[bmcahren]

If you read into the federated technology they've been deploying I'm fairly comfortable saying I agree with their decisions.

Let's take a look at the "Now Playing" architecture available on Pixel devices.

At first glance by a critic you think "You're crazy for giving Google permission to have your microphone always on and listening for songs you're hearing, privacy this privacy that".

If you read into it, you'll be comforted to know they've built a model to generate signatures clientside which are able to be compared on-device to a list of signatures which are similar to it. Then as far as I understand, they are able to take signatures which contain no discernable audio data and use those to discover new audio trends.

> On Pixel 4 and later phones, the counts of songs recognized are aggregated using a privacy-preserving technology called federated analytics. This will be used to improve Now Playing's song database so it will recognize what’s playing more often. Google can never see what songs you listen to, just the most popular songs in different regions.

Privacy-preserving, user-beneficial, and useful for advertising targeting if you haven't opted out of interest based ads.

[jrochkind1]

As far as "now playing",what they say the software does may be quite clever in privacy preserving ways.

But once you have given them access to your microphone, you have to trust that their software does what they say it does, without mistakes or bugs (whether in design or implementation) or accidental security vulnerabilities (possibly maliciously introduced by the NSA or who knows).

If you do not give them access to your microphone (assuming the OS access controls are themselves working; but that's a much smaller attack area), you do not need to understand trust anything.

[pseudosavant]

And this is from a company that forgot to tell people that the flashy smart thermostat they bought last year has had a mic in it the whole time.

They are a company that will only pay attention to privacy when forced to by an existential threat. It just isn't in their company DNA to care about user privacy. They aren't the customers.

[hertzrat]

What do you mean a microphone in a thermostat? You mean nest?

[deadmutex]

I know Ecobee Thermostat has a mic built in... but not Nest Thermostat.

So, OP is likely mistaken in their comment.

[deadmutex]

> that the flashy smart thermostat they bought last year has had a mic in it the whole time.

Note to readers: This is false.

EDIT: If you're downvoting, please provide evidence. There is a lot of misinformation out there, and OPs post increases it.

EDIT #2: Here is Rishi Chandra, GM of Nest: "Putting a microphone on a thermostat, I actually don't think makes any sense"

[tempest_]

https://www.cnet.com/news/google-calls-nests-hidden-micropho...

It was in their security hub which is perhaps better or worse than the thermostat depending on your view.

[deadmutex]

My understanding is that security hub announced glass break detection from day 1. And that feature uses a microphone to listen to glass breaks... so I wasn't surprised. But, I guess that's not obvious to everyone, so they could've put it on the box.

And, I just didn't HN readers to think there was a mic on the thermostat, so I was correcting that.

[frenchy]

Having a microphone to detect broken glass is very much not obvious. As someone completely unfamiliar with the problem space, I would have assumed the normal solsolution was something along the lines of: run a current throught the glass and check the voltage "drop".

[PhantomGremlin]

you have to trust

Remember when Google sent hundreds if not thousands of cars all around the world and 'accidentally' hoovered up massive amounts of information?

I'm sure it was all an innocent mistake. Google are certainly worthy of our trust! /s

https://www.theguardian.com/technology/2010/may/15/google-ad...

[danShumway]

> If you read into the federated technology they've been deploying I'm fairly comfortable saying I agree with their decisions.

I don't, not in this case. The only thing that FLoC seems to change is how data is aggregated and how buckets are determined. But fundamentally, the idea of taking users, putting them into a box based on their normal browsing habits behind the scenes, and then broadcasting that box and associated data to every website they visit -- that's just not a private model.

What Google doesn't seem to understand (or chooses not to understand) is that the end result of bucketing users and sharing data about them behind the scenes while they browse is the part that many people object to. So Google keeps on trying to come up with systems that allow them to serve different content to people and to collect demographic info based on variables and processes outside of users' control -- but to somehow do it in a way that is magically not a problem.

But it's like trying to create a 'nice' mugging. It's not just the methods I'm opposed to, it's also the end goal.

FLoC still doesn't give users control over how they present themselves on the web. And part of privacy -- part of the reason I care about privacy in the first place -- is because people should have control over how they present themselves on the web. There are tools Google could build if they wanted to go in that direction, but FLoC remains an opaque system that runs in the background that collects data about you and sends it to every website that you visit. That's not a private system, regardless of how the data is collected. It's not designed to be transparent, it's not designed around user consent.

Honestly, it shouldn't even be an opt-in/opt-out system. Why can't I choose what buckets I belong to? Google isn't thinking deeply about user choice, they're not even being remotely imaginative about how they could give users more power over what ads are shown to them. They're still stuck in a mindset of "this needs to happen behind the scenes outside of your control where you don't know what we think about you. And we'll let you opt out of the entire system purely because we're forced to. But nothing else!"

[Kronopath]

This is actually a really good point. A lot of privacy-related things people complain about are actually related to how you present yourself, how your identity is seen by the computer system you’re interacting with.

That’s been on my mind a lot lately, so much that I wrote a thing about it: https://kronopath.net/blog/segmented-identity-as-necessary-f...