Google, Data Privacy, and Unconscious Oversharing

Pushpins overturned on a map of the world

Google is tracking your location. Did we not already realize this?

Yesterday the Associate Press released a story titled Google tracks your movements, whether you like it or not. The gist of the article is there are at least two settings on your Google account relevant to your location, “Location History” and “Web and App Activity”, and you need to be aware of how you’ve configured both to limit the extent to which Google tracks and saves your location data.

Privacy Settings

via Google’s Activity Controls:

Location History

Saves where you go with your devices to give you personalized maps, recommendations based on places you’ve visited, and more.

Web and App Activity

Saves your activity on Google sites and apps to give you faster searches, better recommendations, and more personalized experiences in Maps, Search, and other Google services.

Question

Which setting do you need to disable to stop Google from saving locations of the places you’ve been?

(Second question: Did you know these settings exist?)

For the first, what did you go with? Location History? That seems to make sense but turns out not to be enough.

Answer, from AP and Google

To stop Google from saving these location markers, the company says, users can turn off another setting, one that does not specifically reference location information. Called “Web and App Activity” and enabled by default, that setting stores a variety of information from Google apps and websites to your Google account.
When paused, it will prevent activity on any device from being saved to your account. But leaving “Web & App Activity” on and turning “Location History” off only prevents Google from adding your movements to the “timeline,” its visualization of your daily travels. It does not stop Google’s collection of other location markers.

Um, what? Actually, this is not too surprising. Leveraging location makes Google services better. Knowing your location allows Google Search to show you the conditions outside when you search for “weather” instead of a definition for the word. It also lets you see concert tickets at venues in your city and movie times at your local theaters without the need to include your physical address in the search. Plus, driving directions in Maps would be useless if you didn’t let Google know your GPS coordinates.

Unconscious Over-sharing

The real issue here is not that we give up some privacy to make online services better as we use them, but the fact that transparency is virtually nonexistent into how companies use our data in ways we don’t consider. We are unconsciously over-sharing our personal information.

Take Maps again as an example. Not only does the service help us get from point A to B without the need of a physical map, but it also gets us there on the fastest route, optimized to include time in traffic.

Did you specifically let Google know that you are sitting in traffic? Unless you’re an active Wazer, the answer is probably no. So how did they determine there is a slowdown ahead? Remember, data lets companies improve their apps and services in ways indirectly related to the original value proposition. So while you are going 20 on the highway, using Google Maps to direct you home, Google is using your changes in location to measure your position and speed and recognize you are sitting in traffic.

Do you like that Google Maps includes traffic data? How would you feel if Google removed the “Traffic” feature from Maps? No one focuses on the benefit that’s given to you when you hand over your data and the service gets better.

It would be interesting to learn exactly how Google implements Traffic in Maps. As a thought experiment, would Traffic still work if everyone on the planet disabled Web & Activity Data? Clearly for Google Maps to give you directions, you must give it your location. But is the transaction single use? Does Google read your location, update your directions, then throw away your GPS point? They could reuse your location data to help improve the service for everyone else. They could even go as far as saving that data point for later, just in case another service could benefit from the information in the future. Each of these are not a “could”, Google is doing all of this.

But because the industry is so shady in its reporting practices for collecting data, it’s confusing what benefit you’re actually getting because it’s all just very opaque I give you my data and what am I getting out of it? This confusion leads to a default reaction is to turn off all data sharing settings, but in reality the services don’t work if they have no data. Kind of a Catch-22.

Companies have also streamlined the app onboarding experience and skirted away the finer details of what apps give and take. Google’s activity controls are not mentioned when you set up an Android phone or create a new Google account. So how are we supposed to be proactive about the privacy settings?

We need to flip the script on data privacy and give people the information they need as they need it. Not retroactively as a “clean up” feature.

Random thoughts

Ad Market Cap. Ad companies like Google and Facebook need as much information as possible about you to create a profile about you to sell ads and show ads to people like you. Facebook still knows a lot about you based on how you’ve used Instagram even if you’ve never posted a single picture. They can track scrolling, clicking, stopping, screenshotting.

Inastapaper GDPR. We still have no idea what Intapaper and Pinterest were doing that was against GDPR in the EU. It would be nice to know how companies use the data we so generously hand over.

Facebook and Google “Shadow profile”. All the data and information we didn’t explicitly give, but is intuited by algorithms from less visible forms of input (location from ip address, activity by linking signed in & out accounts). Even with all these settings disabled, to some unknown extent, Google et all stills know about our location and how we use the internet. It’s our right to know they know.

We need apps people pay for.

Product & service privacy settings

If you are concerned about companies knowing too much about you and your whereabouts, be sure to double check privacy settings for Location Services on all your devices.

Devices

iPhone
Settings > Privacy > Location Services

Android
Settings > Security & location > Location

Mac
Apple menu > System Preferences > Security & Privacy > Location Services

Windows
Settings > Privacy > Location

Chromebook/Chrome
Settings > Advanced > Privacy and security > Content settings > Location
(or search “Location”)

Apps & Services

Google

Microsoft

Apple

Instagram

Facebook
(Use a VPN)

Strava
So many toggles… read the article

My settings

Just saying, turn everything off. Google won’t be the same, but at least you’ll be in greater control of your data privacy.

Activity Controls

Screenshot of Google's Activity Controls permissions settings webpage

My Activity

Screenshot of Google's My Activity control page

Oh, and pot, meet kettle

“They build advertising information out of data,” said Peter Lenz, the senior geospatial analyst at Dstillery, a rival advertising technology company. “More data for them presumably means more profit.”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.