offend the general public to much.
I have this fond, distant memory of a time when companies used to explicitly ask you to opt into allowing them to sell your personal info; Otherwise they’d be worried about looking like a bunch of crooks and lose all their customers.
Now we see the predictable pattern of a “free” service reaching a critical mass and the end game of changes of their rights to abuse another huge database of our lives is ratcheted into a lengthy agreement which no-one reads… then what happens?
They just lose an insignificant number of mindful users compared to the money they make from the personal data of the apathetic/lazy.
People get angry at the US government for the surveillance of innocent masses through the NSA but most of the databases at their disposal are set up and run for the purposes of surveillance for profiteering by businesses and we just keep letting it happen.
Personally I opt out by trying to avoid using services which are set up with obtaining personal data as their primary objective rather than hoping to be informed of a option shortly after my data has already been used for purposes I never agreed to.
To be fair, I got an email about the change, as well as a popup on G+ that I had to acknowledge. I don’t think this excuses not having it opt-in, but it’s not like they’re trying to sneak in the back door.
At any rate, I don’t think it’s a reason to boycott the services altogether. I mean, the main reason they want to track me is to serve me ads, and that isn’t anything that an ad blocker can’t fix
For the most part, I really don’t care what they track about me. If I need to search on things of a sensitive nature (which is rarely), I’ll fire up a different browser, that doesn’t have my account attached to it. Other than that, do I really give a shit that Google knows I was searching earlier today for a tablet mount for my treadmill? No, I don’t.
Edited 2013-10-12 03:27 UTC
I’m happy for you that you don’t care about your privacy but bare in mind that if Google know everything you’ve done on that browser, so does any other affiliate with a deal to trade data (could be done multiple times for eternity), or any government who give them a court order, or a dodgy private investigator, or someone with access to hacked data.
Also, I wouldn’t be so sure that simply switching to that same 2nd browser you always switch to, isn’t quite transparent to them. Since your IP and the fingerprints of the two browsers will be sent via referrers of the many Google services you’ll find on the majority of web sites, including that review site for a tablet mount (doubleclick, ajax.googleapis.com, google analytics, +1 buttons, google ads, recaptcha, etc… oh and adblock/noscript aren’t helping you much here either).
Maybe that slightly dodgy thing you did didn’t hurt anyone and no one is looking for it now but having it burned into an un-erasable and everlasting catalogue might turn out to be rather inconvenient if you tread on the wrong toes.
Sleep well kids
Well, what are the alternatives? There is really no way of opting out of being tracked since there are so god damn many different ways of doing it and no one really honours the Do Not Track – setting. Google’s search engine just happens to be one of the best ones around and even if you don’t use it all the +1 – buttons and the likes on the websites still track you.
Also, using e.g. Google’s Play Market is more-or-less the only legal way of obtaining software for Android-devices. I don’t really wish to start pirating apps that cost mere cents or a couple or euros. On the same note I’m not aware of any even reasonable alternative to Play Music, they all track you anyways.
Well, it is hard but believe it or not, you can live without Google services and stop them tracking you (not that it stops your isp but AFAIK they’re not running a business selling that info).
It’s harder to get away from sites that load google content but at the moment you can at least block the cookies, scripts and referrers.
I’m sure if enough people did that they’d find a reason to require sites to identify themselves in the url but the point is currently valid.
Even with Android, there are some perfectly good free apps available direct without using the play market and Cyanogenmod without the GAPPS doesn’t connect to Google last time I checked.
e.g.
Documents to go (office package):
http://download.dataviz.com/documentstogo/android/dxtg-dataviz-stor…
Firefox:
ftp://ftp.mozilla.org/pub/mobile/releases/latest/android/en-US/
Flash:
http://download.macromedia.com/pub/flashplayer/installers/archive/a…
Of course, it’s much easier to be apathetic.
EDIT: https://duckduckgo.com is a great alternative for search if that wasn’t obvious
Edited 2013-10-12 14:57 UTC
All well and good, but there are quite a few app developers that don’t distribute apks. Further, usually if an app is a good one I will purchase it to get rid of the ads and to support the developer. As many Android apps’ only facilities for purchasing and removing the *google* ads comes from the Google Play store, how would you suggest getting around that?
Already use it, and have for some time. Unfortunately it’s no good if I need to search in German or Swedish though, as it only handles English right now.
