Hacker News new | past | comments | ask | show | jobs | submit login
Judge in Google case disturbed that 'incognito' users are tracked (bnnbloomberg.ca)
927 points by johncena33 8 months ago | hide | past | favorite | 353 comments

Unless I am reading this incorrectly, I think this paragraph better summerizes the article versus the headline:

"In this case, Google is accused of relying on pieces of its code within websites that use its analytics and advertising services to scrape users’ supposedly private browsing history and send copies of it to Google’s servers. Google makes it seem like private browsing mode gives users more control of their data, Amanda Bonn, a lawyer representing users, told Koh. In reality, “Google is saying there’s basically very little you can do to prevent us from collecting your data, and that’s what you should assume we’re doing,” Bonn said."

It doesn't seem like the complaint is that Chrome collects data on you in "Incognito" mode, rather that websites (e.g. Google Analytics) still collect on you in "Incognito" mode.

Right. Open up an incognito window right now, and you'll see, in plain English, front and center:

>Your activity might still be visible to websites you visit.

The error here is in treating all of Google and all of data as monoliths. The first paragraph of the article makes this... let's be generous and call it an honest mistake:

> The Alphabet Inc. unit says activating the stealth mode in Chrome, or “private browsing” in other browsers, means the company won’t “remember your activity.”

Yeah, I doubt anyone from Google says that, which is why they had to use phrases instead of sentences in quotes. Chrome won't remember your activity. That doesn't mean Google won't if they know who you are for some other reason.

I think there's another issue here though.

If I turn on Incognito mode and then go to Amazon, Amazon can obviously see what I'm doing. If I log into Amazon, then Amazon knows it's me and can track that. I think that's reasonable, but people didn't understand that that's the case and that's why Google has that disclaimer there.

That's different from browser fingerprinting[1] though. Fingerprinting techniques exist which can tell that you're you even if you're in incognito mode. For example, if you're visiting Pornhub every day in incognito mode, the company can still build a pretty reliable profile of you. If you then visit them not in incognito mode once, they may be able to take that incognito profile and associate it with you a lot more closely.

Likewise, if you visit Amazon from your browser all the time and then visit them in incognito mode, these fingerprinting techniques allow Amazon to know it's you already; they can "play dumb" by keeping you logged out, not showing you recommendations, etc., but they can still figure out it's you and use that to continue to build a profile on you.

The caveat here is that this is much more useful for some people than others. If I visit HN, then HN can fingerprint me in Incognito or not, but that's not extremely useful. If I visit literally anywhere else, Google/Doubleclick/etc. can fingerprint my browser, and since extensions like ad/tracker/etc. blockers don't work by default in incognito mode, they could potentially get an even better profile of you from Incognito mode than not.

Pretty gross, honestly.

[1] https://blog.mozilla.org/internetcitizen/2018/07/26/this-is-...

Google doesn't fingerprint browsers like other adtech networks do - that's why they're really pushing for on-device ad auctions[0] and removing the usefulness of third-party-cookie-based tracking all together[1]. It would strengthen their monopoly (other providers would have to invest in supporting this ad model) while also directly benefiting the consumer's privacy and not hurting their business model: ad clicks.

0: https://github.com/WICG/turtledove#turtledove

1: https://www.chromium.org/Home/chromium-privacy/privacy-sandb...

>Google doesn't fingerprint browsers like other adtech networks do

Citation needed :)

I'm taking part in the Browser Fingerprinting Project that was on here recently[1] and the only browser that isn't marked in the test as trackable so far is Firefox[2]. They don't use cookies for the test so third-party cookie sandboxing or blocking is irrelevant. If Google doesn't use browser fingerprinting as you say then they really should fix Chrome.

1: https://browser-fingerprint.cs.fau.de

2: I test most mainstream browsers as I already had them installed on Windows and Android devices for testing.

Google definitely does browser fingerprinting. I have been running bots for years to collect pricing data. They check your gpu, bunch of stuff from navigator, etc. The only thing I have not seen them do is canvas fingerprinting.

They claim they do not use fingerprinting for user identification for advertising. Some people would say that this is a weaker claim than not using fingerprinting.

They have admitted to using those sorts of information for fraud detection to detect fake ad clicks, bulk account creation, or other malicious activity. I also suspect they do some clustering on this data to determine what accounts are related so if there is malicious behavior from a cluster of accounts that appear to be the same user they can act on the whole cluster.

