
Are you ready? This is all the data Facebook and Google have on you - bookofjoe
https://www.theguardian.com/commentisfree/2018/mar/28/all-the-data-facebook-google-has-on-you-privacy
======
danarmak
This is nonsensical:

> The data Google has on you can fill millions of Word documents. > Google
> offers an option to download all of the data it stores about you. I’ve
> requested to download it and the file is 5.5GB big, which is roughly 3m Word
> documents. This link [Google Takeout] includes your bookmarks, emails,
> contacts, your Google Drive files, all of the above information, your
> YouTube videos, the photos you’ve taken on your phone, the businesses you’ve
> bought from, the products you’ve bought through Google …

Well duh, Google stores your gmail emails and Youtube videos and Drive
documents and so on! This is the service they're providing you! Google Takeout
doesn't give you a 5GB archive of advertising profile or covertly gathered
info, it gives you a 5GB archive of the documents you deliberately uploaded to
Google services - emails, docs, pics, videos, calendar appointments. The list
of Android apps installed on your devices is there so that when you link a new
device to your Google account, these apps will be automatically installed on
it. And so on.

There's a single link on that list related to surveillance - namely, your
Google Ads profile, which only shows very basic data, I'm sure they have
vastly more complicated data stored on me.

There's enough genuine reasons to be upset with Google's surveillance, let's
not promote this kind of silliness. Google knows which Google Groups you're
subscribed to, really? 5GB could fill 3m Word docs - how many is that in
Libraries of Congress?

~~~
mrtksn
This is typical. As a techie, you're triggered by technical detail because you
understand the technical details of that example that is intended to
illustrate the size of the data collected.

Rest assured that this happens all the time and when people read news about a
topic that they are an expert on, they cringe all the time. For example, a
paraglider pilot will get triggered if the reporter uses the word "Jumped" in
a story about a paraglider pilot who crash-landed and injured two more people.
This is because paragliders don't jump but take off from hills etc.

Usually reporting on technical topics is very hard because you need to reach
the non-technical audience so you will HAVE TO use illustrative examples and
not exactly accurate descriptions so that can be absorbed by the non-technical
readers. Unfortunately, this will put you in a position where can be called on
by technical readers who are triggered by the "implementation details" of your
story.

I do believe that calling out the 5GB illustrative example is missing the
point of the article. It's just a way to portray size of the data collected on
you, it doesn't have any meaning even if this data was 3Mb or 100Gb. For
example, if it was 3Mb Google might have used it to convey how little data
they collect on you as if the size that this data takes has any correlation
about the impact, then why even bother with such an irrelevant point of the
"article implementation"?

~~~
faitswulff
The word "triggered" should really be reserved for military vets and those who
have experienced traumatic events in their past that would cause severe
distress, not as a synonym for "annoyed."

A veteran who relives the horrors of war when fireworks go off is not nearly
in the same space as a developer who is annoyed that someone misused technical
jargon.

~~~
Xeoncross
> The word "triggered" should really be reserved for military vets

Certainly not. While many military personal certainly have faced mind-altering
situations, they are far from the only ones who have ever suffered from
traumatic events.

Children and Women are the subjects of the most twisted and abusive stories
I've ever been able to fathom.

~~~
therapeutic
The full quote is:

> The word "triggered" should really be reserved for military vets AND those
> who have experienced traumatic events in their past that would cause severe
> distress

(emphasis mine)

You can't just cut a sentence in half and then try to form an argument against
it. That's not fair.

~~~
Xeoncross
I agree, I don't think it said that when I wrote my comment.

~~~
faitswulff
It likely did not, I edited a few times.

------
WA
NO, NO, NO. This is not _all data Facebook /Google has on me_. It's way less.

What I don't get in all of this debate: People grant FB/Google/any other app
access to their data and seriously expect that their data isn't harvested?
IMHO, there really is zero surprise that Facebook has your call and SMS
history, if you granted access to that. Or every single login timestamp.

What is way scarier is that the dump you can download is probably far from
complete. My Facebook dump shows rather few items, because I'm not a heavy
Facebook user. But I'm quite sure that they have A LOT more on me, because of
friends uploading my phone number, profile pictures, _meta data_ from the
WhatsApp acquisition.