Yep, such devs are certainly in the minority but I was just pointing out some options for those willing to try getting apps direct in a safe, legal manner and don’t have an old device purely to grab their apks from the play store.
Personally I don’t let phone apps connect to the net AND get access to my personal data, it’s one or the other so ads don’t have to be an issue.
There are various means of doing this but CM have not provided an official option since 7.2 and some apps will not work without phoning home but there still are enough possibilities.
I see options for German and Swedish here:
https://duckduckgo.com/settings
Is that no good? Or are the results still useless?
Having said all this, it’s a sad and sorry state of affairs for privacy that one has to go to such lengths and even then you’re just minimising the leakage to google.
Edited 2013-10-12 16:49 UTC
That changes the interface language, but doesn’t tune the search for those languages.
I don’t believe for a second that they don’t also track and sell these things. It’s too much of easy money for them to just pass on.
The number of good, free apps without using the Play Market is simply way, way too few, let alone the number of good, paid apps! I could easily live without G+, GMail (already using Runbox), their search engine (already using DuckDuck) and I could even give up on Play Music, but there’s just no reasonable alternative for Play Market.
Good post!
There’s also https://startpage.com which pulls it’s results from google. You get the google searches without the spying, well so they claim? I prefer the duck though for some unexplainable reason :~)
spoogle Motto: Do no evil.
spoogle Mantra: Do plenty of evil, just tell you’re not!
Edited 2013-10-13 13:50 UTC
Since when has not feeling the need to keep every goddamn thing I do online super-secret equated to not caring about my privacy? It’s like if I go grocery shopping… I don’t walk around with a hood on, for fear that I might be recorded by some video camera while I’m buying some apples and a loaf of bread. Does that mean I don’t care about my privacy? I don’t want EVERYTHING out in the open. For example, I’m not going to go in there and jerk off in front of everyone… I’ll wait til I get home to do that
In the second browser, where my name or any other personally-identifiable information is never entered, what do they have to trace back to me, besides my IP address? Of course, I understand that the feds could trace that back to me, but I don’t think I’d be that high on anybody’s radar
If they wanted to find you THAT badly, I don’t think there’s much you can do anyway, unless you’re using somebody else’s wifi.
Edited 2013-10-12 09:10 UTC
Both your browsers give off information that can be used to identify you, here’s some pages set up to spell out the specifics of your particular situation:
https://panopticlick.eff.org
http://ip-check.info/?lang=en
If you don’t clear your cache and cookies, that gives out more identifiers which reside, if you don’t block things like flash and javascript then you are almost certain to be unique even without information such as your IP address and your predictable browsing habits.
I’m not saying you need to be super concerned about Google knowing what product you’re interested in reading about today but don’t be so sure that you’re not being tracked just because you switched browser and don’t consider yourself interesting.
Really, because I ran those two tests and panopticlick tells me absolutely NOTHING that can be used to identify me and IP check…really…wtf…
My screen resolution “contribute to my identification”?
Knowing what fonts I have installed is somehow “bad”?
My browser supports a lot of mime types. OH MY GOD!!
Yeah….no…this is a lot of tinfoil hat crap.
Actually, no. You can sometimes be identified simply just through what fonts you have installed, there are several large demonstrations and researches done on the matter. Combine the information of your fonts with every other bit of information they can get and the chances of identifying you rise very, very sharply. It’s not just tinfoil hat – crap and I would suggest you to read up on it if you don’t believe me.
Since I only have the standard fonts I doubt it. not using Windows probably helps to.
Interesting. Could you provide some links for that?
Well, the first and most-obvious link would be https://panopticlick.eff.org/browser-uniqueness.pdf
If you only have standard fonts then it obviously doesn’t apply to you. But most people do have additional fonts on their systems, like e.g. according to the test I have a unique set of fonts installed which makes it really easy to identify me.
I use flash block, so they were not able to identify any system fonts. They were, however, able to detect my resolution, which is really non-standard. Assuming they were able to combine my weird resolution, my IP, and wahtever else they have, would their systems be intelligent enough to combine the information from two different browsers? Or would they even bother?
It’s not much work to just combine such things and then eliminate the bits from those who differ from them and it’s completely automated, of course. Basically you’re eliminating people from a set based on what you know and then you calculate the probability — not terribly complicated stuff, you only need a large data set.