But there is no evidence that they use fingerprinting for targeting advertising.

Fair, I have no evidence they use fingerprinting info for advertising.

They definitely cluster fingerprints to block whole groups as does any decent antibot.

They definitely do some form of fingerprinting for content optimization. After browsing in incognito, Youtube was sketchily on-topic.

(esoteric science/technical topics which wouldn't come up by chance)

The issue isnt that they did or didn't.

The issue is that they can

Ok. By what mechanism could Google prevent themselves from ever being able to do this? The browser can be updated to do anything. It could start deleting hard drives tomorrow with a malicious update!

To make an analogy, most places ban entering with a weapon unless you are law enforcement on official duty. Not because any Joe that has a gun has killed someone with it.

But the danger is that he/she can. Thats why guns are regulated. Information is not a harmless dingus. Its a weapon, just as the gun was in the last century. Do we need a war to discover this?

The web is still a gunslinging wild west. We need regulation. EU is light years ahead in this regard and might just save us all from the tyranny of the Greay whom we trust to act in good faith - because they say they will. This strikes me as quite naive on our part.

Can you be more specific?

What technical thing can achieve the goal you want? No metaphors.

>Information is not a harmless dingus. Its a weapon, just as the gun was in the last century.

This is a silly analogy, what is Google doing or planning to do with this information that is dangerous, and how does that stack up against the potential benefits of Google and other tech companies collecting this type of data?

>what is Google doing or planning to do with this information that is dangerous

That is not the right question because if a rogue US administration, that is, an administration willing to defy US courts and the US Constitution wanted Google's data, there is probably nothing Google could do to stop them from getting it.

(Such an administration could probably only get away with that during a time of national emergency, e.g., a war or a massive solar flare knocking out most of that nation's electricity for a month, but there are undemocratic elements in every country who are basically waiting for such national emergencies.)

At least I've never heard of a plan, from Google or anyone else, that would allow Google to successfully thwart, e.g., a surprise raid by thousands of US law-enforcement officers.

In other words, Google's data-collection practices are a menace (to US residents at least) even if we could be guaranteed that Google would never willingly use it in any bad way.

SO you want Information need to be regulated? is that your point?

EU is light years ahead in propaganda, that's about it. It has its mouth full of GDPR while it's quietly preparing China-style firewall, tracked digital money and encryption ban.

>By what mechanism could Google prevent themselves from ever being able to do this?

The law.

The law cannot prevent you from doing something, it can only punish you if you do it.

that is a nonsense statement. "doing something" = "do it"

if you mean, cant stop you considering it, then thats fair, but then the point has no value?

I'm not sure I understand what you mean.

What's difficult about this? The law prevents people from doing the wrong thing every day using the threat of jail time or worse.

Claiming laws only punish actions taken so they can't be "preventitive" by preventing others from taking those actions is either naive or just plain intellectually dishonest.

The US is a country that has laws inaccessible to the public with no way of knowing whether you're breaking those laws. It's either naive or just plain intellectually dishonest to think that these laws exist as a preventative measure.

But one can break a law and get away with it. It's selectively enforced.

But the claim I was responding to was that it does not matter whether Google is doing this now, what matters is that they can do it. A law which imposes penalties on what you can do rather than what you are doing seems fraught.

> >By what mechanism could Google prevent themselves from ever being able to do this? > The law.

I'd really rather not see companies like Google (it any other, for that matter) making laws. Lobbying is bad enough.

They can't without violating (or at least changing) their privacy policy.

You and all your friends are welcome to each bring an arbitration case against them if they have been doing it or if they do it without you agreeing to an updated privacy policy.

If they haven't, then you have nothing to complain about. If they change their privacy policies to allow it, then complain.

Yeah and google can do all of the above considering just about every website uses google analytics and all that analytics data is sent back to google's servers. Then they can sweep up whatever they missed using Chrome or Android or google-owned service metadata (i.e. google search, google maps, etc).

Google Analytics is the service that connects it all and google has convinced companies to give them this data access for free. (well, in exchange for visibility to parts of that data displayed on fancy trinkets)

This is the web-equivalent of omnipresent facial recognition tied to a central database.

Like fingerprinting, facial recognition is not perfect (e.g. you can have a lookalike, twin, etc.) but is still damn frightening.