The big scary question is: How do you access the data in your shadow profile
that they won't give to you? How do you even _prove_ that they have more on
you than they admit?

Edit: Same for Google. I don't use a Google account most of the time and I bet
they STILL have my entire search history associated to some kind of shadow
profile.

~~~
gcb0
people don't know they are granting permissions.

when you provision a new android device it will try to link your account to
chrone, and its very hard even for a developer to catch its chrome and not
android os. after that small mistake (which is an optout in the ui pattern)
its game over. google have all your history and every webview ad has your full
profile. not to mention your web bank passwords are now conveniently save in
google servers in plain text.

and yes, an even worse problem is the hidden data/shadow profile.

~~~
alach11
"passwords are now conveniently save in google servers in plain text"

Do you have a citation for this?

~~~
laken
Not the parent, but here is where they store your chrome passwords:
[https://passwords.google.com](https://passwords.google.com)

------
Klathmon
The section labeled "Google has information you deleted" is a bit misleading.

If files are in your "trash" they will be included in your takeout. If you
clear your trash, they will not be included in your takeout (after a
reasonable amount of time, if you "empty trash" then instantly go and make a
new takeout bundle it might still be included). It's the same way with spam
and email trash. It's given to you in your bundle until you manually fully
delete it.

Implying they keep everything you ever deleted is wrong.

Edit: I don't want to get into hypothetical arguments about what Google could
possibly be doing. I'm simply saying that the reason the author had "deleted"
things in their takeout archive was because it was most likely in their
"trash" and wasn't fully deleted in the UI. And that "things in your trash
folder are included in your takeout bundle" isn't "proof" that they never
delete anything.

~~~
wu-ikkyu
How do you know they're doing a hard delete server side and not just flipping
a delete flag?

~~~
Klathmon
You don't.

But from what I have seen Google takes infosec very seriously, and will fully
delete information when they say they delete information. They even point out
that it could "linger" for (IIRC) 90 days after you delete it in backups and
other replicated copies, but after that should be fully and completely
deleted.

~~~
wu-ikkyu
Hopefully they so take infosec as seriously as you assume they do.

However, we have repeatedly seen profits prioritized over security in the
corporate world with negligible repercussions when the data is inevitably
compromised.

~~~
Klathmon
I knowingly and happily give my information to Google, and I trust that they
do not overstep their bounds when I tell them not to collect something.

If Google ever gives me a reason to not trust them I won't. But thus far they
have been okay in my mind and I'm happy with the services I received and the
tradeoffs made with regard to my information.

I fully expect more nastygrams and threats from people for saying this,
because it happens every time I say I trust a company.

~~~
wu-ikkyu
Do you think Google has never been hacked or compromised by an insider?

~~~
UncleMeat
Do you think that major companies don't have systems to mitigate this threat?

~~~
wu-ikkyu
None that are invulernable to an APT or an inside attack.

Saying "I trust company X with my data" is the same as saying "I trust that
company X cannot be hacked".

"There are two types of companies: those that have been hacked, and those who
don't know they have been hacked."