Just using two different browsers most likely ain’t enough since your system is still leaking a lot of other details. It reduces the possibility of them linking you to the other browser a lot, but it is still possible.
Here;s a question though: how do you track *us*, as in the person?
I mean, I’m not overly concerned about vague tracking like “some person in the area of SomePlace went to these sites and it was the same someone that visited yesterday too”.
Big enough data sets and statistics. It’s a process of elimination and probability, and combining tiny pieces of information over a longer time period always yields results.
Here are a few relevant links showing various ways of using tiny bits of information to find out a larger connection:
http://arstechnica.com/information-technology/2013/06/what-the-nsa-…
http://arstechnica.com/information-technology/2013/03/knowing-the-s…
http://arstechnica.com/tech-policy/2013/08/in-aclu-lawsuit-scientis…
It’s just the same thing; you’re combing through small bits and pieces, you find out where the bits fit together and eventually you’ll start seeing the bigger picture and a person emerges, to put it simply. If you really want an even better understanding you should start studying statistics, though.
Eh, well, Facebook already knows where I live cuz I told them and I use their service and obviously they can puzzle things together since I tell them some of the stuff I like and such. That’s not really an invasion of my privacy, it comes with the territory of using the service.
Does NSA even need tracking if they have access to so much data from service providers anyway?
I’m more concerned about what random-flybynight-site.com that I am NOT a member of can figure out.
(I took statistics already
)
Edited 2013-10-13 16:20 UTC
You can Opt Out by joining Google+ (i.e. Opting In). You can shut off everything, gut it, ignore it, occasionally check-in to make sure that when they add new features they don’t turn on new features, alter privacy settings as they shift, and Google is still goosing its G+ “active” user accounts to make it appear their nonexistent social network is not actually a massive advertising demographic profile. But, fortunately, you won’t be used in the ads that they’re targeting at you. Yay.
Edited 2013-10-12 02:02 UTC
First you had to opt-in. Now you have to find the opt-out and check it regularly. Next you won’t have any choice because their Terms of Use will have you forfeit everything entirely. Everyone complains about their privacy but it seems not many people are willing to pay money to keep it intact (as much as that’s even possible in todays world). That’s just how it is and I don’t anticipate anyone dethroning Google and their array of services/products any time soon.
Well, it was already off for me so maybe it’s an opt-in and not an opt-out.
It was on for me, so I dunno.
It was off for me as well. It seems that some earlier version of the setting already existed, and they honored whatever that setting was.
“Google won’t be abusing your personal information for endorsements.”
Yeah, google has been always perfectly clear and fair with user data, what should we worry about?
Edited 2013-10-12 06:45 UTC
http://newslite.tv/2010/04/06/7500-shoppers-unknowingly-sold.html
“Thousands of shoppers unknowingly signed their souls over to a computer-game store after failing to read the terms and conditions on their website.”
Since if you don’t have your drivers license name, they won’t let you have a G+ account, they wre worse than facebook. Note you can’t review anything except via G+.
Now watch everything break if you don’t have G+ – pictures will no longer be in Picasa, it will be G+ docs, and gmail will be eaten by G+, so google will be Google plus only and to use any of it you will have to give them “your papers please”.
How exactly would Google know the name on your driver’s license?
uh….what? I’ve never give Google *any* identidy papers and I don’t know anyone who has.
Review…what?
Maybe you should work on making sense.
And…?? What does it matter? It’s all Google services.
No, you don’t have to give them any papers. Really.
If you put a name in for your identity their robot thinks looks dodgy, it will lock your account until you scan your driver’s license and send it to someone who will unlock your account, so you can’t uses something obviously a pseudonym – they won’t let you simply correct it, it has to be reviewed, and it requires identity documents. Since that is also linked typically the Gmail address you’ve been using you have to “out” yourself there too if you’ve been using GMail. Oh, and all your android devices since those too are linked to your Google Profile or account.
Otherwise you are violating the terms of service. It says you must use your real name. There was much controversy since this makes cyberbullying easier.
Google Play reviews (e.g. Android Apps) can only be done via Google Plus profiles.
Also, they haven’t said they will show “one-star” “crap, don’t buy, terrible service” “endorsements” in the ad results, though if that happened it might actually be useful.