Perhaps this viewpoint can convince some more people of Google's (potential) evilness.

How does this relate to Google though? Do you mean they should get rid of incognito mode? Cause it doesn't succeed at preventing all websites from tracking you? Or that they should be liable for making people believe it could when it couldn't?

incognito mode is not made to hide you from the internet. it's made to hide your activities from being logged into your browser.

How can Amazon see what you’re doing in incognito if you haven’t logged in? An incognito session is cleared of all cookies so you need to log in to establish your identity. It doesn’t stop Google Analytics from loading but will log you as a new user/session because previous session cookie is gone.

Now, there is also fingerprinting techniques but at the time incognito mode was released these were not widely known and incognito meant: make me look like an anonymous user on the internet NOT make me invisible.

I think a lot of the problem is, the average person doesnt know the difference between your browser not tracking your activity, and the internet tracking your activity.

incognito mode is to hide from your browser history and tracking, it has nothing to do with the servers you visit.

Speaking of pornhub...

There used to be a way to see your pornhub search history even if you were always incognito, right on the site. It worked really well but I never figured out how it worked.

Yes, but Chrome is still google. If the left hand suggests using this Google product means privacy and trust, but the right hand still exploits you, I do think there's an issue.

They can twist the words to be technically accurate, but not everyone is going to understand this.

How would you explain this that wouldn't be considered "twisting"?

If you're in incognito mode, and you buy something on Amazon, post something on Facebook, purchase a NYTimes subscription, do you expect none of those entities to have information about what you did?

If you're in incognito mode and you visit a website with an embedded Facebook Like button, and Facebook's Javascript uses browser fingerprinting[1] to track you and build a further profile of you, do you expect that entity to not know who you are just because they don't have access to their usual cookies?

[1] https://blog.mozilla.org/internetcitizen/2018/07/26/this-is-...

Wouldn't the same be true with any other browser's incognito? What does this have to do with Chrome? The irony is that to do what these people ask for (Analytics somehow not tracking you in incognito), they would have to actually add in a way for Analytics to detect you are in incognito.

No, because I directly interacted with those entities. That's different from Google Analytics, where an entity with which I directly interact informs a third party unbeknownst to me.

No need to explain any different. The solution is to simply not track the user on websites, which they own, when the user uses incognito mode. That would be the honest way, but it will never happen, because then other browsers could try to pretend, that they are incognito Chrome.

So that leaves us with "do not trust privacy protection of an ad company".

A reasonable expectation would be that Amazon doesn't know about the Facebook post, that Facebook not know about the Times subscription... etc.

Replace the left side of the expression with "Google" and you'd have what most users might expect from Incognito. That is, that Google not know about the Amazon purchase, Facebook post, or Times subscription. That Google does know, essentially, even from Incognito, is the problem.

But Google doesn't know who you are when you're in incognito. They famously "don't do fingerprinting".

Of course, if Amazon or Facebook or the Times tell Google or at least hire someone to figure out who you are and tell Google then it's surely not Google who is tracking you.

And likewise, if Google Tag Manager and Google DoubleClick Ads make it easy to add and integrate with the one or two missing pieces from third parties to make this work, then it's not Google's fault either.

Why do you think Google knows about the Amazon purchase or the Facebook post? They don't.

I was sticking with the analogy established in the post I was replying to. To me they are variables in the pseudo-code, for the purpose of understanding the algorithm, not the actual underlying reality being discussed.

Right, but GP picked those variables intentionally, as things that Google doesn't (can't) track. If, for example you replaced "Amazon" with "Google", well you'd obviously expect Google to have the data.

So then if you replace "Amazon" with "company that subcontracts to Google for analytics", you'd still expect Google to have the data.

I think the issue here is a little more nuanced than right hand vs left hand, etc... Incognito was developed as a feature to hide your browsing history back when all users having individual accounts on a computer was much more rare. It wasn't developed in a world where "privacy" meant what it typically means today.

Things have changed and perhaps Google should have changed as well, but to paint this as some sort of nefarious plot is a bit disingenuous.

Incognito seems to be a bad name for what it does. Maybe Alzheimers mode would be better suited to describe the local forgetfulness without implying an attempt to hide the users identity.

The common name for it is "porn mode". It communicates the design goal very well: the point is to hide the fact you're visiting some pages from other people who may be using the same computer.

