
Google Deceptively Tracks Students’ Internet Browsing, EFF Says in FTC Complaint - pavornyoh
https://www.eff.org/press/releases/google-deceptively-tracks-students-internet-browsing-eff-says-complaint-federal-trade
======
arebop
According to the FAQ, "It’s also possible that Google does not use student
data for any of these purposes—but unfortunately, Google has refused to
articulate the reasons" so it seems like the EFF's position on Internet-hosted
applications is that the specific uses of each kind of data should be
described in a privacy policy.

I think it's a tenable but extreme position, because basically they are
objecting to Google reserving the right to develop new features in an
empirical/data-driven way.

I think most people don't think of e.g., their privacy w/r/t tax data being
compromised when their tax prep software company mines it to make data entry
simpler, or to make it easier to understand the consequences of various filing
choices by visualization, etc. Similarly, I don't think Google is invading my
privacy when it takes my search queries and uses not only to produce SERPs for
me but also to notice that when people type cyombinator it is likely a typo
for ycombinator.

~~~
ryanhuff
I don't think it's asking much for Google to put a wall around the profiles
and associated usage data for these school related accounts.

~~~
arebop
As I said, I think reasonable people can disagree about it, but I think they
are demanding that the wall have a shape like "this data will be displayed
back to you while you work on it and to your teacher during the grading period
and otherwise it will not be used," whereas many people are totally happy for
the wall to be "we will use this data to help you learn and allow your teacher
to evaluate your progress." Lots of people object to advertising to kids, not
so many people object to building a better word processor or kids-oriented
theorem prover or whatever, including ideas that haven't been thought about
yet but are (in the developer's honest opinion) wholly motivated by the
purpose of education.

EFF basically doesn't trust a cloud software company to have any discretion,
but I think most people are willing to take an informed risk when they entrust
their data to someone else's instructions or computational resources;
otherwise they'd write the software themselves and run it on their own device
and so forth.

~~~
ryanhuff
Your example seems fine to me. My kids use Google Docs for school, and use it
both for collaborating with other students at home, and to submit homework to
the teacher. That seems to fall in your example.

The risks that you describe also sound reasonable for adults to assume.
However, Google, being who/what they are (organizing the world's information),
shouldn't be surprised when "watchdogs" ask more of them, particularly in this
case. They deliberately entered this education space. It's not just about
plain advertising (to me). Whatever profiles are built from children's use of
Google's services (that they are required to use through school), should be
carved out from their normal data harvestinf and user profile nurturing. It
should be up to Google to develop a "win/win"model whereby they can protect
students and properly monitor app performance. It doesn't sound too
challenging for a company like Google.

------
chestnut-tree
It's depressing how perfectly normal and natural the idea of tracking users
has become.

I know this isn't a popular opinion on Hacker News, but why should there be
any tracking whatsoever when using an OS? Are people saying that they're
perfectly fine for their Windows/Mac/Linux distribution to track everything
they do? The apps they use? The sites they visit? Because that's basically
what ChromeOS does. It even tracks the documents you print to your desktop
printer (routed through Google's cloud print service).

You aren't even anonymous when you use ChromeOS - you must be signed into your
Google account. Just as a reminder, your Google account = your name, your date
of birth, your location and optional phone number. In other words, some of
your most personal and private information all tied to the activity you
conduct on ChromeOS.

Google states that it does not read the content of your emails in GMail
(emails are scanned by computer), but you could argue that your browsing
habits are just as private and personal. No such assurances on how they handle
this data. Does Google disassociate the identity of the user from their
activity? If not, then who sees this data at Google? How long is this data
kept for? These are important questions, but you won't find answers in
Google's privacy policy. (And you're unlikely to find many in the tech
community asking Google about them either.)

I would never recommend an OS that tracked the activity of students so
relentlessly, especially when many students are too young to understand the
horrendous privacy implications of using ChromeOS. Other companies like
Microsoft are rightfully criticised for their tracking in Windows 10, yet
Google gets a completely free ride. It's just baffling.

~~~
Laaw
What alarms me is how important privacy has suddenly become, despite a
distinct lack of actualization on the "nightmare" scenarios we keep hearing.

~~~
Ankaios
I would hope that privacy is perceived as important prior to the nightmare
scenarios becoming "actualized," because afterward would be too late.

Unfortunately, I don't think that perception is as widespread as it needs to
be, despite your alarm.

~~~
bduerst
If the nightmare scenarios _ever do_ become actualized, then any amount of
perception or hand wringing up that point is moot.

