>Than it stands that Google values money more than they value designing a system with their user's best interests in mind.
No, they value their average user over you specifically. If the average user will gain more from Uber than from the feature you suggest, it is in Google's users' best interest to not implement that feature.
>Yeah, because Google never lies about what they do with data, or how they collect it. /sarcasm
Then you can certainly name all the other times? There are a number of complaints about Google that I've heard, but being secretive about what data they collect is a new one.
> No, they value their average user over you specifically. If the average user will gain more from Uber than from the feature you suggest, it is in Google's users' best interest to not implement that feature.
No, they don't. They could make this an optional feature, and they choose not to. And I can't think of any way that preventing users from controlling there own data could be good for users.
> Then you can certainly name all the other times?
I can't name all the other times, but they misuse our data so often, they publish statistics about it:
>No, they don't. They could make this an optional feature, and they choose not to.
If adding such an optional feature causes Uber to leave the Android platform, adding the optional feature is a net loss to Android users. "You are not the user" rings true here.
To put this another way, if your "feature" harms the ecosystem, it is not, in fact, a feature.
I asked for examples of Google lying about data collection, which was the accusation you levied. You responded with Google being transparent about responding to legally binding government requests.
While you may feel that handing data over to the government is a misuse, Google is not secretive about this. They're very straightforward about the fact that they will obey lawful requests, and they're transparent both with affected users, and the general public, about when and how they comply with those requests, as evidenced by the report you just linked.
So I'll try this again: since you accused Google of lying about collecting data or lying about what they do with it, can you substantiate that accusation, by giving examples of Google lying about what data it collects, or lying about what it does with that data?
> If adding such an optional feature causes Uber to leave the Android platform, adding the optional feature is a net loss to Android users. "You are not the user" rings true here.
That's a big if. I highly suspect that Uber wouldn't want to leave one of the biggest platforms just because of a simple option that might already exist. What if Uber demanded to be able to have root on Android phones? Would Google be willing to bow to that because losing them would be a "net loss to Android users"?
I'd have to ask you to point out why giving user's more ways to manage their data "harms the ecosystem".
> I asked for examples of Google lying about data collection, which was the accusation you levied. You responded with Google being transparent about responding to legally binding government requests.
Yeah. I did. It doens't matter why they lie, it matters that they lie. Especially If they are willing to lie to me about how they use my data, they why wouldn't they be willing to lie to me about how they collect my data? And I fully admit that I have no direct proof of them lying about how they collect data, but I don't see why you would trust a company that regularly lies to it's users about what it does with that data.
You haven't actually shown an example of them lying though. Are you saying that complying with lawful requests for data, as Google explicitly stares it will do and then publicly announcing the ways it complied, as well as when lawful, announcing to the affected users, is lying? I find that difficult to believe.
> Are you saying that complying with lawful requests for data, as Google explicitly stares it will do and then publicly announcing the ways it complied, as well as when lawful, announcing to the affected users, is lying?
By not notifying their users that their data was breached they aren't being honest about how how data is being used. They could also set up the system in such a way that their user's data couldn't be mishandled, but they choose not to.
Not exactly the actions of a company that I would consider trustworthy.
>By not notifying their users that their data was breached they aren't being honest about how how data is being used.
But they do notify the user unless doing so is illegal (and then, they do so when it becomes legal). You still haven't substantiated this claim of lying, unless you are claiming that "obeying the law" is lying about how data is being used. But again, Google is clear that they will obey court orders.
> They could also set up the system in such a way that their user's data couldn't be mishandled, but they choose not to.
This is also one of those things that appeals to a small group of privacy enthusiasts, but isn't actually a good thing for the average user. The same set of changes that make it impossible to as you describe it "mishandle" data, also make it impossible to recover data in the case of user error. If you're willing to make that tradeoff that's fine, but for most people, the looming spectre of a court order is a much less worrying issue than forgetting one's password.
That may not be the case for you, and that's fine. But to say that not doing that is unethical is a stretch. See this thread[1], where a number of security professionals who to my knowledge aren't Google-affiliated (and me, who is neither a security professional, nor independent) discuss this.
It comes down to the average user's threat model not involving state level actors. Designing a broadly appealing service to respond to that threat is a disservice to the average user, because it comes at the cost of other features.
You personally may have a different threat model, and that's ok. But to claim that anyone who does not follow your exact threat model is lying or mishandling data is disingenuous and potentially harmful.
I'm not ignoring any facts. You haven't substantiated any of your accusations. You're the one who is transforming "transparently obeying lawful warrants as they disclose they will" into "lying about data usage", or at least that's the best interpretation of what you're saying I can come up with.
If you want me to engage with facts, please provide some first! I can't ignore what isn't there.
Fact: They are willing to lie to me, and are unwilling to set up their systems in such a way that they don't have to lie to me.