Everyone was too embarrassed to admit this was the origin of the feature. Fast-forward a few decades, and people are shocked that what was a euphemism doesn't honestly describe how the feature works.

Making incognito mode detectable is much worse for privacy, no? It adds another identifying bit that can be collected and it gives sites the ability to block people attempting to avoid tracking.

Yes, just like the do-not-track bit. That could change if courts start treating these bits as a "no, I do not consent to any tracking" statement. What if it was illegal to track users with this bit set?

"Tracking" becomes a little more subtle for websites that try to maintain some per-visitor state in order to function. But if it were well defined legally, it could probably be a really nice move for the sake of peoples' privacy.

Of course, that only helps with agents subject to the relevant laws.

Which, one would hope, Google is.

There's a reason big tech companies have entire PR departments with "We can do better™" statements ready to go.

Sometimes I wonder if there are cynical teams in Google or Facebook who implement features and also write public apologies for those features ahead of time.

Maybe the really advanced ones have PR statements that say "Oh, this feature sounds bad but it only really does this thing which is mostly okay" and then another one for "okay yeah you caught us it doesn't just do that okay thing but all the other not okay stuff you worried it did ahead of time".

I'm sure there are entire machine learning teams working out the best way to word these non-apologies and the best schedule for releasing them to best soften the impact of getting caught with their hands in the (literal or figurative) cookie jar.

I think the reality is much simpler. There's nobody in Google writing public apologies in parallel to implementing features. Through the magic of free market economy, they can just outsource it. Some court frowns at what they're doing? A quick call to a reputation management company (which they probably have on a retainer, or at least on speed dial), and they get all the press releases and training they need to manage the crisis. Why do it in house, if you can have experts do it for you?

Much like testing what would happen if a migration script dropped a column, features need to be tested against the possible outcomes in the court of opinion. I expect a well-organized corporate to have Product Owners who design the packaging of the feature and have it reviewed by the higher-ups when it’s a user-facing feature, or to design the apology letter and have it reviewed by the higher-ups when it’s an advertiser-facing feature.

But it’s our role as a society to not be gullible, and eventually organize against such behaviors, which this judge is doing.

If it just sets the "do not track" header, you don't necessarily know whether the user is in private browsing or just always has that enabled. I think adding the extra identifying bit to the sea of identifying information would be worth it if we had regulation (with teeth!) around what sites were/were not allowed to do with "do not track" on.

The header takes the values DNT=null (user didn’t specify), DNT=0 (can track), or DNT=1. We could have DNT=2 (really do not track?). Why not DNT=3 (“please disregard my login even if I attempt to”?).

Why would incognito mode be any more detectable? If it's a question of not giving access to certain data that could be used for fingerprinting (e.g. user agent, screen resolution, storage API, statistics of accelerometer noise, gyroscope drift rate), the browser should respond with fake data instead of no data.

There's a lot of data that doesn't need to be present, or presented, without user approval. The info at https://browserleaks.com/ is just... ridiculously detailed.

I don't see why a website should be able to get information about my WebGL capabilities without me being asked first if I want to let them display content, or why they can get a list of audio and video input devices without asking to use them first.

Even on Firefox, which I think is generally doing a much better job about this stuff, there's so amazingly much data that shouldn't be shared without asking first.

> why they can get a list of audio and video input devices without asking to use them first

I don't think they can do this without audio/video permissions (?)

The problem is that you cannot just add a new permission and expect things to not break. The flow for requesting permissions is different and would break pretty much every website that uses these APIs.

No there really is not. You can't always "twist" the words how you need it, otherwise you behave just like Google. Chrome is a separate product. It's a browser. If it says that Chrome won't remember history in private mode, but then you go and visit a Google website, then this website can still track you the same as any other website in private mode. You can't really say "Oh Google should be broken up and be treated as separate entities (at least when it suits me)" and then start complaining "Oh Chrome and GMail are acting like separate entities but they should be really acting as if they were the same thing (at least when it suits me)" ... lol

Private mode never was meant to be a privacy feature against websites. Private mode is to prevent your LOCAL history from containing anything you searched/visited and the legit use case is sharing of the computer with other members of family, for instance. For websites, nothing really changes. They can still track you all the way they want.

I mean, Firefox sends Do Not Track when in private browsing. So clearly it's trying to do more than just hide local history. It obviously can't guarantee it, but it's trying.

