
Google sued for secretly amassing vast trove of user data - spac
https://www.bloomberg.com/news/articles/2020-06-02/google-sued-for-secretly-amassing-vast-trove-of-user-web-data
======
metroholografix
Getting some semblance of control over my browsing habits and enabling the
implementation of multiple-proxy-based browsing strategies is one reason why I
wrote chrome-private.sh [1].

I go through hundreds of disposable browsing profiles every day.

[1] [https://github.com/atomontage/chrome-
private](https://github.com/atomontage/chrome-private)

~~~
jedberg
Firefox containers does the same thing with a lot less work. If you get the
multi-account-containers extension and the temporary containers extension, you
won't have to log back into everything all the time but will still get
isolation.

[https://addons.mozilla.org/en-US/firefox/addon/temporary-
con...](https://addons.mozilla.org/en-US/firefox/addon/temporary-containers/)

[https://addons.mozilla.org/en-US/firefox/addon/multi-
account...](https://addons.mozilla.org/en-US/firefox/addon/multi-account-
containers/)

Edit: See below with a warning about using this with profile sync.

~~~
metroholografix
Well, there are definite benefits to being in full control of profile
segmentation. You have no idea what the extension is doing unless you audit
it. And even then, there are second-order effects that could surprise you [1].
Plus, the extension writer has to maximally cover the set of possibilities
where a site can store/retrieve data. These are a lot of unknowns you're
trusting and assumptions you're making.

It's far simpler to treat the profile directory as contaminated waste and nuke
it at will. The only assumption you're making is that the browser implements a
profile in a given directory properly.

[1] [https://github.com/stoically/temporary-
containers/wiki/Isola...](https://github.com/stoically/temporary-
containers/wiki/Isolation-Notes#navigating-in-tabs-isolation-exceptions)

~~~
pipeep
Sure, there's probably less exposure from nuking the profiles directory, but I
don't think you're being fair to containers:

\- Containers are a feature built into Firefox, these extensions just expose a
UI for it. The Multi-Account Containers plugin [1] is published by Mozilla.
You don't need to trust anyone but Mozilla to use that base set of
functionality.

\- The container functionality in Firefox is the result of some work from the
Tor Browser being upstreamed into Firefox [2]. It seems reasonable to assume
that it's well-implemented.

\- The limitations of the extension that you linked to don't seem any worse
than your profile-segmentation approach. It's just saying that it's possible
for multiple websites to get opened in the same container, which is similar to
how you could end up opening multiple websites in the same profile.

[1]: [https://addons.mozilla.org/en-US/firefox/addon/multi-
account...](https://addons.mozilla.org/en-US/firefox/addon/multi-account-
containers/) [2]: [https://blog.torproject.org/tor-heart-
firefox](https://blog.torproject.org/tor-heart-firefox)

~~~
metroholografix
I reworded my comment. My point remains in that a lot of possible issues
disappear if I just choose to destroy the entire directory. There is a clear
difference between one Chrome instance (and all its associated windows/tabs)
segmented into one profile directory and in-process segmentation. The issues
at [1] seem to invoke unexpected behavior in that you're asking for a new
temporary container but you can't know ahead of time if that's what you will
get. I'm writing "seem" because it's not clear from the description how that
interaction works. They could be better worded.

With segmentation enforced at instance boundary (rather than in-instance),
there is no unexpected behavior of this sort. All links open in the segmented
instance that the browser window/tab you're using belongs to. If you want a
new container, you start a new instance and you know that's exactly what you
will get. There is no possible "fail open" result. Note that I'm not saying
the Firefox behavior you described is a major issue, just that it proves you
can have unexpected scenarios.

Moreover, jedberg is correct in that cross-profile data leaking is possible
(partly what I meant by "implementing profiles" properly), except that it's
very easy to see if that's happening without auditing Chrome. Use a tool that
records all filesystem operations (e.g. dtrace on macOS).

At the end of the day, I choose one set of trade-offs over another.

[1] [https://github.com/stoically/temporary-
containers/wiki/Isola...](https://github.com/stoically/temporary-
containers/wiki/Isolation-Notes#navigating-in-tabs-isolation-exceptions)

~~~
brmgb
You are being disingenuous.

The issue you are quoting is about opening new containers while following
links. That's something your solution doesn't support at all.

Your solution is akin to manually opening a new container. That will always
work in Firefox.

------
simonw
"According to the suit, the company collects information, including IP
addresses and browsing histories, whenever users visit web pages or use an app
tied to common Google services, such as Google Analytics and Google Ad
Manager."

I'd really appreciate some more technical details here.

Does this include web server logs that record incoming IP addresses?

Is the expectation here that Chrome would set a DNT header in incognito mode
and Google properties would then obey that header?

