I've been trying to find out since then where and how Pinterest might have gotten my blue/red/yellow/green arm picture from to analyze it, interpret it and link it to my account. They might be able to search my friend's phone's pictures (in case he's got the app which I'm not sure) and link the picture back to my account. Spooky though.
They are (to me) one of the most user-hostile features chrome has added, because it's non-obvious what they are, and how to disable them. You can configure them somewhere in settings (I am on my phone right now).
Over the next few weeks I got several robocalls on my cell phone from a pain clinic offering me relief for my "chronic pain", so it was either triggered by my online searches or my doctor's office or pharmacy sold off my private information.
If you want to challenge my assertion that Google is not selling your information please point me to where I can buy lists of emails or phone numbers with metadata from google.
and continues to promote and push technology that allows for it to continue as it's in their interest
Google is a bad actor but yeah they are not the worst offender yet but I'm sure that will change in time right now they are just the enabler
Do you think the current situation would not have happened if Google was not there?
If it's your doctor or your pharmacist, or the shop you bought online (or offline) something once, incognito will not help at all. They have your personal information already, the only thing that can stop them is law. The cause of the robocalls may also have been his medical insurance, if you want to go full paranoia. :)
Note those shops, the sites you created an account on, the companies those shops sold your personal data to, all of them can target you with ads on both facebook and google by using your PI (essentially donating your data to facebook and google in the process).
They often include a waiver that allows them to share your PHI with whomever they want.
You're under no obligation to allow them to do so.
If you share the same public IP, as most homes do then that adds to it.
I started getting invitations to add a Google review to a restaurant I've never been too. But some of my family had.
I can figure out other stuff too - music tastes, social media trends, etc. Just by seeing ads and stories I'm offered on Google News and other places.
There's that famous story about a guy who discovered his daughter pregnant (or feared she was pregnant) a few years back because he started getting ads for baby clothes.
In most places, it is not difficult for an employee, especially someone like a sysadmin or a DBA, to simply siphon the data into a CSV. Chances are that no one will ever figure it out.
I think that once law enforcement catches up, slow as they always are, they will start creating honeypot identities and then tracing the information leaks to their source. For now, there is little to be afraid of for the leakers.
Incognito mode really doesn't do much. It only prevents storing browsing data locally on your computer. Your ISP, your search engine and the websites you visit can store your info on their servers.
> but I imagine there may some clever ways of tracking even across incognito sessions (or between incognito and regular).
Browser fingerprints, IP address, etc are used to track you. Your ISP doesn't even need to be clever since you are dependent on them for your internet connection. There are ways to "hide" yourself from websites, search engines, etc but it's nary impossible to completely "hide" from your ISP.
Because it's legally required.
Google and all of its employees who make products like this are on the absolute wrong side of history. Society will only take so much before breaking; they need to figure out their business model, and fast.
It'd probably reveal a lot of hidden data links that aren't obvious (or which companies promise doesn't exist).
The analysis service could work by watching the traffic of real people who download a browser extension, but then privacy from _them_ becomes an issue.
Perhaps some kind of distributed data-collection system could be created, where an extension will analyze your own traffic, strip out as much personally identifiable information (PII) as possible / as you'd like, and then submit that to a central repository for aggregation or further collective analysis.
A few things:
1. It takes a fairly high throne to look down on people for their employers issues.
2. You assume a great deal about what people are willing to put up with for free services.
I think you're probably going to be wrong. Most people will whore themselves out for convenience because they don't care if they get targeted ads in order to get those free services.
> Corporation: an ingenious device for obtaining profit without individual responsibility - Bierce
Are my rights as beneath your family as my ideals? And how does the fact that you’re not self employed absolve you of this, exactly?
You live in a society. Your actions have consequences, and if you can ignore that to get your fat paycheck then I can certainly judge the shit out of you, without a very high chair.
The fact that you claim rational discourse has ended when people invoke the lessons of Nuremberg - “because Godwin’s law” - is a stain on, and reflection of your own character.
