Hacker News new | comments | show | ask | jobs | submit login
The Creepy Line: a documentary about Google, Facebook and user manipulation (thecreepyline.com)
225 points by znpy 10 days ago | hide | past | web | favorite | 94 comments





I think that a lot of Google and Facebook’s creepyness would go away if they’d just voluntarily respect the Do Not Track header.

There’s no techical reason why don’t, just business ethics.

That header is someone explicitly telling Google “I don’t want you to do this” _before_ collection happens and Google’s response is “we don’t give a shit what you want” and doing it anyway.

The current model where you have to register with Google or Facebook and then hunt down all the options to clear data just doesn’t cut it because they’re still using that data. They just clearing it after use or hiding that collection or use from you.

Facebook and Google could be looking at BATs as a way forward for targeted advertising without user tracking but they’re not in the “not creepy” business.


They made the current model the way it is on purpose, so that it is difficult to turn off and the average user won't do it. Following that logic it's not exactly hard to see why they'll never respect that header unless their arm is twisted. This is the sort of ethics that should be expected from companies.

To my mind, the DNT header is nice to have but almost breathtakingly naive. The real solutions lie in the direction of having the lack of tracking be enforced by the client, who (you hope) has a vested interest in their own privacy.


> To my mind, the DNT header is nice to have but almost breathtakingly naive.

Yes, and to me it's also evidence of lack of morals in the companies, and of a need to regulate it. The way I see it, GDPR should consider DNT as explicit refusal to grant consent to tracking, with all legal consequences if ignored.


That's a very interesting perspective and it makes sense, especially if Do Not Track is optional and off by default.

Microsoft turning DNT on for all Windows users automatically pretty much killed the movement's momentum. While privacy as the default has strong arguments going for it, as a practical matter since DNT was supposed to be an intentional signal Microsoft's mass-flagging effectively drowned the signal in noise. And those who didn't know better lauded them for it, too.

Even if Microsoft turned DNT on by default Google/Facebook should still respect it.

They could ask users to turn it off in the same way they bug people to install their software.

Alternatively they could work on business models that don’t rely on collecting massive amounts of personal data about people who don’t want them to do that. E.g. Basic Attention Tokens and others.


Sure, you could wish for that, but if we could have everything you wished for we probably wouldn't need DNT in the first place.

Since DNT was specifically raised, bringing up how Microsoft's hug of death killed it seemed pertinent.


That still sounds like we have a problem with Google/Facebook and not with Microsoft turning it on by default.

The default behaviour for Google/Facebook should be not to track people that aren't logged in to their services.

That should go double for people who are not just neutral but explicitly telling them "really, don't track me" in a header.

There is no justification of "we're just improving services" for people who are telling you "I don't want to use your service and I don't want to help you improve your services."


Apache landed a patch to ignore the DNT header from the versions of IE that enabled DNT by default. Thus websites would only see DNT headers when for users that they know manually opted into DNT.

But doesn't this signal also make you easier to track?

I wish the GDPR had enforced this. It would be nice, though sad that it would have to be a law. If congress and the EU would push for it, things might get interesting. Ads based on content are what I prefer anyway.

With BATs you can have the best of both worlds. The difference is that you control the tracking information and can choose not to share it or delete it at any given time.

just voluntarily respect the Do Not Track header.

It’s not even that, it’s browser fingerprinting and everything. There is no honest reason to track logged-out users, full stop. And they knew that too, at some meeting someone said “we need to track people who don’t want or expect us to track them” and everyone nodded and the geeks all said, “hey I’ve got an idea”


Yes, I totally agree. Do Not Track is just another signal much like being logged out.

These are deliberate violations and the people working for Google/Facebook must know that.

They are deliberately working around attempts to stop them tracking people. They must know that.


Google and Facebook are the first proof for why the Do Not Track header is bullshit. Privacy should be the default, and if I for some reason want to be sniffed all around the web, I can happily opt-in.

Google does actually clear that data. It persists in some backups for awhile but it’s never used again.

Do they clear it without using it and if they do use it to they clear the results of that use?

And to follow up on this, if some AI model is trained using the data, is that AI model then trashed and redone without the dataset?

GDPR doesn't demand that you destroy all features created with the help of user data.

Maybe it doesn't I'm certainly no expert on GDPR but it does highlight how Google/Facebook are crossing the creepy line.

These companies are treating privacy legislation as they treat tax legislation. That is, they're using legal loop holes to be as legally creepy as they can without respecting the spirit of the law.


Don’t understand the question. Say you have 10 million records across 50 systems. You clear data, each of those systems does a delete by userid, but then the collection starts again as of your next click.