~~~
t0mas88
Server logs with IP addresses are acceptable to most European privacy
regulators if you only use them for a technical purpose such as debugging. And
not keep them longer than needed for that.

So practically: logs are fine, delete them after a while. If you store the
same information in a permanent database and use it for analysis you're in
trouble and should have asked permission.

The fact that the user uses a private window or other means to indicates they
don't want to be tracked probably makes this a more clear case.

~~~
oefrha
> The fact that the user uses a private window or other means to indicates
> they don't want to be tracked probably makes this a more clear case.

That’s a very confusing statement. My server logs don’t filter incoming log
entries based on user agent, and certainly not on whether you’re using a
“private window” or not.

In addition, the goal of a private/incognito session is to be
indistinguishable from regular sessions, otherwise websites can easily
discriminate against private sessions (which they’re already trying as hard as
they could).

Edit: Wow the number of people on this thread claiming websites should be able
to opt people out of logging based on whether they’re using a “private window”
(which websites should have absolutely no idea about) makes me question if I’m
even on Hacker News.

Edit 2: Chrome sends an X-Client-Data header (which in a sense includes an
installation ID, but allegedly has limited entropy) to certain Google
properties, and rightfully got a lot of flak for it. It does not do so for
incognito sessions. And now we have people arguing that Google should de-
incognito incognito sessions to their analytics properties. Crazy stuff.

~~~
shadowgovt
> Wow the number of people on this thread claiming websites should be able to
> opt people out of logging based on whether they’re using a “private window”
> (which websites should have absolutely no idea about) makes me question if
> I’m even on Hacker News.

Especially since "Websites shouldn't be able to tell if you're in incognito
mode" has been highlighted in the past as a privacy ask, yes.

People can at least agree "website shouldn't be able to tell if you're in
incognito mode" and "website should not track you if you are in incognito
mode" are two mutually exclusive features, right?

~~~
coronadisaster
obviously you don't now what the current incognito mode means (it has nothing
to do with what you tell remove servers)

~~~
bryan_w
So inform us, how does incognito mode work in your world.

~~~
coronadisaster
it doesn't keep history on your personal computer (that's it)... it doesn't
erase history on remote computers like some of you appear to think

I think that it should do more, but it doesn't (a VPN or Tor would be nice in
incog. mode)

~~~
bryan_w
Sorry, I think I might have been aggressively agreeing with you by mistake. We
agree -- incognito mode is a client side thing

------
neil_s
Unless Google associates your anonymous browsing data from incognito mode,
with your regular browsing data from regular mode, I don't see a case here.
And I really doubt they do that, it would be such a clear and egregious
violation of the reasonable expectation of privacy.

The other possible complaint could be that websites still can collect
information on user behavior on the website, even if it is more anonymous in
incognito mode. This is expressly what incognito mode says on the tin. You can
use it to avoid saving your weird porn history locally, but not prevent
websites from knowing what anonymous visitors are doing on their website. If
the average consumer isn't tech-savvy enough to get this distinction, I'm not
sure what Google could do besides putting this explicit warning in every new
tab.

Summary: seems like this case will go nowhere, but still makes for soundbitey
headlines and gives people an excuse to rehash their usual gripes that "my
data is the next oil"

(IIUC, most ad targeting is still based on you explicitly searching for
something you want to buy and ads matching those keywords, or retargeting from
a website you've already visited but abandoned your shopping cart at, not some
all-knowing profile of your deepest wants and desires).

Disclaimer: I work at Google but nowhere near the Analytics or Ads teams.

------
dvduval
I know that Google is making money through use of my personal data. I wish
they would be required boldly state on every page that my personal data is
being used, and that they are profiting from it. Finally, there should be some
steps offered to remedy some of the above such as requesting that parts of the
data that would be convenient for me to have deleted would be deleted. And the
parts that are inconvenient such as my ability to login to sites I commonly
visit could be preserved since that minimum requirements are met so I can
easily access those sites.

And while I have no big conspiracy theories at the moment about how Google is
doing anything evil, there is certainly no guarantee that something in the
future could impact me. For example there could be some bad players working
inside Google, Google could be acquired, or the government could take control
in some way. these are all things that could be dangerous to me in the future
if Google continues to preserve large amounts of my personal information.

~~~
criddell
Would this work for you:

WARNING! We use your personal data to improve your experience using Google
products. We believe this will lead you using the service more often and, in
doing so, see more ads which we profit from.