Since this sounds like complete and utter nonsense (Does Google know what every drivers license in every country looks like? What if you don’t have a car or you’re a kid?) you really need to provide some kind of credible reference for that.
Do you think it is complicated for a company like Google to create a list of valid licenses and passports ?
Or don’t think you think Google has an office in almost every country they operate in ?
There was a G+ real name policy. A real name policy means they will deny your use of the service if they believe you are using a fake name.
I believe Facebook still has this policy.
G+ is now more relaxed, they might still ask you to some how prove the nickname you use is actually yours (whatever that means).
I believe the point of such a policy is to prevent people from impersonating other people.
Twitter has something else where you can have a ‘verified account’ by sending them a copy of license or passport.
There is something else you should know, if you don’t use a Google account.
They will still build a profile of you (they don’t care if it’s anonymous (at first !) they can still show you ads ), but without the account you can’t opt out of anything.
Edited 2013-10-13 20:02 UTC
Maybe *was* is the operative word, the only current requirement is that you give a first and last name.
https://support.google.com/plus/answer/1228271?hl=en
Obviously if you give your name as Winston Churchill or Barrack Obama they’ll not let you use that unless you can prove that’s actually your name.That’s common sense and I don’t see why anyone would be upset about that. I’m sure no-one would of us would be happy if someone impersonated us and started spouting racism or shared child porn or whatnot.
There’s no preventing you from giving your name as something like Mike Jones or Steven Grapevine or Weng Ho whatever.
It seems they don’t, see URL above.
Twitter will also suspend and close accounts that are used for impersonating others and that’s a good thing.
I’m sure they do and it wouldn’t bother me. If it did I just wouldn’t use their service.
Last time I moved google checkout detected a conflict between my current billing address and my old one. Now I’m blocked from buying anything on the play store until I scan my drivers licence and email it to them. Google may not have the licences of everyone, but if that’s their policy of identity verification I’d guess they at least have a chunk of people’s.
Wow, I didn’t have to do anything close to that when the security questions on my Apple ID got corrupted. I did have to call Apple, but all they had me do was verify some account details (address, last 4 of card, etc) all of which they already had anyway. They then cleared the security questions and the next time I logged in, I used new ones. Were it up to me I’d never have bothered with setting them in the first place, but they were required at that time. I’d have never given them a copy of my ID and they weren’t idiotic enough to ask for one.
That’s Google Checkout, not G+ or Gmail or Picasa and whatever. Of course Checkout might require a little more in terms of identification since it involves monetary transactions.
It’s the same company. If you think, for a second, that Google is not going to use any information gathered via checkout (now wallet) and cross-reference it, then you are blinded to reality.
Maybe you’re blinded by dislike for Google. We’re not talking about what data they may or may not use but what the requirements are for a G+ account.
I’m sure they use the information gathered from Google Checkout just like how Apple and Microsoft uses the information they gather from their similar services.
Edited 2013-10-14 05:25 UTC
I’m sure they do. Yet neither of the two companies you mention have a primary business model revolving around selling my information, and neither have ever asked for a photo of me let alone a license or ID.
Google have never asked for photo or ID of me either and if you have followed the discussion you’ll know that only happens there’s a risk you’re trying to impersonate someone “famous”. I wasn’t aware that trying to prevent impersonation was a bad thing on a service like G+.
Google Checkout involves money, banks and governments demand more for (international) money transfers than just faith.
Why the strong language? I just checked this today and it wasn’t even enabled by default.
And I actually enabled it (not typical of me AT ALL).
I give this new plan by Google 4 stars!
What’s wit their fascination with Facebook?
This is lifted verbatim from how Facebook does it. If you like a page/post your face might be appearing on that page. That is why I stopped liking any pages, so that my face is not displayed.
On the other hand, if my “endorsements” are shown to people that are in my contacts… then it might be a bit less on a issue.
And I can imagine that in some cases it’s beneficial to know if your friends have actually reviewed a business.
There is a simple solution for people concerned with Google search access to their private data. Just use this thing:
https://addons.mozilla.org/en-US/firefox/addon/trackmenot/
Basically, set this extension to read random data from random RSS feeds and send occasional queries to search engine of your choice.
To quote developer’s home page:
In my case the checkbox was off, i.e. I was given an opt-in choice