If you disable location services for Yelp, it's pretty unfriendly -- it chooses to make it as difficult as possible for you to use the app to get you to turn location back on. The Google approach for Maps is more pragmatic IMO -- lower resolution location data makes sure I don't get a McDonald's in Finland when I'm in Kentucky.
The hard thing is that I don't want Yelp, Google, etc tracking my movements in a 10-meter radius forever, but I want location from a contextual perspective. I don't think you can do that without meaningful policy controls outside of your local computer.
Apple is fixing this in iOS 14. It allows you to give an app access to only approximate location.
Note that if your location history (precise every five minute location stored to your account) is off, Google won't even suggest a locally-stored list of previous locations you used with Maps. Which is an absolutist position that is usability-wise incredibly frustrating.
That'd certainly be a nice feature. I'd be happy to tell my phone the address of a well-known public building in my area and have all location-based queries orient from that.
>The hard thing is that I don't want Yelp, Google, etc tracking my movements in a 10-meter radius forever, but I want location from a contextual perspective. I don't think you can do that without meaningful policy controls outside of your local computer.
Isn't this just a separate location permission for coarse location (which both OS), and allowing the user to choose between the two (not on either OS, but in iOS 14 beta)?
Maybe people could just live with having to search: "<query> near <nearby major town>" if they want to get geographically relevant results. It doesn't seem that terrible to me.
Maybe you should have to opt-in to handing over all your data, and users who value "usability" over privacy can make an informed choice for themselves.
and then you live in London, ON - Canada, and search for Best places to eat in London...
Or you live in the US city of Vancouver instead of Canada and try the same thing...
I don't have that problem with the yelp app. I turn off location services and search, and yelp lets me select from previously selected locations. Not much help when traveling though.
Interestingly, I _only_ use Yelp from a desktop browser with location disabled. And yet somehow it's still quite possible to enter my zip code and get accurate results.
I do this on mobile. It works fine except Yelp hides the zip code entry by default and the results "spin forever" as if your network is down until you re-select the search box to expose the zip code entry.
I noticed fairly recently that YouTube has undeniably started tracking my watch history even though I've had watch and search history turned off forever, and it's still turned off with (apparently) no data in it.
On the front page, there are constantly recommendations of videos which I have just watched (not liked, commented, only watched). Old, new, whatever. Videos which would be quite random if I hadn't just watched them.
I stopped using Chrome a long time ago after similar observations of how it tracks usage. Good thing I don't really do anything sensitive with YouTube.
Well Chrome does have an installation identifier that was/is transmitted only to google properties.
That would explain the behavior you describe. Google says it is only for tracking experiments and tests, but I doubt even they know what everybody is doing with it, and perhaps you were a member of an experiment where they used it to track you.
"Google tracks individual users per Chrome installation ID" [0]
I use firefox and I see the same behavior with web&app activity turned off, and youtube history turned off. Personalized frontpage when I visit youtube normally. If I open incognito then I get unpersonalized. If I then login inside the incognito session, then I get the personalized recommendations again. This confirms that the recommendations are tied to the account.
Recently I've disabled search and watch history, and home page content became very similar to the Trending tab in my country (i.e. pure garbage). Also I've lost ability to resume playback from last known position across devices, so had to turn watch history on back. And it made my home page great again.
My point was that for me disabling history disabled _good_ recommendations based on my activity (and some other features), which is different from anecdotes in parent and sibling comments.
This is why I have started using incognito mode for anything I wouldn’t want to appear in my YT watch history because I have experienced the same thing. Better yet, use a private browser like Chromium-based Epic.
I've tried to follow the links from the article and eventually came across this document [0]
What the attorney general Brnovich references are emails which shows google engineers are aware that people are confused by the settings. The specific example in this case is that your location is still tracked if you enabled Web & App Activity, but disabled Location.
The emails show the google engineers aren't surprised why users would expect a different result. The main reason people are confused, the google engineers think, is because google doesn't display they are still being tracked in their timeline (in this specific case).
Disclaimer: I'm biased against google, but hope I kept it factual.
This quote basically disproves the phrase Sundar repeatedly parroted to Congressional members about making it easy for people to configure their privacy settings. You can bet this quote is going to be read to his face if there's another hearing.
The author of the statement was redacted in the public version, but my bet is if that is still a current employee, they won't be for much longer. Because this quote is going to hang over Google for the rest of this process.
And as many Google people are probably being reminded this week: Assume all of your work emails may some day be public, and used against you or your employer in a court of law.
> Assume all of your work emails may some day be public, and used against you or your employer in a court of law.
True, but not necessarily bad.
There's always a gotcha document when there is an investigation -- it's the nature of the beast. There's always a tension between attorneys who want to keep everything and attorneys that would put a paper shredder in the output tray of every printer.
