
Why no one really quits Google or Facebook - BeqaP
https://techcrunch.com/2019/02/04/why-no-one-really-quits-google-or-facebook/
======
Animats
It's not that hard to do without Google, except for search. My phone has all
Google user-facing services removed. Mail is on an Sonic IMAP server and
accessed with K-9 mail. Browsing is is with Fennec. Apps come from F-Droid.
Navigation is based on Open Street Map. GPS assistance comes from Mozilla's
location provider. No Facebook on mobile. Messaging is SMS and email.

On desktop, documents are in Libre Office. Privacy Badger blocks most of the
junk. Browsing is with Firefox. Mail is via Thunderbird, talking to the same
IMAP server. Haven't looked at Facebook this week yet.

ISP is Sonic.net, which just moves bits, and doesn't MITM anything. They're
pro net neutrality.

Who needs Google?

~~~
fixermark
Part of the issue the article notes is: once you start with Google (or any
large, interconnected service ecosystem), there's quite a bit of activation-
energy cost to leaving it.

Consider Drive as an example. You can download the entire contents of your
Drive at any time. Where do you upload it to? How many services will provide a
clean and easy way to import all Drive documents? Will they maintain folder
hierarchy? Individual files in Drive can also be shared with zero, a few, or
all users with a given URL---can your new collaborative document editing tool
be set up to manage that state? Is it automatable, or something you'll have to
set up by hand for 10s - 100s - 1000s of documents?

This is the kind of thing an enterprise can pay someone to sort out, but
individual users _really_ have to care about leaving a service family (that
one assumes at some point in the past they were already happy with the privacy
/ security tradeoff) to invest the time and effort to do so without data or
functionality loss.

~~~
Animats
I didn't "leave". I didn't "enter" the Google ecosystem.

~~~
fixermark
Based on the article title ("Why no one really _quits_ Google or Facebook"),
your experience doesn't align with the scenario the article is talking about;
it's scoped to people who already adopted these service ecosystems.

------
codingdave
The people who feel that they cannot quit Facebook seem to think that quitting
Facebook means replacing it with something else. Most people who have quit do
not move 2000 contacts to new platforms - they simply stop using Facebook.

------
pas
> " They are willing to give up privacy for free email. "

How exactly does Google/GMail violate the users' privacy with email?

They process the messages, show hyper-targeted ads. End of story.

But is there a Cambridge Analytica for GMail? Can some "app" exfiltrate the
emails? Or the contacts of users?

~~~
epistasis
What you describe sounds exactly like giving up privacy to me, even if it
doesn't sound like giving up privacy to you.

And then when you add in all the other tracking that Google does of your web
history, search history, location data, that is pretty much all your privacy
gone.

Let's say I pay an assistant to help with my email. Even though they are in my
employ, I'm still giving up my privacy for the service. Google gives us email
service in exchange for that peek in to our private lives.

~~~
mehrdadn
I never understood how scanning emails to show ads is a privacy violation? No
information about you is leaking to anyone.

~~~
prophesi
I think it's the whole _scanning emails_. The information is already leaked at
that point.

~~~
mehrdadn
Leaked to whom though? That's what I don't get. No human is involved in the
process and your information is in the hands of the same company as before.

~~~
prophesi
That's a lot of trust in a black box coded by humans. What's going on under
the hood with their Smart Compose? Smart Reply? Smart Labels? It all requires
processing very very personal information, and you simply can't vet whether
it's all handled securely.

~~~
mehrdadn
Sure, you're trusting their code is bug free. That's just (lack of) faith on
your end. The fact that you decide not to trust their competence certainly
does not logically imply that they are invading your privacy. It just means
you need to trust their competence or take your business to some company you
deem more competent. (Though exactly which company would be more competent in
infosec is quite the question, but I digress.)

~~~
prophesi
No, it's a lot more than just trusting that their code is bug-free. It's
trusting that they're actually only doing what they claim to be doing with
your data.

The only solution is to have the code open sourced with reproducible builds
and a checksum to verify it against. Pretty much every GApp has a free, libre,
open-source alternative that respects your privacy in this way.

~~~
mehrdadn
Even that: if you lack trust on your part, that does not imply what someone
else is doing is an invasion of your privacy. If you claim someone is invading
your privacy, that is an accusation... a serious one at that. To support it
you need to actually describe how that is happening, not merely how you have
problems trusting people who deal with your information. I don't see how this
is not obvious.

~~~
prophesi
It's why GDPR came into being, and California's recent data privacy law. We
have no reason to have faith in these companies to keep our data safe, or to
use it properly. After 10+ years of having our credit card numbers, social
security numbers, emails, passwords, and so on leaked again and again, I fail
to see how one wouldn't have trust issues at this point.

~~~
mehrdadn
I never said you can't have trust issues or that GDPR isn't necessary, I'm
saying neither of those implies they are invading your privacy when they show
you ads based on your emails. This should be pretty clear?

~~~
prophesi
The root of the issue is that if they _are_ invading your privacy, you
wouldn't be able to tell.

[https://en.wikipedia.org/wiki/Black_box](https://en.wikipedia.org/wiki/Black_box)

~~~
mehrdadn
Yes, and if they aren't, you wouldn't be able to tell either, so all that
means is you're willing to recklessly make unjustified accusations to defame a
company without actual evidence.