Godwin compares people to Nazis sometime himself you know, when there’s a call for it. When this many people are calling you on it, maybe you should be listening a little better..
My actions don't involve the harm of others, outside of their fragile egos and obsession with what they think should be their rights. I couldn't possibly care less about your judgement.
> The fact that you claim rational discourse has ended when people invoke the lessons of Nuremberg - “because Godwin’s law” - is a stain on, and reflection of your own character.
The fact that you think an argument about a subject with a variety of opinions deserves comparison to one of the most horrible events in human history is a reflection on your character.
> Godwin compares people to Nazis sometime himself you know, when there’s a call for it. When this many people are calling you on it, maybe you should be listening a little better..
It's valid when their behavior is something akin to Nazism. Not very many people are calling me on it... on the contrary, my post is getting upvoted. Because the reality of the situation is, targeted advertising is a topic that needs discussion but it has no place in a comparison with the death of millions of people because of their heritage/religion.
It's pathetic hyperbole people use when they can't win an argument on its merits.
Some countries had census data containing the religion of every family. People proudly declared themselves Jewish. When the Nazis invaded the countries, they grabbed the available data and instantly knew who to send to the camps. One reason why so many Jews died was the speed with which the situation evolved. Sometimes there were 2 weeks between 'nothing to wory' and the deportation.
The same principle holds for every big list of intrusive data. Yes, you are grabbing all the data you can only to target ads. Today. But that same data in other hands can block people's access to loan, deny them healthcare or make them look like terrorists.
The US democracy is eroding, fast. It is not that far fetched to see the data ending up with the government: 1) How many data has ended up in a FOIA request? You don't know, as you don't see them. 2) Snowden proved that Google already leaked data to the government without even realizing it 3) An executive order from the US president will give him any access to the data.
And that's just the US government. Businesses sell data to each other whenever they want. Today Google seems not to do it, but one CxO change or bad financial quarter can change a lot here, fast.
Basically, Google is playing with fire, in a political situation equivalent to a big gas leak. Be very carefull.
Obviously Googlers are not Nazis. I guess the subjective part ends up being where you draw the line.
You are thoroughly misusing Godwin's law, and Godwin himself stated that he never intended people like yourself to stifle conversation on a subject by chanting his name.
Godwin stated that references and comparisons to Hitler or the Nazis are perfectly reasonable in a conversation, as long as the person shows sufficient understanding of history, which the posters you are arguing with seem to have.
Never underestimate the power of convenience.
However, you are stating that ads for massage techniques could "break society."
That just doesn't add up to me.
What is not being stated here? How does this connect? (These are not rhetorical questions!)
Google, and companies like them, are built on practices which only exist because their users don't fully comprehend the depth of discovery, correlation, and export Google is making on their data. Maybe deeper, users don't fully realize the value of their data.
If you build a business on the ignorance of your customers, you will fail. Period. Society always gets smarter. Google has so much amazing technology and legitimate value (G-Suite, Cloud, etc) to fall back on that they'll be alright, but companies like Facebook don't have that same level of breadth.
A slower moving but potentially more insiduous effect on society might be the slow cracking down of any semblance of privacy and the use of all this data to discriminate whether intentional or not.
And indeed there have already been studies showing that a lot of these AI programs trained over large data sets are discriminating against minorities and the poor. I doubt it's intentionally built into the system but it appears to be a side effect of some systems.
That was my wake up moment.
If not, maybe one of the pages I landed on was able to see my info and has a marketing deal with the bank.
It won't happen in Australia though, as we are governed by fools who barely understand technology, and if they need to, rely on the representations of business to make any decisions.
Where is the real benefit to Europeans' privacy?
We've already seen quicker reporting of breaches. Web trackers are down . Telemetry without an off-switch has been ruled in violation (Microsoft Office ). In smaller cases, apps that don't secure passwords properly have been fined . I'm sorry for linking to el Reg so much, but there just aren't that many English language news outlets covering these things.