-John Chambers

~~~
Klathmon
>Saying "I trust company X with my data" is the same as saying "I trust that
company X cannot be hacked".

No it is not, and it's also why I didn't reply at first because I had a
feeling it would go down this path.

I don't believe for a second that my data will never be "hacked" at Google
(for whatever definition you want to think of for "hacked"). But I do believe
that Google has done their due diligence in preventing that kind of attack to
the fullest extent they can, they give me the tools to remove data that I want
removed, they are competent in their architecture to make leaks and hacks have
limited scope, and i'm confident that they will be able to uncover evidence of
"hacking" and will use the legal system to go after those responsible limiting
the damage that a "hack" can do.

I enjoy the benefits I get from Google. I like that they scrape my email for
calendar info, flight info, package info, etc... I like that they track my
location and create automatic albums for pictures I take (and upload to them)
while at a location. I like that they can get location indoors using wifi APs
or that they use my voice in ML training to improve the product, or that they
offer me relevant ads to pay for those free services and products instead of
ads that have little or nothing to do with my interests. I like that I can go
back and search my hangouts (then google talk) chats from my friends from over
a decade ago, or that they backup my files that i put on google drive, or that
they record what apps are on my phone (and some data from those apps) so that
if I need a new phone I can quickly set everything back up, or that they store
saved passwords on their servers so that I can easily get the same ones on
multiple devices, I like that my reviews of apps/places can have my name and
face put on them and that reviews from my family and friends show up over
random people online, etc... And I especially like that I get most of this for
no effort on my part. No servers to maintain, no software to setup and manage,
no security needed on my part aside from keeping my username, password, and
second factor auth secure. I only have a limited time on this planet, and I
don't want to spend it setting up private email, storage, photo backup
utilities, and whatever else that I get "for free" through Google services.

I'm not being tricked here, i'm not "missing something" or pretending that
these companies are infallible. I'm making a consensus decision to trade
information about myself to a company I trust for tangible benefits. If that
company becomes untrustworthy, then I will adjust my feelings and behaviors,
and I will most likely be hurt by it at some point (because you can't un-give
information, especially not to a bad actor), but again that's a risk i'm
willing to take.

I don't know why I typed all this out, and I don't mean to target it all at
you personally, just at the boogeyman I've built up in my head of "internet
person telling me i'm dumb for trusting a company". It's exhausting constantly
having to defend against what-if's because I want webmail, or being constantly
berated and insulted for making tradeoffs with my own privacy like it's some
kind of personal insult to people that I am not as private as they are
(there's nothing wrong with privacy, I advocate for it quite a lot, but your
whole life doesn't need to be private all the time, i'm happy to share some
aspects!).

~~~
wu-ikkyu
Fair enough, you seem much more knowledgable of the risks (at least on an
individual level) than the vast majority of users.

However, have you considered the threats to national and global security that
are posed by the centralized aggregation of billions of the most detailed
psychological data profiles the world has ever seen?

------
Nadya
I feel a disclaimer that The Guardian uses Google Ads, Google Analytics, and
Google Tag Manager on the site to track you and help Google further track you
should probably be added to a scaremongering article about Google tracking the
user.

I feel most technical people are aware of the level of tracking going on. The
more privacy concerned do what they can to mitigate it.

~~~
JepZ
Yeah, but I find it kinda hard to keep up with their development speed. Every
year or so, I find out about Google having introduced a new option which is on
by default and that Google has started collecting data from me again.

------
slenk
But I willingly give my data to Google - they have (for some reason or
another) kept my trust.

Facebook broke my trust with data I didn't know they had collected.

~~~
Calvin02
What data does Facebook have on you that Google doesn’t collect?

Google buys your credit card purchase data. Did you give it that? Why do you
think Google wants you to stay logged into Chrome?

Let’s be honest here and call a spade a spade.

The world is just realizing how ads based business models work and there’s no
difference between Google and Facebook.

~~~
vatueil
> _Google buys your credit card purchase data._

A more accurate explanation of the scare quote:

[https://news.ycombinator.com/item?id=16698587](https://news.ycombinator.com/item?id=16698587)

> _IIRC, this was announced as part of a program that uses double-blinded
> crypto that allows google to perform matching against this data in aggregate
> (Set intersection knowledge), but not individually identity of what a given
> user purchased, at the same time preventing the merchants from learning the
> identities of individuals either._

> _According to what they presented at a crypto conference, they went to great
> pains to avoid capturing personally identifiable transactions. The overall
> strategy is that Google Knows = Set A = (all ads shown for user X at
> Merchant Y) Merchant /Credit Card Proccessor Knows = Set B = (all $$$ paid
> by User X at Merchant Y), and that it is possible to cryptographically
> compute sum($$$ of A intersect B) without either side learning Set(User X)._

> _Now whether you believe in the security of the algorithm and whether there
> are side channel leaks or attacks is another issue._

> _Edit:_ [http://bristolcrypto.blogspot.com/2017/01/rwc-2017-secure-
> mp...](http://bristolcrypto.blogspot.com/2017/01/rwc-2017-secure-mpc-at-
> google.html)

> _About 10 minutes in_
> [https://www.youtube.com/watch?v=ee7oRsDnNNc](https://www.youtube.com/watch?v=ee7oRsDnNNc)

------
supermdguy
My google activity history, youtube search/watch history, and location history
are all completely empty because I've disabled all of it. I would recommend
going through the privacy checkup[0] to control what does and doesn't get
saved.

[0]
[https://myaccount.google.com/privacycheckup](https://myaccount.google.com/privacycheckup)