Did you stockpile food and water for Y2k? Fear of uncertainty and the unknown
is both natural and irrational.

~~~
Ankaios
The point is to _avoid_ the problem, rather than to stumble into a state from
which it is difficult to restore the status quo ante.

Please do not mistake "anticipating risks" for "fear of uncertainty and the
unknown." This a risk for which the likelihood currently appears low, but the
consequences could be grave and hard to reverse. At least to my mind, that
warrants a bit of attention.

~~~
bduerst
The point is that there isn't a nightmare problem supported by evidence, and
that irrational fear causes a cognitive bias which leads to such slippery
slope fallacies (e.g. Y2K scare).

You're more likely to be negatively impacted by slipping in your shower, yet I
bet you have spent more energy hand wringing over tracking. Just as parents
have given overt attention to vaccines causing autism.

------
newman314
While I think it's great (but insufficient) that students and kids have
greater privacy protection than adults, it begs the question why all of us
shouldn't enjoy the same level of protection.

Just because one becomes an adult does not mean that an adult is less
deserving of the same level of protection.

~~~
jlarocco
One difference is that an adult can choose not to use Google. They can also
(usually) choose to install ad-block or ghostery or a similar plugin and
thwart the tracking.

If using Google is mandatory for a class, then the students don't have any
choice in the matter. And I think school computers are locked down to prevent
installing browser extensions, so that option isn't available either.

Also, because it's a pet peeve of mine, it _raises_ the question.

~~~
babuskov
Google can also be mandatory for a company your work for, or a client you
provide services to. Yeah, you could opt out to work for that company/client,
but that's no different than attending another school.

There's really no difference. It's all about network effects. We're seeing
Google docs, Dropbox folders replacing what Microsoft Office was in the past.
Vendor lock-in by network effects.

You may like it or not yourself, but let's not pretend it isn't something that
it is.

------
thomaskcr
Is the EFF's problem that this information is stored on Google servers?

Syncing settings to an account seems like one of the prime selling points for
a school using chromebooks. A child loses their chromebook, or gets issued a
different one the next September all their favorites, apps, etc are there
ready to go when they sign in.

[https://support.google.com/chromebook/answer/2914794?hl=en](https://support.google.com/chromebook/answer/2914794?hl=en)

~~~
maratd
Let's try this exercise. Replace "Google" with "Lenovo".

Lenovo sells computers to schools. The computers upload everything entered
onto the computer to Lenovo by minors without consent. Everything uploaded is
data-mined. You can switch it off in some obscure setting.

You would have people carrying pitchforks here instead of saying "really?".
Google doesn't get a pass. This is shady. Should be off by default.

~~~
kllrnohj
> Everything uploaded is data-mined

From the article: "Google does not use student data for targeted advertising"

So... what's the problem?

The data is uploaded for a clear and legitimate need, the ability for school's
to loan out chromebooks on demand. The data is not used for advertising.

Near as I can tell the complaint is this nebulous "it's being data mined" with
no elaboration or evidence.

~~~
dangrossman
Also from the article:

"EFF’s filing with the FTC also reveals that the administrative settings
Google provides to schools allow student personal information to be shared
with third-party websites in violation of the Student Privacy Pledge."

"Google told EFF that it will soon disable a setting on school Chromebooks
that allows Chrome Sync data, such as browsing history, to be shared with
other Google services."

------
blfr
Chrome's sync data is supposed to be encrypted at least with your Google
account password. They could be doing all that (mining, tracking) but there is
a clear, legitimate purpose to this feature: providing the same environment
across computers.

~~~
ryanhuff
Syncing data between chrome environments is different than mining usage data
across google's properties. It sounds like that's the beef here. Children are
required to use the Chrome systems, and parents have no say in the matter, or
control over how Google uses the data.

~~~
lsaferite
Where did they present proof that Google is data mining vs. just syncing data
across devices?

~~~
5ilv3r
If it was only being synced, it would be encrypted with a client side
passphrase. It is not.

~~~
Sephr
You can set a sync passphrase that is separate from your Google password.

------
gmisra
People seem to be conflating "tracking user behavior" with "tracking user
behavior without consent or transparency". Yes, there are plenty of people
opposed to the former, but that is a moot point with respect to Google.

The latter, however, is symptomatic of a much bigger issue: there is a
pervasive belief amongst many of the silicon elite that users simply aren't
capable of making effective decisions regarding tracking, and therefore it is
best if they are not allowed to make those decisions. I have heard this
directly from many people, and each time it leaves me surprised.

If Google were to provide real transparency into the information they track
about me, that would be fantastic. I likely wouldn't even look at it, but I
would know that organizations like the EFF and ACLU would serve as
ombudspeople for the public. Furthermore, whichever of the big internet
players does this first will likely generate a tremendous amount of brand
loyalty and free marketing.

I suspect current behavior won't change without legal intervention, which will
potentially be adversarial, which is a shame since there are people at these
companies who are much more qualified than lawmakers to anticipate and plan
for the future.

It's amazing that a company (and industry) that self-identifies so strongly
with taking novel approaches to solving hard problems can get mired in such
status quo bias.