As for "forcing me to consent", it violates the GDPR (e.g. , ICO "consent cannot be freely given and is invalid"). This is largely websites trying to see how far they can push it, because the data protection agencies aren't handing out fines straight away. This is actually very frustrating in obvious cases.
If you'd like to help getting rid of them, but aren't a European or can't be bothered reporting them to the relevant data protection agency, Max Schrems has founded https://noyb.eu/. Privacy international has also done some work in this area , but Schrems seems to be focussed on the "smaller" violation such as popups, and has a great track record.
When I watch my non-technical friends use websites, they dismiss the prompts without reading or understanding them.
That's a problem in general in IT. The nice solution would be websites respecting DNT option in browsers and every browser asking if they want to be tracked on the web or not. Or well, we could just purge 3rd party cookies from existence for starters.
Before we created the relevant laws, economics also drove companies to hire children, dump trash into rivers, ignore safety, etc. It wouldn't be too much of a stretch to say tracking cookies and advertising malware are the pollution of the internet.
Even as a tech person, I'm skeptical ad-based services are a net win for consumers. It wouldn't be the end of the world, IMO, if tracking cookies and shady marketing practices were illegal and companies had to use traditional sales tactics online.
Every single one responded positively, or at least semi-positively. It's good to remember that there's requirement to accept GDPR requests delivered in any form. So for example infobel had a non-working contact form, and no e-mail contact on the website. So I just sent an e-mail to email@example.com and they had to respond, even if it looks like from their website you have to use website conctact/removal request form. The same goes for Facebook messages, or twitter DMs if the company has these communication channels.
Benefit for me is; knowledge is power.
When I know a website is intent on ravaging me, I can just keep moving.
Well, if that was viable, we probably wouldn't have needed such high fines in the GDPR. Two scenarios:
A) It's hard to move away because of dominance, e.g. Google. You either have to buy an offensively expensive iPhone, or root an Android phone. Even then living without the Play store is hard. Moving e.g. email providers takes years nowadays regardless of the provider. Google Search and Maps can be replaced in theory, but it's quite a chore - Google didn't get big on bad products.
B) What spending? How do you stop spending on something you aren't paying for with money? Yes, ad and tracking blockers, but for Joe Bloggs that isn't obvious. And Consumers weren't paying Equifax directly, otherwise they probably would have been bankrupted.
> Has GDPR meaningfully changed enforcement of rights?
We don't know yet. (I'm assuming this isn't a rhetorical question.)
On the one hand, the fines now have business impact. For example, before the GDPR, the UK's ICO could only hand out a laughable max fine of £500,000. On the other hand, ICO has been toothless, only handing out the max fine once. ICO was severely underfunded, so this is almost by design.
Germany is pretty privacy conscious, but unfortunately data protection is also handled on a state level. So there are 16 data protection agencies and one federal one (Datenschutzaufsichtsbehörden, the federal one being the BfDI). From experience, that kind of bureaucracy doesn't help with speed.
While this isn't enforcement, it has had some meaningful effect. Having worked for a big multinational, there was a lot of money and hours spent on GDPR compliance. This reduces e.g. data retention, which could help limit damage in future. Before that, data retention was basically endless.
We've seen some minor cases, but being a lawyer, I'm sure you know we're at least a few years off the really big cases, especially if the European data protection authorities need to work together.
As for the compliance effort: it’s mostly security theater in the enterprise, and benefits consultants and lawyers mainly. I take your point about retention, though.
We’ll see if any of it really makes any difference. I’m pretty jaded after doing this since the late 90’s.
This is an argument heard all around the world with regards to similar issues. I wonder to what extent it actually applies, and it is not your latter statement - that lobbying and commercial interests are at play - that is prevailing (so they are 'willing fools').
Hard to know, of course, but I'd say these lawmakers need not have to know the intricacies of the technology themselves, but can rely on accurate reports detailing their implications in layman's terms. They can have expert advisory groups do the hard work for them.
Someone please correct me if my understanding of this is incorrect, I've been out the ad world for awhile (thankfully!)
Firefox has a setting to stop that in about:config, if you are interested.