~~~
DarkCrusader2
I also did it some time ago, but I have a feeling, with nothing to backup my
claim, that they still log, store and analyse all my activity but just don't
show it in the dashboard. I don't know how targeted ads are (because of ad
block) but youtube doesn't suggest me anything based on watch history so I
guess I might be wrong here.

~~~
samschooler
One thing I like to do is just leave them all on, but minimize my contact with
Google's services. Then I check in every few months just to confirm they
haven't collected anything on me.

~~~
DarkCrusader2
Off topic - I am actually working on a framework to automate the process of
self-hosting these services on some VPS. I might open-source it once it is in
usable shape. But some things just have no real alternative(like maps and
android)

~~~
samschooler
Apple Maps is actually acceptable I think (at least on iOS). I'm trying to
find an alternative for Google Photos.

------
acobster
This person stored their PGP private key on Google Drive, which they use "to
encrypt" emails. I'm glad the author is security-conscious enough to know what
PGP is, I guess. And that they deleted it from Drive (didn't say why,
hopefully they came to their senses about the more-than-usual amount of trust
they were placing in Google).

Is there a valid use case for "encrypting" email with a private key? I guess
signing a message is technically encryption, but it's not typically called
that, right? I'm hoping their use of "encrypt" in this context is just an
error, and that tech reporters at the Guardian understand how key pairs
work...

~~~
gowld
One of PGP's functions is to encrypt email. Why would you expect someone be
savvy enough to understand how PGP works but not be savvy enough to use its
main function?

[https://en.wikipedia.org/wiki/Pretty_Good_Privacy](https://en.wikipedia.org/wiki/Pretty_Good_Privacy)

~~~
eindiran
When you encrypt an email with PGP, you use the public key of the individual
you are writing to, not your own private key. You should only use your private
key to read the mail encrypted with your public key, or to sign messages.

------
danielbln
Is this really surprising to anyone but the laymen? I mean, of course they
store everything the user does, why wouldn't they?

~~~
untog
> Is this really surprising to anyone but the laymen?

That's a pretty huge caveat. "This isn't news, except to the majority of
people". It's an article in The Guardian, it's obvious intended for the
"laymen", of which there are a pretty big number.

> of course they store everything the user does, why wouldn't they?

That's the crux of it, for me. I agree, they have no incentives not to hoard
data. So those incentives, like GDPR, should be created.

~~~
tomxor
> That's a pretty huge caveat. "This isn't news, except to the majority of
> people"

TL;DR defaults matter to the layman - the 99%, google will say they gave you
the options (so many that it's tiresome for most people to bother going
through).

Yup, when reading through all of the stuff I was just checking off my mental
list of all the things that don't affect me. I don't use google on phones, and
for gmail stuff i've already trawled through the massive list of options to
stop tracking and logging various stuff. Additionally I only log into a google
account in isolation so it can't join history together.

Even after all of this I recognise that google mostly likely has other tricks
up it's sleeves like browser fingerprinting to join sessions together and
associate their activity with my account in secret, not to mention they are
mining all of my email of course, but this is the best I can do while
continuing to use a google account (and even without a google account they can
still track individuals via other means).

This is only practical for those the most aware of what these companies do and
the most interested in preventing - understandably, the layman just wants to
use it as intended without doing days of research and digging through piles of
options in paranoia trying to turn everything off, these types of services
rely on this fact. I am not a normal user and they really don't care that
1e-10% are evading them, they are relying on the fact that almost all of their
users wont be going to great lengths to turn all the tracking and logging
options off.

------
halayli
This is where a legit issue start to turn into clickbait weak journalism.