~~~
jpadkins
[https://myaccount.google.com/](https://myaccount.google.com/)

you can see all the data google collects about you. You can export it or
delete it.

~~~
CaptSpify
> you can see all the data google collects about you. You can export it or
> delete it.

A) In no way do I believe that is _all_ the data Google tracks about me. It's
just what they choose to present to you. B) How do I have any guarantee that
it's actually deleted?

~~~
asuffield
(Tedious disclaimer: not speaking for anybody else, my opinion only, etc. I'm
an SRE at Google. I can't respond to most of the things in this thread, so
don't bother asking.)

"If Google were to provide real transparency into the information they track
about me, that would be fantastic."

"In no way do I believe that is all the data Google tracks about me."

The second comment here is why there's no point in doing the first one. It
doesn't matter how much information we release about this, when people are
determined not to believe it.

It is a frustrating experience for the people who work on them to pour time
and effort into making sure a privacy policy is really _precisely_ accurate
about what is happening, and then see threads like this where people will go
looking for loopholes that aren't there, and because English is fairly
ambiguous they'll eventually find a way to misinterpret the words to support
what they wanted to believe all along.

Here's an interesting hypothetical question: if the primary effect of the
conspiracy theorists is to throw bricks at the people who are trying really
hard to make sure the bad things never happen, then which side are the
conspiracy theorists really on? (I make no claims about whether this is what's
happening, because I can offer no evidence, I just think it's an interesting
question)

~~~
CaptSpify
Honestly, I used to trust Google a lot. Then things like the NSA leaks happen,
and other questionable Google changes, and I'm sorry, but I lost that trust. I
use as little closed-source stuff as possible now.

I'm sure it is frustrating, but you'd have to thank the people in charge for
that distrust. I wasn't born with it, the cloud-providers earned it. I used to
think this was tin-hat territory myself.

IMO, the solution is to stop storing things in the cloud, and start giving me
the tools to do it myself. I have no idea how to work that out financially. If
google made a "maps app" that was open-source and I could run on my own
server, but charged for it, I would probably buy that because I like the
service so much. But as it stands, I try to avoid using it as much as
possible, because I simply _can 't_ trust Google.

EDIT: Forgot to answer this

> if the primary effect of the conspiracy theorists is to throw bricks at the
> people who are trying really hard to make sure the bad things never happen,
> then which side are the conspiracy theorists really on?

At the end of the day, Google just doesn't do enough to make me think that
they are "making sure the bad things never happen". I'm sure there are a lot
of people who are trying hard to make that true, but how can I know that is
true for everyone? What can you offer me other than root access to your
servers? I'd honestly like a good answer to this, because I just don't have
one.

And the amount of data/power that Google has is just too much for me to think
that they won't "get greedy" some day. If up until today, Google was a good
company and wasn't abusing anything in any way, and suddenly tomorrow they
turned evil, why would they erase my data first? They still have it, and I
have no control over whether or not Tomorrow-Google will keep it.

> ...then which side are the conspiracy theorists really on?

The side of trying to validate whether or not things are as they say on face-
value. Whether thats Google's side or not is up to them.

~~~
asuffield
> Then things like the NSA leaks happen

So I don't think that's the cause here, because:

[https://googleblog.blogspot.co.uk/2013/06/what.html](https://googleblog.blogspot.co.uk/2013/06/what.html)

"Press reports that suggest that Google is providing open-ended access to our
users’ data are false, period."

"Any suggestion that Google is disclosing information about our users’
Internet activity on such a scale is completely false."

And you have chosen not to believe a statement made in the strongest possible
terms. If you won't believe this, then I do not think there are any words that
you would believe, so there's no point in trying to get more published.

> What can you offer me other than root access to your servers?

Indeed, and we can't do that because it would invalidate the very security
that you want.

> If up until today, Google was a good company and wasn't abusing anything in
> any way, and suddenly tomorrow they turned evil, why would they erase my
> data first? They still have it, and I have no control over whether or not
> Tomorrow-Google will keep it.