What I'm getting at is Calgoo's point. If Google/Facebook use my data before they get the request to delete it will they also delete the output of that processing?

No, but Google will retrain their personalization features post-delete so you’ll start from a clean slate but ML models for spam filtering etc. will not be changed until a re-train.

What are BATs? I am not familiar with this acronym.

https://basicattentiontoken.org/

They provide a way for a user to hold information about the ads they want to see.

They allow you to financially support websites that show useful ads without the need for user tracking by a third party outside of your browser.

They do a lot more than that too so I'd suggest having a look at the above link or Brendan Eich's new start up https://brave.com/

There's nothing proprietary about them though and Google could switch to this model in Chrome if they wanted ....if they wanted.


Basic Attention Token. Part of the Brave browser.

Thanks for the info. I was only vaguely aware of Brave. This is fascinating. Cheers!

I think the right wing conspiracy groups who made this video couldn't care less if FB and Google respect DNT.

https://www.theverge.com/2018/9/19/17878332/creepy-line-anti...


I watched half of it... but began noticing the frequent references to how only 'conservative' views are suppressed. And then there were a bunch of Tucker Carlson snippets and then realized something wasn't (no pun intended) 'right'. Looks like M.A. Taylor, from his IMDB page is hyper conservative anti-obama/clinton political hack. Sure, some of what the film talks about - how google and facebook - can nudge peoples opinions and view of the world is true.. But it is creepy that he has snippets in there projecting them as liberal anti-conservatives hipster organizations. Come on - 2016 would've turned out very different if facebook was really suppressing conservative content at the scale this film is talking about.

> 2016 would've turned out very different if facebook was really suppressing conservative content at the scale this film is talking about.

I don't know why you feel the need to equivocate. Cambridge Analytica had direct ties to the Trump campaign, and this film is malicious propaganda to gaslight the public.


> But it is creepy that he has snippets in there projecting them as liberal anti-conservatives hipster organizations.

I don't think that means the characterization is false, though. My friends working at Facebook and Google are very liberal and internal polling and their message boards have shown that to be overwhelmingly true for the wider organization as well.

> Come on - 2016 would've turned out very different if facebook was really suppressing conservative content at the scale this film is talking about.

It's possible that it happened and simply backfired. Conservatives aren't blind and turned out in greater numbers due to personal anecdata that they and the current events they were interested in were being squelched and misrepresented across social media. I personally recall Facebook's news sidebar feature had a clear pro-Democrat bias in the editorialized titles they wrote and presented above stories throughout 2016 (before they took it down).


> It's possible that it happened and simply backfired.

This is exactly what happened, from what I can tell, with the one caveat that most of the bias likely came from the human staff they hired to editorialize and moderate. The attempt was noticed, and it backfired spectacularly. If you look at Facebook today, I think it's clear that they mostly don't do this anymore. Facebook's users naturally spend more time and effort sharing and interacting with conservative content than progressive content; thus, the top stories on Facebook are usually from large conservative media (esp. The Daily Wire).


I looked at the "Google" page (https://www.thecreepyline.com/programs/google-v2) and noticed it doesn't mention a few kind of important things.

(1) You can pause activity collection at https://myaccount.google.com/activitycontrols

(2) You can delete activity here https://myactivity.google.com/delete-activity

Also, does anyone know if Facebook offers interfaces like these?


When a company gets so big that it doesn’t have to listen to customer complaint, it’s time to go.

I had a great car repair shop with awesome care for customer. Gave you special care and nice deals. Well, because of great reviews they grew very much, rebuilt the shop and hired a lot of staff. The culture that made them successful was forgotten, the CEO had no insight in the employees so the experience as a customer deteriorated, hence left.

Lesson: don’t grow so fast that you forget what built your company in the first place.

Examples: Google, Facebook, etc.


Well said and I completely agree. Unfortunately many people grew so dependent on their services. That they remain glued to the company.

That's very true. In the early years we all loved Google. Good and fast searches, spartan interface, do no evil mantra... So different from AOL and Yahoo. Then, with time, it became a monster that you practically can't get away from even if you want.

Would this unlearn the Google's ML models from my data?

Would you ask somebody who had you in an A/B test to destroy the feature?

Surely A/B does not require PII? In FB case-if the model's purpose is to identify individuals then yes, it should be undone as requested.

no.

i would argue it’s not even your data, but that’s for another time.


It's yours at least to some extent under GDPR.

I am going to guess no.

Why would it matter, models are regenerated frequently, from millions, billions of other data.

What I hate, is that the privacy respecting method should be default always.