Without context, a quote is a quote. I saw one scenario where someone using a cliche "pets vs. cattle" analogy in context of servers was manipulated to sound like some sort of crazy person in a complaint. If it's response to a request to obfuscate or manipulate options for a specific purpose, that's one thing. If it a person asked to provide feedback from the perspective of a user, it's another.
>And as many Google people are probably being reminded this week: Assume all of your work emails may some day be public, and used against you or your employer in a court of law.
They don't need to be reminded because Google has been coaching staff to basically adopt some sort of Google newspeak:
"One part of the presentation, subtitled “Communicating Safely,” advises employees on which terms are “Bad” and “Good.” Instead of “market,” employees may say “industry,” “space,” “area,” or simply cite the region, according to the presentation. Instead of “network effects,” the presentation suggests “valuable to users.”
if you're required to engage in legal speak in normal workplace conversations what's the difference exactly. The only other place I know of where you need to talk in code between two coworkers to not draw the attention of authorities is the mafia
I used to be pretty much in favour of opt-out for stuff like this, but I think at this point the industry itself has managed to prove that it can’t be trusted with anything but legislation guaranteeing opt-in.
Absent legislation, I'm all for a "nuke it all" approach when it comes to ad-blocking and tracker-blocking. It won't catch everything, especially platform-level privacy concerns like this, but it does move good usable defaults over to the user's control. No need to rely on companies who continue to fail to act in good faith.
But IP geolocation has pretty bad resolution. Generally, it can reliably locate country, but rest is a wild guess. E.g. my IP is geolocated to city 300km away (as that is where my ISP has business address).
Yes, because most users will want low latency more than they want a hard-to-geolocate IPv6 address; IOW they will just use the IPv6 addresses their ISP assigns them, which will be easy to geolocate even without the ISP's explicit cooperation. Worse still, because IPv6 promises to eliminate NAT, geolocation will likely become even more precise as user devices will have global addresses that they are not sharing with anyone else.
How can per-device IPv6 addresses alone enable better tracking if they’re long-lived and the device moves physical locations during that time? How would a tracker with only IP address know that the device moved?
This isn't a surprise. Google is a huge company with probably hundreds of teams working on these things. The fact that the privacy settings can be figured out at all is a bit of a miracle.
I doubt the privacy settings are "designed" as much as it is a bunch of disparate teams working on it together with maybe somebody coordinating it.
Sorry, that might be an explanation but it’s not an excuse. Privacy controls in a global organisation are a legal requirement for your software, and you don’t get to just haphazardly throw it together.
Considering both the wealth and caliber of engineering talent at Google, for this feature that has been at the center of attention for both regulators and the public to be as user hostile as it is, it certainly can lead a reasonable person to think that Google is intentionally misleading and confusing its users.
It seems the primary question worth considering now is what regulators are to do in response.
Some sensible government intervention would be nice. Into Google and most of these tech giants, actually. Who ever thought that our cyberpunk future would be such a lame and mundane dystopia.
Do you think that the same governments which are against cryptography will actually look after your privacy? They'll probably require a pop-up that asks: "Is it okay if Google keeps your data, or should we just send it to the NSA?".
I feel that arguments along the lines of "why should we have governments protect consumers on 'x' if they willingly do 'y'" aren't really helpful, and feel akin to whataboutism.
For example, yes, I expect "The Government's OSHA" to enforce worker safety laws, even if "The Government's Police" later winds up brutalizing workers during a strike.
The Government isn't this unified entity, it's more a collection of disparate organizations often embroiled in disputes with each other, each representing various stakeholders who's interests are often in contradiction with one another.
I think you're right that my point is something close to whataboutism (though not exactly whataboutism), but yours suffers from something similar to the Gell-Mann amnesia effect.[1]
Thanks for the recommendation, interesting read. I suppose how one lands on this topic is based on how much continuity one believes there is in a "government."
If a government is simply a large institution or cluster of institutions that perform many roles and have a purpose towards the same end, then the claim of "whataboutism" is simply nonsense and trusting one portion of a government and not another is at least somewhat inconsistent, and this "Gell-Mann Amnesia effect" seems clear when a person can go straight from criticizing the government's treatment of striking workers to advocating for workers protections from this same government.
I think "the government" doesn't exist as a unified entity in any meaningful way aside from maybe linguistically. The government, in my view, is more a collection of organizations that often have outright antagonistic relations to each other, and interests that are fundamentally in contradiction. I don't really view a regulatory body and the NSA to be meaningfully part of the same organization (I'd say there are plenty of private businesses that are more closely "part of the NSA" than some oversight board.) Claiming that the perceived misbehavior of the NSA should prevent us from advocating for consumer protections is clearly whataboutism according to this frame. This view would make this "Gell-Mann amnesia" accusation appear incoherent, since we are talking about disparate organizations with no meaningful connection to one another.