~~~
prophesi
Well, we already know they require reading your emails to power their Smart
features. That's enough of an invasion of my privacy to use a FOSS
alternative, and I'll always be an advocate for this.

~~~
pas
Which makes sense, but reading emails to provide smart features is not an
automatic loss of privacy.

Google runs the SmartBot2000 software for you. If you use FOSS but run it on
AWS EC2, you still need to trust the software, manage the upgrades (or trust
the auto upgrade feature, trust the maintainers), and trust AWS for not
fucking with your VM.

We have a few physical servers. And probably always will. We run our own
email, but also use gmail too. Because sometimes our email breaks, sometimes
[understandably fewer times] gmail breaks (or is not available, such as in
China). And we will probably always run our email, but it's a lot of work, and
it's not for everybody. And even though postfix, dovecot and
K9/thunderbird/roundcube are all fine, they are not as smart as gmail. (but
usually snappier)

You need decades of experience to set up a secure email host. GMail does it
for people in exchange for showing them ads. (uBlock FTW, BTW)

NSA/Prism is a valid reason to use your own mailserver, but then again,
keeping up with TLS/OpenSSL issues is a valid reason to use a non-self-hosted
solution (as they do it for you, though gmail accepts unencrypted SMTP :/).

And of course, at the end of the day, there's ProtonMail!

~~~
prophesi
Very true! I personally use both ProtonMail and Tutanota, and give my thanks
to Proton for opening their OpenPGP library. I don't think the source to their
servers is open, but that's not necessary since:

1) you can't verify they're actually running that code anyway

2) it's end-to-end encrypted so as long as the client-side code is indeed
doing its part, your message could be sent to everyone on the planet without
any fear of anyone figuring out its plaintext.

------
srpablo
lmao, or: it is actually hard to quit these companies even if you're educated,
well-informed, and set to do it. Aside from many articles[1] written precisely
about this, casual conversations with anyone who tries to exercise their
consumer agency and giving them up talk about why it's hard to do.

Has this author ever spoken to anyone who's tried using a smartphone or OS
that isn't Apple or Google? "People love free stuff" isn't a sufficient
explanation, it reads like someone trying to blame consumers, to say nothing
of the ethical implications behind the conscious, deliberate decisions behind
each of the scandals they're happy to wave away.

[1]: [https://gizmodo.com/c/goodbye-big-five](https://gizmodo.com/c/goodbye-
big-five)

~~~
fixermark
I believe this article mentions that the ecosystems are hard to switch away
from once adopted.

------
O1111OOO
> But after more than a decade of abuse, we should look deeper at our analysis
> and perhaps conclude that these issues aren’t abuse at all, but rather a
> bargain, a negotiation, and one that people are quite willing to live with.

No. We shouldn't _conclude_ anything. The author gives the mass market way too
much credit in knowing the extent of tracking, data-harvesting, data-sharing,
MITM access (ie, ISPs, cell companies), the lack of transparency, the lack of
accountability, the backdoor collusion with government and an entrenched news
media that has a vested interest in protecting their ad revenue.

In the grand sleazy scale of things, they are nearly ignorant compared to
knowledgeable: basing their consumerism on PR statements, selfies and memes.
It remains for most of them... A Brave New World.

------
azatris
Would a solution to Facebook's monopoly be allowing other companies to
interface into their systems and databases as it's more of a public good than
a private one people can reasonably opt out of?

So I'd expect something like a company coming out allowing you to do
everything Facebook does and use the same data with events and everything, but
that does not ask you to give away your data.

------
Itaxpica
The irony, of course, is that when you open TechCrunch in the EU the first
thing you see is a GDPR disclaimer saying “hey we’re gonna collect your data
to do whatever we want with”, which 95% of consumers will just click through.
This isn’t a Google or Facebook problem as much as it is an internet problem.

------
Markoff
clickbaity title, it's article actually about lazy people, I quit Facebook
completely and pretty much Google besides search in browser, so not sure
what's the point of article

~~~
azatris
I am not lazy, but cannot quit Facebook, as it is a valuable resource for
events and keeping contact with people, both close and far.

------
umvi
> Indeed, this is the very foundation for the GDPR policy in Europe: users
> should have a choice about how their data is used, and be fully-informed on
> its uses in order to make the right decision for them.

I still fundamentally disagree with Europe's stance on data ownership. If I
collect data on a person in a public location, I believe I own that data, not
the person. If a person walks into my store and I take a picture of them, I
don't believe I've "stolen" anything from them, nor do they have the right to
demand I give them a copy of the picture I took and delete the picture from my
hard drive. This fantasy world where everyone should be able to be perfectly
anonymous and erase all evidence of their existence anytime they want is a bad
idea. There has to be a balance between publicly available information and
private information. If you are in a public location, I should be able to
glean information from observations.

~~~
ptah
If you take a picture of a person naked on a beach without their permission,
is it ok to use that picture as you like?

~~~
chosenbreed37
> If you take a picture of a person naked on a beach without their permission,
> is it ok to use that picture as you like?

Sounds like a straw man argument. People voluntarily upload/submit their data
to Google, Facebook, etc

~~~
llukas
Except when they dont:
[https://en.wikipedia.org/wiki/Revenge_porn](https://en.wikipedia.org/wiki/Revenge_porn)