The easy solution here is to not keep any of that data in de-anonymised form
for longer than is necessary, but then people don't want to believe the
privacy policies which say this is happening...

~~~
CaptSpify
I'm not saying Google deliberately handed data over to the NSA. I'm saying the
NSA (and others) are try getting to it one way other other. It's not
necessarily that Google is untrustworthy, but that if the data does get out,
however that happens, it will be quite devastating.

> And you have chosen not to believe a statement made in the strongest
> possible terms.

A) It's not in the "strongest possible term". Quite a bit of weasel-wording
there IMO.

B) How does a statement's strength validate it? I can strongly say any lie I
want.

> Indeed, and we can't do that because it would invalidate the very security
> that you want.

I agree. And I would like a solution to this. There's just not a good way for
me to trust cloud providers.

> The easy solution here is to not keep any of that data in de-anonymised form
> for longer than is necessary, but then people don't want to believe the
> privacy policies which say this is happening...

> The easy solution here is to not keep any of that data in de-anonymised form
> for longer than is necessary, but then people don't want to believe the
> privacy policies which say this is happening...

I don't see how that's at all relevant.

A) Just because one asshole on the internet doesn't believe the policy doesn't
mean Google should just give up on it.

B) That doesn't address my point. Tomorrow-Google will still get access to my
data, unknown to me. I can't verify the "trustworthiness" of a company every
day.

------
MattHeard
"… Google’s “Sync” feature for the Chrome browser is enabled by default…" "…
since some schools require students to use Chromebooks, many parents are
unable to prevent Google’s data collection."

Doesn't "enabled by default" mean that parents should be able to disable the
sync feature?

That being said, I would assume that any tracking features would be separated
from syncing features on a machine built for a student. Google appears to be
attempting to correct that, after EFF's prompt: "Google told EFF that it will
soon disable a setting on school Chromebooks that allows Chrome Sync data,
such as browsing history, to be shared with other Google services."

------
Navarr
> EFF’s filing with the FTC also reveals that the administrative settings
> Google provides to schools allow student personal information to be shared
> with third-party websites in violation of the Student Privacy Pledge.

What? Is the EFF complaining here that Google gives schools the ability to
share their student's data with third parties and that is wrong (by Google)?

------
free2rhyme214
"If Google wants to use students’ data to ‘improve Google products,’ then it
needs to get express consent from parents.”

This is true.

~~~
SystemOut
It is not actually true. The school district acts as the agent for the child
and it is their responsibility to spell out in contracts what the vendor can
do with the data (in most cases). They are bound by various state and federal
laws on what they can allow as well as what they must require of vendors but
in general the parents don't have to provide consent on a case-by-case basis.
Of course, parent can talk to the district about it and potentially have the
child not use the service but this is not something vendors would ask of each
parent.

------
pjc50
An example of student privacy invasion using good old fashioned paper surveys
and leading questions: [http://www.thecanary.co/2015/12/01/children-branded-
potentia...](http://www.thecanary.co/2015/12/01/children-branded-potential-
terrorists/)

Note that "The surveys were supposed to be anonymous, and when concerns were
raised about pupils being identified, assurances were made they would be
destroyed." turned into the survey results being handed to the thought police.

(There are various programs trying to combat "islamic extremism" in schools in
the UK, all of which seem to be proceeding in clunky bureaucratic ham-fisted
ways.)

------
marincounty
Off topic comming up. I feel the one thing that will really get Google in
trouble is this hypothetical senerio--right out of a bond movie:

Google has the ability to look at all our internet history. They have the
ability to read our emails. That can match up ip addresses with street
address. They can most likely figure out what most people do for a living.
(yes, some of this spying in illegial, unless advertising purposes?)

Could you imagine looking at the Internet history, and emails of the Titans of
business around the world? Looking at the information that stock/investment
types pass around.

Looking at all this information, collating it, data mining it, etc., and then
buying and selling stocks/bonds/etc.?

Yea, I know it's illegial. It just seems like it would be tempting? I know the
SEC is probally, or I hope they are, watching out for this kind of
hypothetical behavior, and no--I don't think the founders of Google would ever
even think about doing someting like this. If I worked there, and had access
to sensitive files on those servers; It just seems like it would be hard to
not look at that information, and make a few bets? Yea, I know they have great
internal security, and have strict policies, but there's always a guy who
would be willing to break the rules? I don't think I could not look at that
information, and try to predict the future? (In reality I would never do
anything like I proposed, but it sure would be tempting?)

~~~
pdkl95
People are attacked _physically_ over tiny sums of money. Occasionally someone
is _murdered_ over sums small and moderate sums of money.

If people can be tempted by money to commit terrible crimes of violence, we
should expect it would be easier to tempt someone with either larger amounts
of money or less risk of getting caught.\

Mining data - from any source - is a lot less risky than murder, with a very
low probability of being caught. Sometimes, selling data can be incredibly
profitable.

What is the probability that all of the current _and future_ people at google
will overcome that temptation? Even if people currently at google somehow
resist the temptation, the open-ended nature of the data means that _someone_
will eventually break.

~~~
toupeira
Nevermind the possibility of intelligence assets/agents working undercover at
companies like Google and Facebook.