You could make the same argument about different subject areas in a newspaper; saying that the different editors are antagonistic towards each other, and have varying levels of competence. In the cases of both newspapers and governments, there is a similar oversight and management structure across the organization, as well as unity in source of funding.
Perhaps we should expect different parts of the government to act with varying motives, but similar competence.
I think the government organizations attempting to ensure backdoors in encryption are acting deceitfully, malevolently, and incompetently, with the stated motive of easing investigations. Thus, I think the privacy regulators will act deceitfully, malevolently, and incompetently, with the stated motive of protecting consumers.
I'm not sure what cryptography laws have to do with anything. But in this false dichotomy, I'd much rather the NSA have the data. They have far less power and influence. Google censors dissidents and shapes public opinion each and every day.
I think that an organization's bad behavior in one area can undermine its credibility in others, particularly when the subjects are closely related (by privacy in this case).
This is the role of the government. Unfortunately, sensible intervention will only become more and more unlikely as we allow mega-corps like google to proceed unimpeded.
(see: revolving door, funding of political parties, control of search results including news, etc)
This is exactly what I mean by lame. No modifications that let us jump over buildings. No guns hidden in our arms. No hookers with 3 boobs. Just surveillance and programming of the masses via social media.
These dark patterns around location tracking was what finally made me give up on Android. I knew Google tracked location even when the location setting was turned off, so I had App & Web activity disabled.
As Google bricked more and more functionality to dis-incentivize disabling that setting, they dis-incentivized me right off the Android platform and off of the rest of their services.
They did me a favor, really. I was far too naive about them prior to that wake-up call.
Same here. By totally borking the user experience when one attempts to disable location tracking, they just encouraged me to stop using their services. I switched to iOS for mobile devices and now I don’t even use Google Maps on mobile. Apple Maps is good enough. Now Google have no idea where I am when I leave my house, and that’s a good feeling.
To be frank, the entire thing around "privacy checkup", and the way settings are presented to users to allow them to control what they want to share and what not to, is so damn confusing. I tried following my Privacy Settings, and every now and then, Google seems to revise/change existing settings by introducing new sharing settings, which are turned on by default.
Honestly, all of this seems to be a false painting to calm down Congress folks and other legal entities alongside users who are either amateur or those that "don't care" so that things don't blatantly look evil.
Nothing is stupid, it works for someone. It's called a "dark pattern," (https://darkpatterns.org/) and it's by design.
Can pretty much guarantee the accountability for the design decisions goes to a "consensus," from a series of informal meetings, with no individual ownership, because that's also by design. I'm not involved with this at all, but having spent time in many different organizations as a consultant, this is very much a common strategy.
Hopefully Google is forced to follow Apple's lead and implement consent dialogs into Android to allow/deny tracking or usage of any form of identifier/fingerprint.
I am surprised the EU haven't investigated Android and found it breaches GDPR requirements, simply due to the fact it's too easy to collect information that can later be used for analytical purposes without the users consent.
I imagine you can find instances of GDPR breaches in all modern OS' if you looked hard enough - something as simple as a HTTP POST request may be illegal depending on the payload.
Sadly, progress is often slow, but Apple's progress in this area will hopefully inspire Googlers like the one in this article to make statements and drive progress forward.
The GDPR is one of those "useful" laws created to open the possibilities to strong arm any company at will.
Most of the time it's not really enforced (apart of a couple unlucky few to show they mean business) but if they need to put pressure on any company they know they'll find something to hang them with.
After reading this article, I signed into my account. I found that even though I turned off tracking in Google years ago, it still kept my old history.
The article says that Google turned on auto-delete for new accounts by default as the result of a lawsuit. However, if your Google account is older than x years, then they still keep all of your location history unless you go in and manually choose to delete it. Even then, I no longer trust that Google will actually delete it.
You're sad about the existence of discovery in our legal system? Or is there something about the way the AG received the documents not covered in the article?
"The current UI <cut> is designed to make things possible, yet difficult enough that people won’t figure it out."
Let's be honest. Don't attribute it to the system complexity or interop failures — that's bullshit. When they need to shove you an ads under your finger, the complexity suddenly vanishes.
If you disable location services for Yelp, it's pretty unfriendly -- it chooses to make it as difficult as possible for you to use the app to get you to turn location back on. The Google approach for Maps is more pragmatic IMO -- lower resolution location data makes sure I don't get a McDonald's in Finland when I'm in Kentucky.
The hard thing is that I don't want Yelp, Google, etc tracking my movements in a 10-meter radius forever, but I want location from a contextual perspective. I don't think you can do that without meaningful policy controls outside of your local computer.