Chrome is not, and it seems pretty clear that it's not because that would hurt Google's bottom line. There's no conflict here between "Google shouldn't track you" and "Google should be split up".

Chrome also has an option for Do Not Track. Are you saying it should be enabled by default in Incognito? That may seem like it would help but not really because now you've given trackers a pretty unique signal to further track you (as very few people set that header).

Chrome has an option to send DNT, but Google's sites do not honor DNT:

> Most websites and web services, including Google's, don't change their behavior when they receive a Do Not Track request. Chrome doesn't provide details of which websites and web services respect Do Not Track requests and how websites interpret them.


> I mean, Firefox sends Do Not Track when in private browsing. So clearly it's trying to do more than just hide local history. It obviously can't guarantee it, but it's trying.

You got scammed by Mozilla if you think that.

Please have a deep look at the various documentation on how the Internet works and realize that sending that header does absolutely nothing for users. It is, as it has always been, up to the receiving server to decide whether to even consider that data point or not.

This means that Firefox is not "trying" to do anything there, and it's actually doing an incredibly hypocritical thing as a browser vendor, making non-technical users believe that Firefox sending that header is somehow proof that Mozilla cares.

> Please have a deep look at the various documentation on how the Internet works

Wow. I understand how the internet works, but thanks for the personal attack.

> ... and realize that sending that header does absolutely nothing for users. It is, as it has always been, up to the receiving server to decide whether to even consider that data point or not.

Of course, and Google controls the receiving server in this case. If they honored the Do-Not-Track header, and if Chrome sent it, users would be better off. Of course browsers can't control what all servers will do. But by sending it, servers that do honor it will.

> This means that Firefox is not "trying" to do anything there, and it's actually doing an incredibly hypocritical thing as a browser vendor, making non-technical users believe that Firefox sending that header is somehow proof that Mozilla cares.

You seem to be saying that because not all services honor the header, it should never be sent. I would say that sending it is better than not sending it, because some services do honor it. And the fact that Google doesn't honor it is telling itself.

Firefox obviously does try, and DNT is not the only proof. They have put in a ton of work to make fingerprinting harder.

Two separate issues:

1) Chrome should enable the Do Not Track header when in private browsing, as any reasonable person would expect they would.

2) Google websites and analytics should respect Do Not Track.

I'm repeating what others have said but I think it's important to separate these out as different issues, because it completely nullifies everything you just said -- both are strong arguments on their own, and Chrome being a Google product is completely irrelevant to both.

Except Do Not Track basically died in 2018. [1] The W3C abandoned trying to standardize it, and virtually no websites pay attention to it, because the legislative efforts behind it fell apart. It's merely a "feel good" HTTP header that does virtually nothing whatsoever in practice.

I also disagree that "any reasonable person" would expect the header to be used in private browsing. Safari invented private browsing in 2005, and Chrome Incognito mode launched in 2008. Do Not Track didn't even exist as a concept back then.

Incognito mode was never intended to be anti-tracking. It's only ever been intended to hide your browsing history locally, e.g. from family members.

Tracking protection has an entirely different purpose. And if you want protection from tracking, you'd presumably want it in all windows, not just incognito windows, right?

These are the important issues to be kept separate. Anti-tracking is something that should be consistent across all browser windows. It has nothing to do with Incognito. Incognito is about not saving browser history locally. Totally separate.

[1] https://en.wikipedia.org/wiki/Do_Not_Track

> Incognito is about not saving browser history locally. Totally separate.

They're totally separate now, but it's not clear that they should be, and it seems pretty clear that they're not separate in the minds of users.

I'm having a hard time imagining a scenario where a user would want to hide their local history, but are totally cool with people who don't have physical access getting access to their activities.

> I'm having a hard time imagining a scenario

Very easy.

Let's be honest, incognito mode is generally used for watching porn without worrying that it will pop up in the autocomplete box or history later.

But you log into the porn site, in incognito mode, in order to access your saved videos, subscriptions, etc. The porn site knows exactly who you are, tied to your credit card number, etc. Your ISP knows you visit the porn site. Your credit card knows you pay for it.

That's the main use case. The privacy is ONLY regarding local history. That's the only expectation there's ever been.

> That's the only expectation there's ever been.

Given that the judge in this case had different expectations, that's clearly false. That may have been the intention of the feature, but I can easily see why it may not be the expectation of users.

I gave you the scenario. It's reasonable.

