
Google’s 4k-Word Privacy Policy Is a History of the Internet - mitchbob
https://www.nytimes.com/interactive/2019/07/10/opinion/google-privacy-policy.html
======
jsnell
The NYT privacy policy [0] is 5.2K words. It contains basically everything
that they're criticizing Google for. And a bit more. Apparently NYT will by
default sell (sorry, "rent") your name and postal address to direct mail
advertisers.

> [If you use technology, someone is using your information. We’ll tell you
> how — and what you can do about it. Sign up for our limited-run newsletter.]

Uh-huh. If there's even a trace of irony in that writing, I can't spot it.

[0] [https://help.nytimes.com/hc/en-
us/articles/115014892108-Priv...](https://help.nytimes.com/hc/en-
us/articles/115014892108-Privacy-policy?module=inline)

~~~
smnrchrds
There is a separation between NYT the corporation and the editorial staff.
Just a couple of weeks ago, there was an article in NYT complaining about
CCTVs installed in NYT office [0]. Should we now dismiss every article in NYT
complaining about surveillance (especially workplace surveillance) as
hypocritical and ironic, because if NYT thinks surveillance is bad, why do
they do it themselves?

Newspapers like NYT are one of the few institutions where workers enjoy a
level of freedom from management in doing their work. The other example is
tenured professors. We should celebrate this, not mock it.

[0] [https://www.nytimes.com/2019/06/01/opinion/surveillance-
came...](https://www.nytimes.com/2019/06/01/opinion/surveillance-cameras-
work.html)

~~~
icxa
> We should celebrate this, not mock it.

I don't know what dystopian world you want to live in, but any time I see a
company profit off sheer hypocrisy, I am going to call it out and mock it.
They can have freedom all they want, but this article is generating clicks and
revenues for Parent Corp, so they deserve the scrutiny. This isn't some public
service they are providing.

~~~
SolaceQuantum
Asking for curiosity: Given the tenured faculty comparison, should we blame
tenured faculty who criticize predatory lending when their university accepts
students with the same predatory loans?

Or perhaps a more direct comparison: Are tenured faculty at D1 sports
universities hypocritical for researching the benefits of more funding going
towards education and less towards massive stadiums?

~~~
thanhhaimai
There are two different cases for this:

1) The faculty member from University A writes an article criticizing
University B, _without_ mentioning that University A also has the same
problems.

2) The faculty member from University A writes an article criticizing a set of
problems, including examples from both University A and B.

The subtle distinction between both #1 and #2 is why people have different
opinions on this. Many people consider #1 to be hypocritical and #2 to be
fair.

~~~
JauntyHatAngle
It would never be pointed out at all if you're following case #2 though if
you're in a position of the OP though. The university wouldn't allow the
article. The net result is a loss.

If people can't criticise at all due to some level of hypocrisy (which is
separated from the author in this case!) then we all end up in a worse spot.

------
groovybits
This article is probably intended as a jab at Google for having a Privacy
Policy that is absurdly long.

However, this is also proof of how far we've come in regulating how personal
information is identified and stored.

For example, the data comparison between 1999 and 2019 - Simply saying "We
collect personal information you provide and clickthrough information" is
certainly not enough nowadays. A short and generic policy lends itself to
legal abuse, whereas the longer and specific policy tells you exactly what to
expect from using the service.

Can things be made more clear? Always. But I think this trend is generally for
the better.

~~~
donmcronald
What difference does it even make? If they want to collect new info, they just
add it to the all encompassing policy for “everything Google” and the opt out
option (lose access?) is too detrimental, so I have to agree.

They might as well just say “we collect everything.”

~~~
groovybits
> If they want to collect new info, they just add it to the all encompassing
> policy for “everything Google”

Well the policy is not a binary blob. Google does more than most services by
providing a full archive of their policies, as well as a clear-cut comparison
of each.

[https://policies.google.com/privacy/archive](https://policies.google.com/privacy/archive)

FWIW, their most recent comparison is nearly all clarifications, with only one
completely new addition.

------
donmcronald
I hate adhesive ToS / Privacy Policies. I think options for data export should
have to be sent to the user alongside privacy policy changes. I also think
companies should be required to show TOS / Privacy Policies in a modal dialog
that’s displayed for the amount of time a fast reader would take to read them.

If the average person reads 250 words / min with 70-80% comprehension, that’s
16 minutes for a 4k word policy. Since it’s legalese, I bet it’s 30+ minutes
for most people. That’s ridiculous.