~~~
efdee
I wouldn't be so fast to dismiss it as clickbait. Do you really think non-tech
people are aware of the amount of aggregated data these companies have on
them?

~~~
blhack
As pointed out elsewhere in this thread, the article uses scare tactics that
misrepresent what google is actually storing.

They are storing your emails, for instance, and your photos.

This isn't google tracking you any more than a storage unit company is
stealing from you.

~~~
Mc_Big_G
What percentage of users do you think fully understand that Google is
literally tracking their every footstep? Yes, it's Google tracking you whether
you realized it or not. Tracking is not and never has been "opt-in".

------
uptown
I'm more interested in what they collect about me that they're not showing on
a user-friendly dashboard.

~~~
laktak
\+ what do they collect when you are not logged in.

~~~
chopin
or don't have an account.

------
peterwwillis
_" We would never let the government or a corporation put cameras/microphones
in our homes or location trackers on us. But we just went ahead and did it
ourselves because – to hell with it! – I want to watch cute dog videos."_

You can get people to do anything with the right incentives.

------
rossdavidh
Took advantage to go onto Google and give it even more info on what ads they
should (and should not) show me. That's probably not what the Guardian
expected/wanted me to do.

I may be alone in this, but I expect that everything I do on the Internet is
done in public. Nothing new here.

~~~
untog
> I may be alone in this, but I expect that everything I do on the Internet is
> done in public. Nothing new here.

So how do you send private messages? Carrier pigeon? Even Signal uses the
internet, after all.

~~~
cjslep
I bought an entry level fountain pen, some ink, some lightly cotton blended
paper and stamps.

Then I got hooked.

I learned how to fold paper into its own envelope. I bought supple wax and
sent a design for a custom wax seal stamp, so now I can mail a letter that is
wax sealed domestically or internationally.

My friends love getting letters in the mail that's not spam. And a few even
write back. One made his whole envelope out of duct tape.

We still call and text, of course.

And now I am practicing calligraphy in order to craft my own book, binding and
all. I got very inspired when I saw the Book of Kells and Chester Beatty
collection in Dublin.

Practically this has cost me (the fountain pen setup plus forever stamps) $100
USD. But that's because I bought a nice ink. So I think if people have a
little bit of disposable income, and have Netflix to cut out of their life,
could pick up old fashioned writing to catch up on life's details in private.

Heck, could even skip the writing and just buy the envelope and stamps, and
type up a letter to print and mail!

~~~
at-fates-hands
I totally subscribe to this novel idea. However, I hear rumblings about doing
away with the USPS for various reasons. It's nice to know I'm not the only one
still using some "analog" methods to communicate.

------
chrischen
How feasible is it for Google/Facebook to infer/build profile of private
browser activity?

Since most sites implement google Analytics and Facebook tracking code
(ghostery is reporting both on the guardian website). They could use browser
fingerprinting, which has already been proven to be extremely accurate, to
augment known user profiles and data. Facebook already creates shadow profiles
for people without profiles. I don't think there's any US law from making
these inferences from "voluntarily" submitted information so it's perfectly
plausible they would do this without telling people, no?

A more compelling argument for users to take privacy seriously would be to
tell them: Hey guess what Google has the ability to know what porn you search
for (yea even in your private window) since you're sending them all the data
required to track you, and there's no laws in place to prohibit it.

~~~
Sylos
I'm presuming that you're not talking about Firefox's Private Browsing mode,
which comes with an actual tracking script blocker.

The biggest factor for tracking without the ability to store things on the
client is IP-based tracking. In many cases, the IP address narrows the number
of possible persons down to a handful. Then you can use behavioural analysis,
fingerprinting or factor in other data to narrow it down those last few
meters.

And well, any time you visit a webpage which has a DoubleClick ad on it, uses
a font from Google Fonts, incorporates JQuery from Google's server,
incorporates Captcha, Maps, YouTube, Custom Search Engine, Google+-Button from
Google's server, etc., or in fact, even though this is the least of your
worries then, Google Analytics and Google Tag Manager, any time one of these
is on a webpage you visit - which is pretty much every time you visit any
webpage, your IP address is sent off to Google.

And now comes the bad part: As is information about what webpage you're
currently on, as part of the HTTP Referrer.

And I mean, if your URL is not resolved by 8.8.8.8, you can consider yourself
lucky, too.

So, Google effectively has your complete browsing history, whether you're in
private mode or not.

Facebook is not nearly as bad in this respect, but their Like-Buttons are
rather widespread, too, and they do have an analytics framework, as you've
already pointed out.

~~~
chrischen
I would like to add that not only does Facebook have like buttons everywhere,
many websites add Facebook analytics code as well to track performance of
their ads.

------
thisacctforreal
This headline is patently false, Facebook is known to purchase information on
people from Data Brokers and none of that is included in their data downloads.

Things like MAC address logging and such is also missing.

The only things included in the download are things you've given them;
pictures, messages, likes, contacts, web browsing history, and phone metadata
if you gave them permission on your phone.

If they were able to purchase phone metadata from your service provider, it
won't show up there.

If all Facebook kept was user-submitted data it would be orders of magnitude
less creepy than it is.

------
newshorts
OMG google has been storing all my email?!

Creepy, that’s what they said they would do when I opened my gmail account.

~~~
aje403
However, they have also been capturing your webcam as you type out each email.
Please see document #3015698 for the top 3 most likely things you will eat for
breakfast over the next week over what is most likely in your fridge right now

------
m4yhem
Now if a malicious actor gains access to your login credentials they also gain
access to this rather unique data..

------
pwaivers
The Google timeline has surprisingly missed a log places that I have been.
They are either not telling me about it, or they don't store everywhere I go.
[https://www.google.com/maps/timeline?pb](https://www.google.com/maps/timeline?pb)

~~~
lostcolony
If your laptop doesn't connect to anything, it has no idea where you are.

If your phone doesn't connect to anything and enable location services (GPS is
costly in terms of battery though), it has no idea where you are. Of course,
your phone -is- connected to the cell network most of the time, and so
theoretically it could calculate where you are to within a mile or so, but
that, 1. Takes battery, and 2. Isn't that accurate. So there's a good chance
it wouldn't bother.

------
m0skit0
"The data Google has on you can fill millions of Word documents" What does
this even mean?

~~~
aje403
Ordered word documents, one bit stored in each file that is reconstructed in
sequences of signed bytes

------
throw2016
This misses the wifi router data Google collects via android phones. Android
is a sieve designed to enable a spyware economy like the rest of Google who
are creepily stalking every human unfortunate enough to use their services.

But most here know about this, many are intimately involved in it and are
happy to defend it. Outrage targetted at Facebook while making excuses for
Google feels inauthentic.

Everyone wants an ethical society but when it comes to paying a price
economics always wins out and we are left with the spectacle of the privileged
hand wringing, blaming the system, blaming the victims and acting helpless. If
you can't be ethical you can't expect ethical behavior from anyone else and
you get the society you deserve.

------
dwighttk
I was actually surprised going down the list at how little Google has on me. I
mean, I've used Duckduckgo for a long time and never used Android, but forgot
I had turned off ad personalization and deleted youtube and search history.

I'm surprised they didn't have anything in search or youtube because I deleted
the history long enough ago that I didn't remember doing it, so I've
successfully stayed away from using them.

Still waiting for the data download, but I know they have all my gmail
messages and some stuff I put on Drive a long time ago.

~~~
ForHackernews
Do you think they actually delete your history when you turn those features
off? I assumed they just stopped displaying it to you.

~~~
mda
They actually completely wipe out. This was discussed before by Google Sres.

------
doodpants
So I clicked on several of the Google links in the article to see what info
they had on me, and all of the resulting pages prompted me to sign in to
Google to see the info. (Which I did not then do.) So... they're only
gathering this info on people who use Google services while signed in? It's
not like you need to be signed in to use search or maps. I thought that this
article would be about how Google tracks you _without_ being signed in, and
even if you clear your browser's cookies.

------
dwighttk
By making this data so easy to see (which I admit is really nice) Google makes
it that easy for other people to see it if they get your account log in. Sort
of Scylla and Charybdis here.

------
aschobel
I’m unable to see my historical Google location data on iOS via

[https://www.google.com/maps/timeline?pb](https://www.google.com/maps/timeline?pb)

I’m getting the following error:

“Location Services permission is not set to always. Timeline cannot function
properly if you don’t allow Google Maps access to your location while in
background. [Skip][Turn On]”

Seems like I should be able to see what historical location data they have
without enabling background location.

Disclaimer: I work for Apple

------
sqdbps
Evidently we're at the outraged-explainer-porn stage of the media manufactured
panic cycle. They are certainly using every part of that buffalo.

~~~
announcerman
And you're at the superior-to-all cynic portion of your comment history.

------
NiklasMort
What kind of noob "data consultant" must you be if you didn't know years ago
you can opt-out of most of the google stuff? Google allows to
deactivate/delete (we dont know if they do but at least its offered) most of
the stuff he wrote about. Facebook is its own story, but then again..his own
fault for using and pushing data up there

------
908087
...and once again, an article that could have actually gone in depth on this
topic, manages to leave out the data these companies collect and purchase from
third parties (e.g. credit card transactions) and public records.

An accurate title for this piece would have been "This is all of the data
Facebook and Google are willing to tell you they have on you"

------
ttsda
>Somewhat pointlessly, they also store all the stickers you’ve ever sent on
Facebook (I have no idea why they do this. It’s just a joke at this stage).

It's pretty obvious Facebook needs to store the stickers you sent if they
store your chat history. They come in their own directory in the bundle so
they can be shown in the chat HTML pages.

------
pttrn
Both of those services are free of charge. What did people think was going to
happen? I really don't get the huge amount of paranoia these stories have been
generating recently. You're using an SaaS platform, so yes, they have your
data. "Your data" is literally their business model.

------
teamhappy
Kind of shitty that they didn't mention that you can delete the data from your
Google account and disable further data collection (at least for the stuff
mentioned in the article). I guess that would have made the article more
informative and less scary.

~~~
ForHackernews
Can you? Does that actually delete data from Google's database? Or does it
just flip a switch so the won't serve you "personalized" ads based on that
data?

~~~
teamhappy
I don't know what really happens when you click the delete button but I assume
it does what is says. Why would they offer to delete the data and then not do
so? Some intern finding out about that would cause a PR disaster and maybe
even legal trouble. Doesn't seem worth it, they could have just not added the
feature then.

------
qz_
The fact that Google stores deleted documents from my drive makes me kind of
uneasy... why would they ever need this? Speaking of which, does anyone know
if the contents of your drive is used for your ad profile?

~~~
Tempest1981
Possibly they were in this users Trash folder, otherwise it's worrisome.

------
dec0dedab0de
I just thought of something, all the attention that this is finally getting
means you can go dark without raising suspicions.

------
thinkingemote
Are you ready? Hold onto your seats folks! This is an article whose aim is to
spread fear, uncertainty and doubt.

~~~
dwighttk
It's funny, I bet Google is glad this article is out there. Look how easy they
make it to see "everything" they know about "you". And you can delete it if
you want!

When they are thinking about this article, no one will worry that you can't
see any profile they have for you when you aren't logged in.

------
kjsingh
"Google has every email you have ever sent using Gmail"

Err ya that's the service right :P

------
devit
Has any novel useful insight on humans ever been deduced from all this data?

------
johnalamos
with all the data they have on us WHY IS IT STILL SO DIFFICULT TO PAY TAXES.

Why can't this be easier ? Why can't google produce a tool for this ?

~~~
grzm
I believe the primary reason is that there's a pretty big industry around tax
preparation that's making that difficult.[0] I've also heard arguments that
there are anti-tax motivations that want to keep it difficult so people view
taxes more negatively. I don't have any info on the latter, so take that with
your daily recommended allowance of sodium chloride.

[0]: [https://techcrunch.com/2013/03/27/turbotax-maker-funnels-
mil...](https://techcrunch.com/2013/03/27/turbotax-maker-funnels-millions-to-
lobby-against-easier-tax-returns/)

------
sbmthakur
Privacy concerns are good and should always be raised. But before panicking
like anything remember who gave them the data in the first place.

------
tapatio
Wow, that was an eye opener.

------
jim_dow_jones
It's okay, I only use Incognito mode.

~~~
m0skit0
That mode doesn't do what you think it does.

~~~
jim_dow_jones
My joke was poorly received. I'll do better next time.