When you look at the tracking in google maps, the app asks me nearly every time whether I want to switch it on. Similar thing with the search preferences. Every time they update something in their search preferences you have to step through nested pages and flip a bunch of switches to go back to your previous setup.

That is the equivalent of a creepy guy working at a grocery store, stalking someone every month until they are confronted in painstakingly detail about what they should stop to do. And he is nice, because he stops (unless you forgot to tell him about a tiny thing that he will continue to do).

The thing is: you should not have to ask them to stop even once. This stuff should be opt in and not opt out


FB has Activity Log, visible only to you, and shows what you posted, commented, liked, tagged, shared, searched, etc. From there you can manage and delete stuff if you want, by hand.

FB also has shadow profiles of people whom they track even if they're not signed into the FB or even have a FB account. How do you suggest I opt out of that?

https://theconversation.com/shadow-profiles-facebook-knows-a...


Good question. Probably you need to send a data request, so they can provide you with info they have about you. But based on what should they search in their data warehouse? IP? Cookies? Interests? Leaked email?

I guess one way to avoid shadow profiles would be to block FB scripts/cookies on pages you visit, so they won't track you.


Does deletion of your data unlearn the models from the data?

I don't really know this. Just provided what similar functionality exists in FB.

It's a black box for most of us. You might need to provide fake data to make it relearn. There were comments here and there about people liking various pages/posts not related to them, just to feed it with junk.


it was probably rhetorical, lol

I don't even think it guarantees that new neural nets won't be trained on your 'deleted' data


Of course not. What would that even mean? Their objective is to model you. To maximize profit, they should retrain the model with the input "user deleted this and that". As added data points.

Perhaps, that would mean complying with GDPR? You are obliged to remove data physically from databases upon request (including backups if possible, if not possible then keep deletion patches to be ran after backup restore!). Since you cannot continue processing data after GDPR deletion request, that could mean that a model (which is processing the data) should unlearn any knowledge of you.

This is what any reasonable person will think. I fully expect FB to argue that "oh these are just some computer bits you see. There is no way to from this model deduce what inputs made it into this model. It's like a hash function. And since we have removed the inputs, we have complied."

That they are in essence keeping "the ghost" of a person is another thing.


I don't even know if deleting your account through standard Facebook means is the same as requesting the deletion by GDPR request.

Delete merely updates a flag to deleted=true so it doesn’t show in the interface.

I see a different and worst thing: actually big of IT think to be they are powerful enough to take over banking system and governments itself.

We all depend more and more on hw and sw build by more and more fewer subjects bigger and bigger to a point of being become "platforms of the world".

See only casual outbreaks "Whatsapp down", the polemica between a Brazilian judge and Facebook that lead to a temporary ban of WA and the consequent citizen reaction. See only what you can do without connectivity or without few big's clouds.

That's far more serious of mere "steering with aggregators" or mass profiling.


If the author of the site is reading this, I was unable to scroll down on Firefox/Android.

Not working in Chrome/Android either

Works on iOS 12 Safari

The Creepy Line is written and directed by the filmmakers behind conservative documentary Clinton Cash. It takes its title from Google executive Eric Schmidt, who said in 2010 that Google’s job was to “get right up to the creepy line and not cross it.” Schmidt has gotten no end of flack for that quote, and it’s easy to point out that Google is, in fact, often very creepy. But The Creepy Line makes a more specific, partisan argument. It claims that Google (and Facebook, which the film refers to almost interchangeably) deliberately manipulates its service to suppress conservative users and ideas, and — more ambitiously — that Google tweaked its search algorithm to swing the 2016 election in Hillary Clinton’s favor.

https://www.theverge.com/2018/9/19/17878332/creepy-line-anti...


It is good that Amazon funded this documentary.

Yeah, this is actually quite funny. You can also watch it on iTunes. Are Amazon and Apple exceptions with respect to selling your information? (I'm genuinely asking)

Apple’s whole stance is to protect your data. They don’t sell it.

Don’t know about Amazon but I think they use it for their own services only as they’re not advertising company. ---- EDIT: Brain fart, ignore


Amazon made $2 billion last quarter in advertisements. This is easily searchable, but here's the first result I found: https://marketingland.com/analysts-say-amazons-advertising-b...

As a comparison, Twitter made $758M in revenue last quarter.


Source?

Based on this link [1] posted elsewhere in this thread, if it is true that Amazon funded this, that has the potential to backfire spectacularly.

[1] https://www.theverge.com/2018/9/19/17878332/creepy-line-anti...


It's streamed exclusively on Amazon Prime Now. Exclusives are funded by the company producing them (e.g. Netflix, Hulu, Youtube, etc)

Amazon didn't fund this.