The judge in this case is simply seriously misinterpreting the feature. There are always going to be some percentage of users who misunderstand a feature no matter how explicit and clearly it's been described. Even if they're a judge.

Google isn't misleading anyone here. Every time you open an Incognito page it says EXACTLY what it does and doesn't. If some users and even some judges can't read, that's their problem.

Do Not Track died the minute Microsoft killed any possible distinction that header provided. They may have backtracked on that dumb idea with Edge but the damage was done, the momentum of DNT was killed and they effectively "poisoned the well" and ensured that the largest portion of DNT headers seen were not in any way set by the user. The W3C abandoned it because it was already gone.

"Google. Chrome is a separate product"

So basically: "Your honour, I can prove I didn't rob John, I had my brother do it for me!"

The US government does the exact same to circumvent the 4A.

which is likewise reprehensible.

is google going to wait until there's regular street fighting in cities across the nation before they change their surveillance behavior?


Please read the HN guidelines on commenting. You're attacking the commenter's account, assuming bad faith, and name-calling their argument a "rant" instead of responding to the actual argument they're making.

My account has been around for a long time and I agree with them. It's a well-reasoned explanation. It is correct on the purpose of incognito mode (to protect privacy locally only, e.g. from family) as well as the obvious point that if you're using Google.com while in incognito mode (very common), it's tracking you as it would anywhere. Websites aren't even supposed to know you're in incognito mode.

Incognito means and has always meant "fresh browser tab with no history". It has never meant no tracking.

No I'm not, I said "I love these accounts", I find them enormously entertaining

Just apologize for baselessly attacking the gp and admit your condescending "high ground" is indefensible. I've done it on HN before, it feels pretty good vs continuing to defend a rash comment.

Please don't post unsubstantive comments or flamebait to HN. Please do follow the site guidelines. You've broken them badly in this thread.


Throwaways are important for being able to discuss opinions you might not want to on your main. Treating them as unacceptable worsens the quality of discussion here.

I somewhat agree with the point they made and this is not a throwaway if that helps.

@malux85, except their point is pretty solid. At the very least martamorena943 made a coherent argument to support a point of view they are sharing politely. None of which you have bothered to do at all, in spite of (or I guess because of) the condescending high ground you feel entitled to.

It would be a really interesting result if Google couldn't offer an "incognito mode" because of their position as a data harvester. Rare for vertical integration to be a disadvantage.

Others pointed out here in the comments, and elsewhere everytime this subject comes up, that Incognito window has a very carefully worded disclosure when you open it that websites can still track you.

I think any judgement saying that Incognito/Private Browsing/etc are lying unless they somehow prevent websites from knowing that you accessed the website would be downright technologically impossible, short of perhaps Tor browser, and even Tor Browser doesn't make this kind of guarantee.

I think their disclosure is very misleading. The disclosure sounds more like "we can't prevent other people from tracking you, but we're doing our best to stop it". What they should say is "Google will still track you. Other websites may still track you."

Saying specifically that Google will track you isn't true either - it doesn't track you and associate the incognito session with your existing ad profiles, it tracks a new identity with its own interests. Google shouldn't have to specifically list itself when it behaves the same as other third-party analytics services or ad networks.

Why do you say it is carefully worded? It seems like a basic description of how the internet and how browsers work.

Exactly. Many people (like the judge in this case, clearly) have a dream about how they think it works. But if they just read what the text said, it's very clear.

They've changed the wording a few times, but as far back as I can find screenshots, it's always said that websites can still track you.

> They can twist the words to be technically accurate, but not everyone is going to understand this.

I think there will have to be some kind of large-scale privacy crisis with real and visible consequences for the public to ever become alert to what surveillance capitalism REALLY means for them.

Some folks are aware that these practices are bringing us down as free people (rather than as individuals), but these voices just sound like nitpicking to most people. I am just concerned about what kind of tragic consequences we'll have to see before people get wise to this.

> error here is in treating all of Google and all of data as monoliths

I don't think that's an error. There is a material difference between me promising you "I won't eat your berries" and my neighbor eating your berries, and my making that promise and then eating them.

If Google is promising not to track you, Google shouldn't be tracking you. “We are bad at coördinating” isn’t a valid excuse. Coördination is the cost of the conglomerate.

Oddly, it doesn't tell you that Google itself will still track you through Google Analytics.

