[fromMars]

I do know facts about there internal system. Internally, strict separation is taken very seriously and the logs are keyed by cookies with separate access and physical logs for different cookie spaces and no joining is done based on ip addresses and device signatures in these logs.

It would take a determined and malicious employee to subvert these controls and possibly require multiple employees to get by code reviews to do such.

That said, I can appreciate the skepticism an outsider might have about such claims.

But, I also disagree that Google is incentivized to do "privacy theater" as you call it. For one, many already assume the worst of Google and also such theater could open them up to major lawsuits.

One could make the case that a company like Apple has invested a lot more effort in "privacy theater".

[raneocolg]

Their probabilistic systems appear to use the ip address for anonymous targeting. For example, when you watch YouTube videos using normal browsing mode on one device, it is quite obvious that they influence the Google Ads on other devices in the same household.

That doesn't mean cookies or logs are joined, and the targeting is always anonymous, so it is less precise than when using the cookie ids.

[jauntywundrkind]

Fear Uncertainty and Doubt springs eternal. People are desperate to believe in inherent badness and abuse.