Fact: They could also set up the system in such a way that their user's data couldn't be mishandled, but they choose not to.
Bonus Fact: They say that they store our data securely, but it's clear that they don't, if they can comply with a NSL.
You keep making up excuses for them, but those don't matter. The facts matter. If I'm wrong, then it would be easy to prove, and I'd ask you to do so.
> You're the one who is transforming "transparently obeying lawful warrants as they disclose they will" into "lying about data usage", or at least that's the best interpretation of what you're saying I can come up with.
And what is factually wrong about that? If I ask them if my data is being mishandled, they'll tell me it isn't. And by not notifying me of breaches of my data, they are lying about the quality of the security of their system.
Because Google states that it will comply with such orders. That means that they do not lie to you about complying with court orders. They tell you in advance that they will comply with them. This isn't a case of Google saying "we will never give your data to the government" and then walking back on that. That would be lying. But they don't do that, they say
> We will share personal information with companies, organizations or individuals outside of Google if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to meet any applicable law, regulation, legal process or enforceable governmental request
(edited for formatting from [1])
So again, what is the lie?
I already explained why 'designing a system so you can't comply with an NSL' is a nonstarter. The design requirements to do that make such a system untenable for most clients, for example most corporate clients need data recovery features that are impossible in a system designed to meet your requirements.
> Because Google states that it will comply with such orders.
So Google saying that it will lie to me means that they aren't going lying to me? OK
> I already explained why 'designing a system so you can't comply with an NSL' is a nonstarter.
No, you gave a poor excuse as to why Google won't do it. That doesn't mean it can't be done. In fact, many other organizations do it all the time. Google simply chooses not to.
Sharing your data in exactly the way they describe in their privacy policy is not lying. You may disagree with the policy, but that doesn't let you redefine words.
And yes there are providers that claim to offer such security. I've already explained why such offerings are unappealing to a large swath of consumers. There are mutually exclusive features that are more appealing to a wider group of consumers.
Are you saying that Google is wrong to respond to consumer demand?
> Sharing your data in exactly the way they describe in their privacy policy is not lying.
But they refuse to tell me when my data has been compromised. They also say that my data is stored securely, when it is not. That is lying.
> Are you saying that Google is wrong to respond to consumer demand?
Not at all. I'm saying that Google could build their systems in such a way that they can't comply with an NSL. The reasons why they choose not to are irrelevant. It matters that they made that choice. Additionally, there is no reason that they couldn't make it optional.
>But they refuse to tell me when my data has been compromised.
Yes, they will not share when your data is requested under an NSL until that NSL is lifted. This is stated clearly. Every other service provider is exactly the same way. No matter who your service provider is, they will act in the same way: possibly attempt to fight the order, turn the data over, and not tell you about it until the order is lifted. The only difference is that with certain end to end encrypted services, the data they hand over may not be useful (or it may be, metadata is often valuable and often can't be secured the same way). In other words, your super secure e2e encrypted mail service is still going to have to give user logs to the NSA, and they still won't tell you about it.
So if that's what you consider lying, then literally every company in the US government's jurisdiction will lie to you about when certain data about you has been compromised. In other words, such a definition of "lying" is vacuous, and I'd ask you to give an example of a company either real or theoretical that does what you ask.
>They also say that my data is stored securely, when it is not. That is lying.
This, once again, comes down to your definition of securely. Your threat model is different than the average users'. To the average user, their data is stored securely. (Note: I'm also not sure where this claim is made, feel free to cite the place you're thinking of, I expect that Google is quite explicit in what they mean by "secure").
>Additionally, there is no reason that they couldn't make it optional.
Elsewhere you stated that you believe Google has backdoored your device via Gapps and is secretly transferring your data to their servers despite your having opted out.
In this thread you've stated that you believe that Google " lies about what they do with data, or how they collect it", despite having no evidence of them either lying about what they do with data (as I've demonstrated at this point, they are crystal clear about what they do with data, you just have ideological disagreements with those things), nor any evidence of them lying about what data they collect (you haven't even provided supposed examples of this).
Am I supposed to believe that if Google did provide such a feature, we wouldn't be having this exact same conversation, but with you stating that Google's secure option was secretly backdoored, and they had access to your data anyway?
To be frank, you are wasting my time by repeatedly ignoring the facts that I've outlined. Providing poor excuses for why these facts are, doesn't negate them as facts. If you'd like to continue discussing these facts, feel free to hit me up on the side, but I'm not going to engage in this thread any more.
No, they value their average user over you specifically. If the average user will gain more from Uber than from the feature you suggest, it is in Google's users' best interest to not implement that feature.
>Yeah, because Google never lies about what they do with data, or how they collect it. /sarcasm
Then you can certainly name all the other times? There are a number of complaints about Google that I've heard, but being secretive about what data they collect is a new one.