Seems like a conflict of interest really.

How does the site know what sites you are logged into? Is there some sort of guesswork involved?

There is some javascript that is connecting to around 40 different websites. If you are logged into any of these sites already then they don't return a login prompt so the site knows that you are logged in.

That's not entirely accurate. Some trickery is involved...

Javascript in one site can't just access another website's content. That's the Same Origin Policy. But what you can do is dynamically link to an image on another website. You can't access its content, but you can know if it loaded correctly. So if you find some image that is only accessible to a logged-in user (non logged-in gets a redirect for example) you can determine logged in status.

Another technique uses time measurements and non-image resources. Loading them as an image will fail anyway, but if there is a substantial time difference in the error response for logged-in vs not, it can be done that way too.


Yep, 21 trackers says Privacy Badger, and even more non-tracking.

So any site can grab the home page of any other site I am logged into, unless that site tries to prevent it (same origin policy or something like that?)? Yikes...

Where does it show this? Or is my browser so locked down that it can't even access this information?

Obviously the true value of these companies is in the data they’ll never show you, and there will be no documentary about.

While I might not learn much, the documentary format is really good for older people to get a grasp on what FAANG might be doing.


I've trouble trusting the content when the website is so badly technically made.

if the author of the site is reading this, please remove the scrolljacking.

Couldn’t watch the whole thing, was so naff, with grating ‘tension’ music, simply ghastly! At times I actually thought it was a spoof.

Did anyone who upvoted this actually watch the documentary or the trailer, or do HNers just automatically upvote anything that's anti-Facebook and Google these days?

The documentary is mostly right-wing conspiracy theories about how liberal tech companies are trying to undermine democracy and favor Hillary Clinton. Watch the trailer if you don't believe me. Or read this: https://www.theverge.com/2018/9/19/17878332/creepy-line-anti...


That's a fair question. I've got a follow-up for you: do people actually watch other people express diverse opinions or are they happy with just impeaching the source, slandering the messenger, and moving on? It seems everywhere I go online I get other people telling me how I should or shouldn't consume media content based on the producer's political opinions.

I both upvoted the video link and your comment. I like people with different opinions and worldviews.

Now I'll go watch the video.


The verge article is detailed and pretty convincing that I don't need to bother with this video. This isn't impeaching the source because of their political opinions, it's impeaching the content because of its political opinions.

> Taylor and the film’s writer Peter Schweizer say that they’re aware of issues affecting non-conservatives and simply wanted to focus on a single thread of the conversation. But that focus completely changes the argument. If conservatives are disproportionately suffering on Google and Facebook, an incident like Peterson getting locked out of Gmail looks like political warfare. If people across the social and political spectra are getting accounts suspended, YouTube videos demonetized, or stories de-ranked, it looks like bad service from a platform with a legitimately disconcerting amount of power.

> This distinction is probably obvious to many people. But The Creepy Line suggests that any seeming technical glitch or bad decision is a coordinated step in the master plan of Silicon Valley’s digital “kingmakers,” even when that’s far from the most obvious conclusion. It does things like insinuate that Google’s lack of a customer support hotline is inexplicable and suspicious, or claim that “very few people in the world have ever seen” an error page for google.com, so spotting one indicates that Google has cut off search access to punish a user for criticizing it. It glosses over the fact that these kingmakers didn’t even get their favored candidate into the White House, although Taylor argues that Google only put “roughly 10 percent effort” into its manipulation efforts because it was confident Clinton was already winning. “That won’t happen again,” he says.

edit: If this actually is funded by Amazon as someone speculated elsewhere in this thread, it's probably going to backfire spectacularly if this catches on.


I honestly think you're missing the forest for the trees.

It doesn't matter the actual reason massive, subtle opinion changes occur. Maybe it's the Russians. Maybe it's a liberal cabal. Maybe, as I suspect, most of SV doesn't know what the hell they're doing and are just faking it the best they can while they make bank. There is some effect occurring. Most reasonable commentators agree on that.

Once that's settled, then there are a bunch of follow-on questions: how large is it? How do we measure it? And so forth.

This video, assuming the worst slander you have is true, is an example of an answer to the following question: how are the existing political power structures perceiving this new effect?

That, in my mind, is as interesting as any of the rest of it. More so, actually, since the perception of damage is a much bigger thing in most cases than the damage itself.

This is going to get political, and in a hurry. I don't care which bunch of political assholes are carrying the flag towards fixing it, but I want to know how they perceive the problems involved and what they might do to fix things if given the chance. This is too important to choose up teams and play the usual stupid partisan games.