~~~
ijpoijpoihpiuoh
I don't get it. People want comprehensive details about what companies do with
their information, but they also want short privacy policies. You can't have
both. And if you look at Google's privacy policy, it's not legalese at all.
It's mostly explanatory, since its text binds _Google_ , not the user.

The TOU is a different matter, but, again, users and the law have forced
companies into the situation where they have to explicitly spell out every
detail. Even with that, Google's terms are written in what seems to me to be
plain English
([https://policies.google.com/terms?gl=us](https://policies.google.com/terms?gl=us)).
What would you cut from that to make it more concise? I can see a few things,
but I'm also not a lawyer, and I'm not equipped to judge what liabilities each
sentence might protect Google from.

Most people never read this stuff because most people just don't care. They'll
never have a dispute with Google that would be covered by the terms, and they
don't care enough about privacy to find a less convenient but more privacy-
sensitive alternative. Even if they do care about privacy, they probably have
a pretty good idea of what kinds of information Google collects, so the
privacy policy is at most a reference for cases where they are unsure.
Attempting to force them to read it would be unproductive, since it contains
information that is either irrelevant or else already known to potential
users.

~~~
Drdrdrq
You are missing the point. There should be no _need_ for such policies. Google
should not be able / allowed to collect this data, with or without user
consent.

~~~
ijpoijpoihpiuoh
If that's what the person I was replying to meant, they should just say that.
They shouldn't say, "It's too long to read."

I don't agree at all with your point of view. I still think consenting adults
can take some responsibility for making their own decisions about things.
Obviously there should be exceptions when there are serious safety concerns,
but such is plainly not the case with search engines.

Anyway, the TOU doesn't even address privacy very much. It would be a
paragraph shorter if Google collected no user data at all. So I don't really
think that is the point the top-level poster in this thread was making. Or if
it was the point they were trying to make, they were doing so circuitously
indeed.

------
Havoc
Does anyone actually read privacy policies?

My default assumption is that they're all out to f me on this front & it's not
like you actually have a choice in the modern world. If it's 4k long then I
guess they just needed lots of noise to hide the crux of it.

~~~
dwyerm
I do. If nothing else, I look for a binding arbitration opt-out, so I can
engage that before whatever time period expires.

~~~
Raphmedia
This reminds me of Pokemon Go forced arbitration opt-out clause that made the
news and trended a while back.

"The Go terms do include an opt-out provision for people who don’t want to
give up their rights. However, you must opt out within 30 days of first
agreeing to the Terms of Service.

Luckily, many Pokémon Go users have only downloaded and activated the app in
the last week, meaning they are still within that timeframe.

To Opt Out: Send an email ASAP (before the 30 days have passed) to
termsofservice@nianticlabs.com with “Arbitration Opt-out Notice” in the
subject line and a clear declaration that you are opting out of the
arbitration clause in the Pokémon Go terms of service."

[https://consumerist.com/2016/07/14/pokemon-go-strips-
users-o...](https://consumerist.com/2016/07/14/pokemon-go-strips-users-of-
their-legal-rights-heres-how-to-opt-out/#more-10247511)

~~~
throwaway2048
This is America in 2019, where even toy games on phones subvert your right to
legal process...

------
UweSchmidt
The simple idea of presenting users with a text like this is madness. You know
I won't read it, you know most people couldn't process or understand it if
they tried, you want consent and agreements through a popup in the browser yet
you know damn well that it is not an agreement at all.

To anyone who does this, who presents complicated privacy guidelines, EULAs in
all-caps, insane cookie opt-out checkboxes, please have a hard look in the
mirror. Think of a real-world analogy for the kind of roadblocks and
contraptions you are building, how you are misleading and exposing your fellow
humans. Thanks.

~~~
jaflo
Isn't most of this because of legal reasons though? You can't really leave out
a lot of the language without being more vulnerable in court.

~~~
saxonslav
There should be a summary of all legal policies tbh

------
ehsankia
Yesterday, some editor at Google accidentally used "4,000" instead of 4K in
their Prime/Chromecast presser, and now today whoever submitted this replaced
4,000 with 4K. Was that a subtle joke?

------
petilon
On a somewhat related topic: Google changed gmail URL to mail.google.com from
gmail.com. I think this is for easier tracking of users--it is easier to set
cookies that are shared by all Google apps and sites.

------
booleandilemma
“ _Google’s Policy Google’s policy on our_ ”

Was that typo in Google’s original 1999 privacy policy or is that just the New
York Times sucking at copying and pasting?

~~~
foldr
It's a heading copied without formatting.

~~~
MichaelApproved
To clarify, it currently shows it like this:

> Google’s Policy Google’s policy on our wholly controlled and operated
> Internet sites...

This is what it should look like formatted:

 _Google’s Policy_

Google’s policy on our wholly controlled and operated Internet sites...

------
IronWolve
(recap)

1999 - we collect 4 things

2019 - we collect everything about you

~~~
vntok
This is very disingenuous. How about:

1999 - we do 1 service

2019 - we do 100s of services

------
Zenst
I much prefer the retro resolution of 3 words "Do no evil", we're now up to 4k
resolution of words, soon we will have 8k resolution of words.

Maybe there is some new moore's law in EULA and Privacy Policies as they keep
getting larger and larger, when will we reach peak, as there are published
books out there with less words.

~~~
flycaliguy
Any company that has to tell itself not to be evil should be a red flag.

------
Drdrdrq
So, under GDPR and as EU citizen, can I get Google to erase all my data if I
steer clear of their services? I would really love it if I could, though I'm
afraid they would rather pay fines than remove my data.

~~~
saltminer
I believe you can do this without being an EU citizen:
[https://support.google.com/accounts/answer/7660719?hl=en&dar...](https://support.google.com/accounts/answer/7660719?hl=en&dark=1)

------
nothis
Whatboutism. They at least make a critical article about it and they're also a
simple newspaper website, not the heart of the internet.

~~~
dang
Canned arguments like "whataboutism" break the site guideline against shallow
dismissals and also the one about calling names in arguments.

[https://hn.algolia.com/?query=by:dang%20whataboutism&sort=by...](https://hn.algolia.com/?query=by:dang%20whataboutism&sort=byDate&dateRange=all&type=comment&storyText=false&prefix=false&page=0)

[https://news.ycombinator.com/newsguidelines.html](https://news.ycombinator.com/newsguidelines.html)

We detached this subthread from
[https://news.ycombinator.com/item?id=20404173](https://news.ycombinator.com/item?id=20404173)
and marked it off-topic.

------
umeshunni
I'm really curious about the volume of tech-bashing opinion pieces that the
NYTimes (and other corporate media outlets) publish on a daily basis. It's
starting to rival the volume of Trump-bashing articles they used to publish at
the peak of the US election cycle.

Do they have an entire department devoted to churning out this content? Are
they hiring freelancers are paying them by the word/click? Do they also pay
people to post them and upvote them on reddit/HN etc?

In the last day alone (from a search on HN):
[https://www.nytimes.com/2019/07/09/opinion/email-
tracking.ht...](https://www.nytimes.com/2019/07/09/opinion/email-
tracking.html)

[https://www.nytimes.com/interactive/2019/07/10/opinion/googl...](https://www.nytimes.com/interactive/2019/07/10/opinion/google-
privacy-policy.html)

[https://www.nytimes.com/2019/07/10/opinion/internet-
democrac...](https://www.nytimes.com/2019/07/10/opinion/internet-
democracy.html)

[https://www.nytimes.com/2019/07/09/books/review/the-code-
mar...](https://www.nytimes.com/2019/07/09/books/review/the-code-margaret-
omara.html)

Most of them are just rehashing the same "big tech bad. media is freedom"
spiel.

~~~
lonelappde
NYTimes writes a lot of articles. The anti tech ones are highlighted here
because that's what HN likes.

~~~
throwaway2048
HN is far more cynical about tech in general than NYT is.