Something that is under Google's control.

Open up an incognito window right now, and you'll see, in plain English, front and center: >Your activity might still be visible to websites you visit.

Maybe the problem could be solved by using a description other than "incognito" and an icon of a spy, generally considered a person who would be hidden or stealthy.

Maybe "Reduced Tracking Mode," or something more honest.

"Reduced Tracking" is partly the misnomer though. It's not less tracking, right?

It's just a temporary separate browsing session with history turned off.

The only thing that makes it less tracking is that it might not be associated with the profiles you're logged into in your normal browsing profile.

Assuming someone forces Google to do that in Chrome (which is pretty much the only way it would happen), how about calling it "Forgetful Mode." Because by turning it on you're telling the browser not to remember where you've been. I don't know if that would fully clear up the central misconception here, namely that in that case the only person not gathering data about your browsing is you. But at least it hints at it. When it's turned on, you're basically wandering around forgetting where you've been; hence maybe the icon should be an old man hunched over with a cane and little dots and curliques surrounding his head indicating a diffuse cognitive state!

The point has always been painfully straightforward, your browser is the one who stops tracking your browsing activity, not the sites you visit.

There's even a warning about that

> Chrome won't remember your activity. That doesn't mean Google won't if they know who you are for some other reason.

This has always kinda bugged me. I don't know what the hell I was doing yesterday at 13:42, but chances are Google does. Likewise, my phone company (and by extension, the government) knows where I was at any given moment in the last 15 years.

> >Your activity might still be visible to websites you visit.

This disclosure is a bit weak, really. I could visit no Google websites and still be tracked by them, and god knows who else, and that's where it gets really fuzzy around what things mean, I think.

You could be tracked by anyone, not just Google.

Private browsing doesn't save your search history, clears your cookies/sessions, doesn't save auto-complete suggestions. This is more about keeping things private from other people who might use your computer.

But as far as websites' ability to track you this isn't really all that effective. Yes, logging out of all your other accounts goes a long way but there's still plenty of ways to track people. Incognito mode does little against sites that try to fingerprint browsers.

It is close to fraud when you say “could be tracked” in quotes when you mean “almost every site you visit Alphabet will track you even when you configure our software otherwise”.

No, it's closer to "every site you could visit - Facebook, Amazon, Reddit, Instagram, etc. - can track you. And since Incognito mode doesn't announce when it's set, Alphabet is no different."

As far as I understand it, Incognito appears just like any other chrome browser. It seems like you want Aplhabet websites to specifically exempt Incognito browsers from data collection. That would require building mechanisms to identify incognito browsers. That makes it easier for websites to block content if they detect private browsing, which is a valid concern.

And it's really hard to call it fraud when Incognito mode explicitly tell it's users what it does:

Chrome won't save the following information:

- Your browsing history

- Cookies and site data

- Information entered in forms

Your activity might still be visible to:

- Websites you visit

- Your employer or school

- Your internet service provider

Even before I knew how to program I understood that Incognito didn't save browsing history but websites could still see your IP address, and your ISP could see what domains you hit. I'm really not seeing anything remotely close to fraud here. This headline makes it sound like they're breaching people's privacy, when in reality it's just the fact that Incognito mode is a setting on your browser to clear cookies and not save browsing history - not some magically spell that prevents websites from tracking you.

And outside of Tor, your public IP says a lot... never mind profiling. It would be very hard to prevent, especially for the least legitimate tracking, and then if incognito makes itself too obvious, that info is also interesting for tracking...

Privacy is hard

>and then if incognito makes itself too obvious, that info is also interesting for tracking...

AFAIK that's already trivially detectable on most (all?) browsers.

Yeah, and there are some excellent fingerprinting testing sites that show it that even from a single website visit you can be narrowed down substantially, and from there a few more visits to sites working together and they could easily pin you down to an exact person. The discussion about malicious actors is insane, even legitimate ones can do it easily.

Sure, but Google could honor Dot Not Track, and Chrome could send it when in Incognito mode.

Eventually everyone will be forced to use TOR because of stuff like this.

[insert youtube vpn ad here]

Yeah Google warns you when you enable Incognito mode that it's about Chrome won't store, and specifically says website's can still track you.