Sorry, I don't buy it. If you (or the authors of this piece) want to have a conversation about data harvesting, do that. Subtly entwining that with conservative conspiracy theories isn't just an innocuous side thread of the conversation. This is clearly an attempt to hijack the conversation about data harvesting to amplify their totally unrelated message about supposed suppression of conservative speech.

This is a case of 'the enemy of my enemy is my friend' going horribly wrong.


I'll try again. And that's it.

You are concerned that this piece is wrong/misleading.

Ok. Great. Another person wrong on the internet.

Now, from a meta level, can you accept that the public discussion about data harvesting, like everything else is going to be politicized? And would you rather understand and engage people of all political persuasions by following their arguments, or are you happy just being in teams?

I like understanding both sides, seeing where they are going. That way I can have reasonable conversations with them.

Innocuous has nothing to do with anything. In fact, I'd argue that it's not innocuous. It's important. That's why we need to understand it.

You realize, of course, that both sides look equally nutty to the other, right? I'm watching it rain and friends of both political parties spin up the most fantastical explanations for why it's raining. I find that fascinating. I also need to talk to them about coming the hell in out of the rain, so I choose to understand first, then be understood.

Nobody's trying to soft-pedal anything. There's no whitewashing here. The perception is the reality. That's the way humans work. The causal, pseudo-scientific part of things? Different conversation entirely. Stop mixing them up.


Listening to different political viewpoints can be good. I make sure to do so myself on many occasions.

However, the criticisms regarding this film raised in other comments and linked articles appear to be valid. It concerns me that you have repeatedly dismissed these objections as "slander", even before watching the film according to your own words.

You don't have to agree with someone's politics to work together on common ground, of course. And a film with a message may be worth watching even or especially if it challenges your views. But the film's agenda cannot be concealed.

The Verge article, for example, made no bones about its political views but also raised factual concerns about the film. It is also a fact, as others have pointed out, that the writer and director of this film, M.A. Taylor, also worked on political films such as Hype: The Obama Effect (which detailed "various questions about Barack Obama's past") and co-directed Clinton Cash along with former Brietbart chairman Steve Bannon: https://www.imdb.com/name/nm3379741/


You are basically regurgitating a bunch of points that apply more to what you are saying than what I am saying.

When you align yourself (presumably concerned about data harvesting) with people that think facebook/google are suppressing conservative speech, who is it that is just happy being in teams?

> You are concerned that this piece is wrong/misleading.

No, my concern is that by hitching the data harvesting wagon to the Tucker Carlson/Fox News clown show, you will be politicizing an issue that should be apolitical.


Your first guess seems correct.

This is how the world is today. We have strong opinions, and rarely do we care to actually update them. And it's not only because we are stubborn, but also because most of the public media doesn't add any valuable insights; it just picks one of several simple and well-known messages, and yells that message at us. So it's pretty clear what it's trying to say from just reading the title.


Came here to say the same thing.

It's also rather hypocritical to display the trailer as a Youtube embed rather than a <video> tag. Google Analytics on the website as well? Of course there is!

I did upvote this at first but quickly unvoted after seeing JP in there. Yes, surveillance is creepy, but I'm not suddenly going to cheer for a climate change denying misogynistic speciesist because he's expressing a common-sense truth. Context does matter to some extend.


[flagged]


I don't think labeling it as "hatred" helps in any way. It's just an honest assessment of several of their business strategies, dark patterns and grey ways of doing things that many people find unacceptable. It has nothing to do with alt-right, the Jews and whatever else you may mean.

It's funny how everyone pointing this out is getting instantly downvoted because they've been tricked by the website (which has zero mention of this) into thinking this is about data harvesting.

The points-to-comments ratio of this post is massively out of whack with everything else currently on the HN frontpage. Also anyone posting criticism is instantly being heavily downvoted.

Something fishy is going on here.


The website knows more about me than I do! I can't remember the last time I logged in to Disqus or Blogger but apparently I'm logged in.

An app that notifies you the services you're currently logged in to, and helping you log out immediately, would be a good idea.


Containers on Firefox do this type of isolation without making you play login whackamole. Each website you define gets its own little sandbox with no access to other sandboxed cookies, unless you permit it.

This documentary makes the extraordinary claim that Google developed Chrome in order to spy on users' browsing behaviour, which is more uncharitable than necessary. I don't trust Google all that much, and I don't think you should either, but that doesn't mean that everything they do is pure cynical exploitation. Defeating these anti-features and misadventures doesn't require a moral crusade, it only requires you to decide not to use the product, and to tell them why through the feedback feature (though some things, like mass gathering of location data, involve plenty of third parties who will probably keep selling your data to Google whether or not you use Google's services directly).



Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: