
How to Set Your Google Data to Self-Destruct - feelthepress
https://www.nytimes.com/2019/10/02/technology/personaltech/google-data-self-destruct-privacy.html
======
bambax
> _For those who don’t want Google to create a record of their location
> history at all, there’s a switch for that. On the My Activity page, click
> Activity controls and scroll to Location history and turn the switch to the
> off position._

Yes, that's what I do. But then Google Maps on the phone nags you constantly
that it should be on.

Removing the nagging would be an immense improvement and proof of commitment
to privacy on Google's part.

~~~
nieve
Be very careful about combining Inactive Account Manager with telling Google
not to store activity data. I started getting countdown to deletion warnings
telling me I needed to log in to show I wasn't inactive, but no matter how
often I did it was ignored completely until I turned on activity tracking. I'm
not sure if this is a rare bug or working as intended, but it could go badly.
In the end I turned off Inactive account management and activity tracking, but
it was a bit disturbing.

~~~
lonelappde
What counts as logging in? Do you check Gmail or drive weekly? Backup and
Sync?

Can you set up an API key app that pings an API weekly?

~~~
nieve
If I recall correctly their documentation suggests that a single login to the
Gmail web app or several other properties should count as well as the official
Gmail apps, but no web logins I tested had any effect for me. Sadly I can't
retest this without setting a new timer on an account.

If you end up in a position to tet this you'll want to keep an eye on multiple
account logins as well since the link they send you in the warning doesn't go
to a specific account. If you're logged in to more than one account and the
first one isn't the one you got the warning about you'll end up looking at the
manager for the wrong one and need to either log out entirely or find it
manually. A minor design issue, but it can be confusing for a few minutes.

------
tzfld
My concern about these deletion request is that you are totally at the will of
the platforms, that they actually will delete your data. This already imply
trust towards them. And if you have trust they handling data with
responsibility, why would you need to ask for delete?

~~~
TheSpiceIsLife
This is how I feel about it.

I don’t have any faith that I’m going to be protected from current / future
persecution because I ticked / didn’t tick some box on some control panel on
some service provided by _Morally Bankrupt MegaCorp_.

~~~
theelous3
That's a bit pessimistic/paranoid and off the bat doesn't make a whole lot of
sense.

If your data is supposed to have been deleted but they ignored it, they have
it illegally.

If someone from the state wants to prosecute you and requests the data, the
company wouldn't own up to having it, because they're not allowed have it.

Why would they lie to you, and then sell themselves out to the state?

Fine, they might keep it, but not in order to assist in prosecutions lol

~~~
Lio
The way Google acts with regard to privacy law is similar to how they act with
regard to tax law.

That is they look for loopholes and places they can use dark patterns to nudge
users into giving up more data. They stay within the rules but push the
envelope of what’s acceptable to the legal limit.

It’s not that they are holding onto data specifically to support prosecutions
it’s that they hold onto data because that’s what Google do.

They’d hand that over because they have it and to not cooperate would
unnecessarily cause them business friction they could easily avoid.

~~~
theelous3
So the conspiracy is rather that the delete button simply doesn't do anything?

I don't think that would go down well for the prosecution if you ever ended up
in court.

The reality is that 99.99% of users never even open their account settings,
let alone micromanage their identity's state across dozens of platforms.
Google wouldn't even notice if all hn readers deleted all of their data and
deactivated their accounts tomorrow.

The most reasonable thing for them to do is to actually delete the data, and
avoid all headaches. It's the more profitable move. You look like good guys
and avoid legal problems.

~~~
Lio
Nope that’s not the conspiracy. The conspiracy is that you’ve pressed the
wrong button because the UI is deliberately confusing.

If you could find the right button I’m sure it would delete the data...

except that it’s down the UI equivalent three flights of stairs to the
basement, behind a filing cabinet in front of a locked door with a sign on
saying “Beware of the leopard”.

Oh and every tracking feature is on by default even if you’re not logged in.

~~~
theelous3
Well, maybe for you. I'm in the EU. I don't have to navigate a UI. I can go
the UI route, or I can email them instead for a surefire approach.

Even then, the UI's for these things usually aren't actually that
darkpatterned. Once you get down the first dark tunnel, it tends to open up
quite well.

------
adam12
"How to auto-delete your search history Most of Google’s new privacy controls
are in a web tool called My Activity. (Here’s the URL:
[https://myactivity.google.com.](https://myactivity.google.com.))

Once you get into the tool and click on Activity Controls, you will see an
option called Web & App Activity. Click Manage Activity and then the button
under the calendar icon. Here, you can set your activity history on several
Google products to automatically erase itself after three months or after 18
months. This data includes searches made on Google.com, voice requests made
with Google Assistant, destinations that you looked up on Maps and searches in
Google’s Play app store."

------
kccqzy
Weren't a lot of people on Twitter complaining that this is basically
insufficient? Most of the information about you that can be profitably mined
to create "insights" about you expire in less than a month, these people
claim. By having Google auto-delete them in three months, it could provide
some peace of mind to you, but it doesn't really affect Google's ability to
target you in ads.