~~~
monadic2
Hah as if it did improve the service compared to listening to basic product
feedback. YouTube recommendations alone seem to cause people to lose hair, and
that’s not even touching ads.

But what am I talking about! Google KNOWS scale, I’m sure it’ll come together
eventually.

------
dr_kiszonka
(Disclaimer: I have a big personal gripe with Google, but I don't hate the
company in general)

Something has been on mind for a while.

I see lawsuits against Google collecting / selling personal data and ideas to
combat its monopoly in search. What I don't see is a discussion about
regulating companies that have data on the majority of the population.

I know for a fact that Google used search insights to inform strategy. By
knowing what people search for and modeling our behavior, they have an
unprecedented ability to forecast future events. I expect that Facebook and
other, lesser-known companies do the same. I believe it is dangerous for a
company to have this ability.

I am not an expert in public policy and politics. Would it make sense to have
regulatory oversight over all companies that have data on, e.g., over 50% of a
country's population?

~~~
utkarsh_apoorva
Regulations, a lot of times, tend to have the opposite of the intended effect.
In this case, you'd need to define what is meant by "having data".

Is having an email or phone enough to qualify?

Maybe yes.

In that case, think of a rapidly growing startup, which breaches that mark
(50% or whatever the law says) - and now has to comply with the law.

But the startup is not capable of compliance, because the law was made for
behemoths like google.

This startup will go belly over and die soon.

Google's monopoly saved.

Alternatively, leaving it in the public domain for civil suits to be filed has
a tendency of natural selection. If a company is TRULY big enough, and has
that kind of data, someone WILL sue.

~~~
myu701
> In that case, think of a rapidly growing startup, which breaches that mark
> (50% or whatever the law says) - and now has to comply with the law.

> But the startup is not capable of compliance, because the law was made for
> behemoths like google.

If I were 'king of the world' I would consider something like this, but would
not have it be a binary 'must comply or exempt' but a spectrum of ranges from
'totally exempt' to 'totally regulated' depending on what percentage of 50%
you had.

If you have 5% of user emails, you are responsible for the bottom 10% of
regulations and/or you need to fully comply with the regulations for a sample
size of 10% of your users.

IDK I need to give it more thought, but first, another zoom meeting awaits.

------
ipython
How poetic. This lawsuit brought to you by Boies Schiller, the law firm that
aggressively intimidated Theranos whistleblowers. I would argue that their
actions contributed to the suicide of Ian Gibbons, as well as threatening his
widow with legal action after his death.

~~~
ciarannolan
>I would argue that their actions contributed to the suicide of Ian Gibbons
[...]

Anyone who has read Bad Blood [1] should have no doubt about this fact. They
destroyed this man and lead him to suicide in order to try to save their house
of cards.

[1] [https://www.amazon.com/Bad-Blood-Secrets-Silicon-
Startup/dp/...](https://www.amazon.com/Bad-Blood-Secrets-Silicon-
Startup/dp/152473165X)

~~~
qchris
I finally got around to reading it recently, and I think that aspect of the
entire saga was the most startling. Not the fraud, not Holmes' ability to spin
to the public and her board, not the work culture that she and Sunny Balwani
created for their employees, but the severity and frequency of the real and
implied legal threats Theranos employed through Boies Schiller and associates
on literally everyone that touched the company.

~~~
ciarannolan
The way they tried to bully Tyler Shultz [1] was also fascinating. I was
impressed by his ability to resist them. I think his parents mortgaged their
home to aid in his legal defense.

He tried to warn his grandfather, a member of the board, that something was
wrong at Theranos. His grandfather said "Tyler, they can't convince me that
you're stupid, but they _can_ convince me that you're wrong." His grandson
turned out to be right.

[1]
[https://en.wikipedia.org/wiki/George_P._Shultz#Theranos_scan...](https://en.wikipedia.org/wiki/George_P._Shultz#Theranos_scandal)

------
foota
This lawsuit is idiotic. They're claiming Google is doing something wrong by
tracking users from websites using ad tech when someone uses their browsers
private browsing mode.

~~~
t0mas88
Why is it idiotic to expect Google to respect a users wish not to be tracked?
Half the world has laws that require Google to ask permission. Using private
browsing mode is a very clear indication the the user does not want to give
them that permission.

It's really not that hard. Google and Facebook just don't want to understand
it.

~~~
MattGaiser
> Using private browsing mode is a very clear indication the the user does not
> want to give them that permission.

How? Incognito is meant to keep your history clear from other people who use
the computer. It explicitly does nothing about websites tracking your
activity.

~~~
TrowthePlow
Right, it says so in no uncertain terms, right on the page when you open
Chrome's Incognito window:

>Your activity might still be visible to:

> \- Websites you visit

> \- Your employer or school

> \- Your internet service provider

~~~
jlbnjmn
No uncertain terms?

------
dang
This was discussed yesterday here:
[https://news.ycombinator.com/item?id=23397045](https://news.ycombinator.com/item?id=23397045).

------
diablo1
Google is just a digital Eye-of-Sauron[0] and very difficult to avoid if you
do any meaningful surfing of the open web. They have their fingers in many
different pies.

There is even small subcultures on the web dedicated to avoiding Google by
doing things like running 'degoogled chromium' and blacklisting various Google
domains in their /etc/hosts file. Sadly all these mitigations don't work
because Google already has a dossier on many people and even if you don't have
a Google account, Google keeps tabs on you via fingerprinting or other means
and knows who 'you' really are (using simple correlation and heuristics).

Then this raises the issue of: what can be done? I prefer to just be
nihilistic about it and accept that Google already has dirt on me, despite my
mitigations (I have a bit of history blindly handing over personal data to
Google for a number of years). I think young people these days in 2020 have a
great opportunity to implement mitigations and are better suited than me to
browse privately, since I'm already contaminated by Google. (I still mitigate
however, but it's not enough).

[0]
[https://lotr.fandom.com/wiki/Eye_of_Sauron](https://lotr.fandom.com/wiki/Eye_of_Sauron)

------
user00012-ab
> Google surreptitiously amasses billions of bits of information --every day
> -- about internet users even if they opt out of sharing their information,
> three consumers alleged in a proposed class action lawsuit.

a billion bits is only like 130Meg a day, seems like google is doing pretty
good.

------
noncoml
And yet these guys can't figure out that I don't have babies so they keep
showing me ads for diapers.

I guess it doesn't make a difference to them, as long as they get the ad
revenue from Pampers

~~~
v7p1Qbt1im
My profile is also ridiculously inaccurate. Though I do use ublock origin,
privacy badger, etc and disabled most tracking features in my google account.
Also on VPN pretty much all the time. I‘d really like to see the ad profile of
someone who is completely transparent and doesn‘t spend any effort to
obfuscate at all. I‘d imagine it would be much more accurate.

Interestingly my instagram ads are incredibly on point a lot of the time. You
cant really hide your behavior in the app so the get a really good picture,
probably.

------
ve55
“We strongly dispute these claims and we will defend ourselves vigorously
against them,” Castaneda said in an email.

I wonder what it is they actually dispute, when the claims are so basic? Most
popular websites use GA, so of course Google is watching every single user
action across the Internet, regardless of if they have tried to 'opt out' via
any methods, laws, processed, etc.

~~~
dahfizz
Obviously this article is written for the general public and not in legalese.
But this line gives a hint:

> The suit includes claims for invasion of privacy and violations of federal
> wiretapping law.

The claims Google disputes is that they are breaking the law.

> I wonder what it is they actually dispute, when the claims are so basic.

The claims can be summarized basically, but proving that someone has broken
the law in court is not basic. This basic overview of federal wiretapping laws
is over 70 pages[1]. Laws are filled with specific minutia. Here is another
good overview of privacy law[2]. Even though the statement "Google violated my
privacy" seems simple and self evident, to prove it in a court of law there
are tons of very specific criteria you have to prove.

[1]
[https://epic.org/privacy/wiretap/98-326.pdf](https://epic.org/privacy/wiretap/98-326.pdf)
[2] [https://www.stimmel-law.com/en/articles/legal-right-
privacy](https://www.stimmel-law.com/en/articles/legal-right-privacy)

~~~
ve55
Great response, thanks. The US is definitely a more difficult environment to
prove that their privacy violations are not just violations of privacy, but
also of law. I wonder if these wiretapping laws are really the best route to
go about attempting to prove this.

------
hashberry
I have a personal gmail and a work gmail (G Suite), each using my full name,
but both run in separate browsers using the same IP address. I always wonder
if Google keeps a "master record" of people and all their associations, if not
for security or to work with law enforcement.

~~~
Romanulus
Probably. I recall Project Veritas showing hidden video of a Twitter dev
speaking about databases that link all profiles of someone (using things like
IPs, fingerprints, etc. to stitch the relationships together).

~~~
scohesc
I really hate changing the topic here, but I feel it has to be said sometimes.

It's _very_ frustrating when people immediately discredit someone or something
because they don't agree with them, even if they don't have the full story.

Project Veritas does some good work, even if they're blasted in popular
culture/mainstream media for being 'biased', 'alt-right', 'etc'. I bet you the
downvotes you're getting are just because you mentioned Project Veritas.

They have some very out-landish views, but when they actually put people on
the street or go undercover, they've revealed dirt on a lot of companies and
people.

It's shocking to me to see society go from "let's look at ALL sides of the
coin, no matter how egregiously offensive they are to me" to "fuck 'em,
they're trash media, they suck, they shill and are racist, alt-right losers
and I'm not going to look at anything they post because in my mind everything
they do is bad!"

I don't even go to Project Veritas outside of what I hear in the media, but I
still give it a fair look and make my own opinion.

~~~
ehsankia
I'm sorry but no. I'm all for looking at all sides, but Project Veritas is not
that. They have done extremely shady things such as intentionally sending a
fake victim to WP [0], as well as editing/slicing sentences (which they
recorded without consent) to create an entirely different narrative, different
from what the person was originally trying to convey [1].

Even a _single_ one of these incidents is enough to completely throw every
thing you've done and said into doubt, let alone the half a dozen that PV has
behind it. There is absolutely no way you can take anything they say or do
serious after they've been caught times and times again lying and misleading.

It has absolutely nothing to do with how outlanding their views are, and
everything to do with the fact that what they say or do cannot be trusted. I
used to in the beginning, but they are way past being given a "fair look".

[0] [https://www.bbc.com/news/world-us-
canada-42150322](https://www.bbc.com/news/world-us-canada-42150322)

[1]
[https://www.theverge.com/interface/2019/6/27/18760463/projec...](https://www.theverge.com/interface/2019/6/27/18760463/project-
veritas-youtube-sting-james-okeefe)

------
smithza
What are people's opinions on Brave Browser[0]?

0\. [https://brave.com/](https://brave.com/)

------
neonate
[https://archive.md/fsE8w](https://archive.md/fsE8w)

------
nojito
This not from incognito that’s just one piece.

It’s against the practice of fingerprinting users across products and
services.

~~~
summerlight
I don't think Google is doing fingerprint (at least for Ads AFAIK, but there's
not much reasons to do so in other products) and Chrome blocks fingerprinting
in order to make Facebook and other competitors' life harder.

------
shock
> “We strongly dispute these claims and we will defend ourselves vigorously
> against them,” Castaneda said in an email.

I've seen this _exact_ phrasing so many times in responses to lawsuits that
I'm now starting to wonder if future lawyers receive this template as a
graduation fair well package.

~~~
wegs
Lawyers generally copy each other. There is standard text which has gone
through hundreds or thousands of litigations and hasn't done harm, and that's
almost always used going forward.

A lot of oddball conventions, such as THE USE OF ALL-CAPS in specific places,
which have no reason to be legally meaningful, but are always done.

Some of them do turn out to be important. Standard clauses build up over time.

I think plaintiffs are right in this case. Google is openly breaking a number
of laws, including CFAA. This constitutes unauthorized access. CFAA is a
broken law with an overly-broad definition of unauthorized access, which the
tech industry abuses all the time. It will be nice to see them get abused
back. Perhaps they'll have incentive to fix it.

------
bawolff
"Secretly"

------
fred_is_fred
Secretly? Isn't this effectively the entire point of their business?

------
thoraway1010
This is a secret?

------
Medicalidiot
"Secretly" is a misnomer.

------
barking
They'll be dancing in the streets of Redmond tonight!

------
bryanmgreen
Here's a non-paywall article about the matter:
[https://www.reuters.com/article/us-alphabet-google-
privacy-l...](https://www.reuters.com/article/us-alphabet-google-privacy-
lawsuit/google-faces-5-billion-lawsuit-in-us-for-tracking-private-internet-
use-idUSKBN23933H)

I think it's worth noting the class-action lawsuit is asking for at least $5
Billion

I'll also encourage the use of DuckDuckGo.com for your search and [1] uBlock
Origin, [2] Searchonymous ( _it prevents google from tracking your searches if
you 're logged in to an account_), and [3] Google Search Link fixer ( _removes
link tracking from Google Search links_ ) in Firefox, but would happily update
if anyone has better recommendations.

[1] [https://addons.mozilla.org/en-US/firefox/addon/ublock-
origin...](https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/)

[2] [https://addons.mozilla.org/en-
US/firefox/addon/searchonymous...](https://addons.mozilla.org/en-
US/firefox/addon/searchonymous/)

[3] [https://addons.mozilla.org/en-US/firefox/addon/google-
search...](https://addons.mozilla.org/en-US/firefox/addon/google-search-link-
fix/)

