[nevir]

After having worked at Google, it is the only company I actually do trust with my data. (But I am also ok with them using it to customize my experience, and even target ads)

Their internal privacy controls are extensive.

As a human, it is nearly impossible to access someone's data, even when debugging code/ML models/etc.

And when you do need to, it requires exhaustive oversight/approval, and _everything_ is audited.

[alleyshack]

I'm an Xoogler who worked on the privacy team a few years ago. All of this is true, and at the time I worked there, I made the conscious, considered decision to buy in to the Google data collection ecosystem because I trusted the people I worked with to protect my data.

Several years out, I no longer trust Google - not because I trust my former (immediate) coworkers less, but because the direction the entire advertising/data science industry is taking as a whole is deeply concerning to me. I disagree with almost all of it on principle, and am no longer comfortable supporting it by allowing unfettered collection of my personal data, regardless of who is doing the collecting or how much they promise not to sell my data.

(Companies were never "selling" data anyway - they were using it themselves, sharing it with their partners without an explicit sale, and otherwise doing things with it that I don't approve of which do not meet the strict definition of "sale".)

[devicetray0]

> Several years out, I no longer trust Google - not because I trust my former (immediate) coworkers less, but because the direction

It makes me uncomfortable that the data is always there, and the direction of the business just needs to change. Perhaps they're not being profitable enough for wall street? And on a time scale of 10 more years, I'm sure there will be a number of "incidents" in which teams were given approval to use the data in unsavory ways.

[alleyshack]

This is exactly why I'm one of the (probably many) silent switchers away from Fitbit now that this acquisition has happened. Whatever Google says now, in one or two or ten years, that could change, and my data will still be there.

> I'm sure there will be a number of "incidents" in which teams were given approval to use the data in unsavory ways.

This is my other concern, closely related to the first. Data companies (Google included) have a very different idea of what is "savory" w.r.t data usage. Not from a place of malice, necessarily, but innocence/privilege/not thinking about the consequences.

Let's say the engineers are building a data-using feature, such as one which takes Fitbit health data and links it to your medical record to recommend tests or interventions that might benefit you. Those engineers may only think about how many lives this will save - the benefits of sharing this data. Because there are some benefits, for some people, in that use case. The problem is when those engineers do not consider all the many ways that sharing could go wrong, and how many other people could be hurt. Discrimination, denial of insurance, stalking, etc.

Personally, I think it would be incredibly beneficial for most software engineers to spend time learning hacking and adversarial thinking. Teaching the people who build these features to think about how the features could, and will, be misused would likely help them build better, safer features. (/soapbox :) )

[extropy]

Thanks for sharing.

I lean to agree that it's more of a shift in public perception of Big Data companies. And hurting Google even when it might be one of the better players.

[shantly]

1) That can change at any time,

2) Those data are never going away, and may not (=will not) belong to Google forever,

3) Data that exists can be demanded by the government, justly or otherwise, and they will get it—private companies running a dragnet spy operation on everyone is only marginally better than the government doing the same directly,

4) Targeted ads are adversarial. So are ads in general, really—yes I know they can be useful but I'm talking in general, and in practice—but it's definitely more off-putting to be spied on then have that information used against you.

5) Google's incentives suck, their ethics suck, and I don't trust one bit that they won't do all kinds of nasty shit with the data they've collected the moment that looks like it's best for their bottom line.

[jasonvorhe]

1) why would a company remove that systems? They've been practically leak free since they started. Why risk the public outcry if a junior developer walks out with a couple of terabytes of personal data because they loosened access to such data without any clear advantage?

[pfortuny]

Because they are compelled by a different government from the present one.

[ok_coo]

One quick and easy example is China.

To echo what someone else said further up the thread, the fact that they have the data is a liability to people. Policies and protocols can change over time. Just because they have great data access protocols in place now doesn't mean it will always be that way.

What happens when the temptation for more profit becomes too great? There are plenty of companies who have (unknowingly) killed their golden goose for short-term profit.

[JohnFen]

> Their internal privacy controls are extensive.

That may be true.

However, the quality of their internal controls has nothing to do with why I don't trust Google. I don't trust Google's official and company-sanctioned uses of my data.

[Medicalidiot]

One thing I have to say is that Google is competitive because of the fact it has so much data. It wants that locked down to keep that advantage. At the same time, I am uncomfortable with the power this affords them over people.

[ur-whale]

You certainly did drink the Kool-aid.

The only problem is that if everything you say is actually true (it might only haven been true for you, or for a subset of folks working there), there is strictly no guarantee that it will last, especially now that all the people who did make Google into what is is culture-wise are long gone enjoying their [B|M]illions.

The next wave of leaders that are taking over have far less scruples and inherited a no-string-attached treasure chest (actually, a better analogy would be a amazingly well stocked armory) and will do with it whatever they damn please.

[9dl]

>Their Internal privacy controls are extensive.

And what about "External privacy controls"?

I think that even fb devs can say such thing but...

[nevir]

Enternal? Did you mean external?

[9dl]

external

[throwaway35784]

Do users have access to the audit logs of those who have accessed their information?