~~~
judge2020
I don't think that's what Google is trying to advertise with this, the threat
model is "I don't want google having 10+ years of my browsing history in case
they are compromised or some G employee goes looking through my history". My
point is that it isn't misleading, of course they're not going to
intentionally harm their Ad business unless you really go though the trouble:
[https://youtu.be/NQ6-DP6DIiU](https://youtu.be/NQ6-DP6DIiU)

------
freedomben
Link is a little buried in the article:
[https://myactivity.google.com/](https://myactivity.google.com/)

~~~
ignoramous
The controls: [https://myaccount.google.com/data-and-
personalization](https://myaccount.google.com/data-and-personalization)

------
sdan
Only flaw I see with this and stuff like FB saying they "deleted" your account
is:

"It's deleted" is (or could be) another term for "You can't see it anymore,
but it's there somewhere"

Haven't gone into ToS, but regardless, there's no way we can determine if it's
_really_ gone.

~~~
notelonmusk
I think I had read that Amazon TOS said employees wouldn't have access to your
data if you closed your account. I'm sure they have some right to make
temporary (we hope) backups but I thought it was a fair clause.

~~~
sdan
Regardless of company, I don't want them to keep any "backups" of what I
delete.

In my view, if I say I want to "delete" my account, I don't want a single
trace of my existence on that platform from then on. No emails, no backups,
nothing.

~~~
creato
By definition, any really effective backup (off site, offline) can't simply be
modified instantly when you click a button in a web UI. The reason it takes
months for backups to clear out your deleted data is that's how long it takes
for the entire backup to be discarded and replaced by a new backup that
reflects your deletions.

While the data is likely inaccessible forever in this case, the reason the
company can't just say it's been deleted is if they actually do need to
restore one of these backups, the data you deleted will come back.

~~~
jefftk
You can delete user data from backups much more quickly than that:

* Encrypt each user's data to a user-specific key

* Keep the key in hot replicated storage

* When you get a deletion request, delete the key

~~~
creato
You still need to back up the keys? How does this solve anything?

Backups aren't just about replication/redundancy, they also protect you from
bugs and other sources of corrupted data.

~~~
jefftk
You can back up the keys in ways where it's very easy to purge them: no tapes,
easy to recall and edit.

~~~
creato
The fact that backups can't be accessed and modified easily for a long period
of time is a feature, not a bug, regardless of the actual mechanism of
implementation (like tapes). That's what stops e.g. ransomware from affecting
backups in addition to the primary storage.

A backup that can be edited to delete data like an encryption key instantly
when the user tells it do is also a backup that can be easily lost or
corrupted.

------
neonate
[http://archive.is/o87EK](http://archive.is/o87EK)

~~~
JC5413789642675
Thank you for this.

------
Roritharr
Usually, as with turning off location history, I feel this only hurts the
user, as I don't believe any relevant parties won't have access to the deleted
entries if the need arises.

The only person who doesn't have access to that data will be the subject the
data originated from.

~~~
TheSpiceIsLife
This is what it boils down to for me.

Plausible deniability.

“We don’t have your data because you told us to delete it. Chortled chortle.”

------
acollins1331
Does anyone have any insight on what actually happens to this data? Is it
really deleted or just stored in a warehouse somewhere inaccessible to me but
accessible to some snooping government or hacker?

~~~
mda
Many time discussed before on HN with some input by Google SREs. It is totally
deleted (with some delay because of backups)

[https://policies.google.com/technologies/retention?hl=en](https://policies.google.com/technologies/retention?hl=en)

------
john-shaffer
I set this, even though I've blacklisted Google on Firefox. (I just use
Chromium if I need to use Gmail). But, how can I stop Google collecting data
on my phone? I was initially blocking Google because of censorship, but I
can't find any way to control my phone, and it's feeling really personal now.

------
gumby
Three months is a hilarious joke. The value of analytics data decays steeply;
they let you delete the stuff that's not particularly valuable to _them_.

If Google actually cared about your privacy you'd be able to delete the info
for shorter intervals, or even have it not stored at all.

~~~
Spoom
They do. You can turn it off entirely in most (all?) cases.

------
user51416
This does not change Googles behavioral profile on you. In fact, it just adds
another data point on your profile that implies that you don't trust Google to
protect you data.

------
why-oh-why
A few months ago someone posted a tool that cleared this and old tweets as
well, but I can’t remember the name.

I wish there was a tool that regularly nuked my Facebook history as well, from
comments in random groups to likes across the site. I have no use for things I
commented 10 years ago.

~~~
jefftk
_> I have no use for things I commented 10 years ago._

This attitude confuses me. Looking back at things I wrote ten years ago makes
me think "huh, I used to believe X and now I don't, why did I change my mind?"
and "X used to be really important to me and now it's not, what happened?". If
I'm writing something today I'll often look back at what I've said about it
previously (and I like having most of what I've written as blog posts so
that's easy).

Then there's the benefit to others: being able to look back at what people
were thinking in the past is super useful for understanding how the world has
changed, and textual comments are great for that.

~~~
why-oh-why
I’ll be honest. I used to preserve everything and I also was surprised at a
friend who’d reset his Twitter profile every so often.

But it feels like everything can cause outrage these days and I don’t want to
know what will look bad in 10 more years, out of context.

I’ll take out the archive and keep the memory on my computer, not online, for
everyone to see.

------
Jaruzel
> _...it will begin rolling out a new private mode for when you’re navigating
> to a destination with its Google Maps app, which could come in handy if
> you’re going somewhere you want to keep secret, like a therapist’s office._

There we go again, shaming mental health :(

------
odysseus
Is there an automated way to get it to self-destruct sooner? Like every 12 or
24 hours?

~~~
HNLurker2
You're right Odysseus that would be awesome

------
kirk1982
the data will be deleted from the front end but it'll still stay at google
servers for like 2 to 3 years. So basically a useless thing to do.

~~~
lucasverra
any source for that claim ?