I think the complaint is that in this case, Google wrote the code that is commonly used to do both. I think the lawyer is arguing that since Google gives the option in one product, they should honor it in the other. Honestly, I'm not sure how I feel about that argument, but it reminds me of the character Ned from 17 Again: "I wrote the software the prevents people from stealing music. Of course, I also wrote the software that helps people steal music..." Selling weapons to both sides and all that.

I think there are some strong reasons to want marketers to generally be less able to track our online activity and for fingerprinting of the style of Google Analytics or Facebook to not exist but Google is just one participant in this activity, it's particularly ironic that Google Analytics is working to actively counter the work of the Chrome team's incognito mode but I would only really be concerned if those two teams colluded to give Google Analytics a competitive advantage.

I do generally think it's quite fair to view Alphabet as an unreasonably large company that needs to be subjected to anti-trust laws - there are many companies with far too broad a breadth of market control in the modern world. So maybe that's the better tactic, actually dust off our anti-trust laws and break up some of these tech giants.

> since Google gives the option in one product, they should honor it in the other

But it can't, because websites, in theory, aren't and shouldn't be able to detect if someone is in incognito mode. There's sometimes hacky ways, but so far Chrome has patched those as they've come up.

Is act of selling weapons to both side, ethical? Is it automatically unethical, that it is considered a monopoly, that needs to be regulated, universally across industries and contexts? Or is it not?

> Selling weapons to both sides and all that.

I wrote software that will track you on the net, not matter where or when. I also wrote the software the gives you the impression that you can do something about tracking.

The problem is that Google stands on both sides of this relationship. With Firefox there are borders around where your browser ends and the sites you visit begin.

Google has been blurring that line between browser and content ever since single sign on in Chrome 69. I think it's a fair exercise to explore the relationship between Chrome and Google services just because they put themselves in this position for a reason. We deserve to know what that reason is. I don't trust Google at their word.

With Firefox there's no question because Mozilla lacks the ability to leverage anything they might incidentally collect in private browsing. Google does have that ability and we should know if they are abusing it.

If you asked Google employees and Google fans if they thought Google was reading their Gmail for advertising they'd probably roll their eyes at you. And alas they turned out to be mistaken.

> If you asked Google employees and Google fans if they thought Google was reading their Gmail for advertising they'd probably roll their eyes at you. And alas they turned out to be mistaken.

Maybe you weren't around at the time or don't remember, but that was part of the launch announcement and never hidden and was mildly controversial at the time, for instance: https://www.nbcnews.com/id/wbna4732385

> It doesn't seem like the complaint is that Chrome collects data on you in "Incognito" mode, rather that websites (e.g. Google Analytics) still collect on you in "Incognito" mode.

Isn't that a distinction without a difference though? It's not Chrome, it's Google Analytics. It's all Google in the end, isn't it?

Not in court, no. In court that is a huge difference, because Google is a company, Chrome is a product, and Google Analytics is a technology, and those are completely different things.

A good lawyer could quite successfully argue that all three being "Google" is not sufficient for the public to reasonably expect that "private browsing" means Google will still be monitoring you. And while Google would argue that its EULA no doubt contains a clause along those lines, the deception is still there, and can still be litigated (even if the verdict ends up being "this is deceptive and you must change this aspect of your product" without this particular thing, among many many others, requiring punitive measures)

This assertion without an argument is not especially helpful. What legal distinction must hold the line here, in your view? Why is it insufficient to suggest that a user in a Google Chrome Incognito window might reasonably expect Google to be on notice that they do not consent to Google tracking?

Edit: the parent has since been edited. It had said only "Not in court, no. In court that is a huge difference."

Because "incognito mode" is not about tracking! It is about saving information on your local machine. If you are in incognito mode and log into Gmail, you will see your own email! You are not incognito to Gmail. It used to be called "porn mode". I think that's a better name for incognito. It is there to stop others who use your computer to spy on you. Ofcourse you can use incognito (assuming you don't log into anything) and be reasonably anonymous (there are many other things that can track you even in incognito). I think it just need a rebranding. I vote "porn mode".

“Porn mode” is bad name for the thing because for the typical porn use case the user actually wants the persistent persistent browser state (eg. so that pornhub’s “Recommended for you” shows relevant content) and only wants it to be disconnected from their non-porn online activity.

You can still log into the porn website and watch your recommended videos. But after you close that window, no history of that ever happening is stored on your local machine. No urls, history, or cookies.

I suspect "no-history-mode" would be an easier sell. It would certainly explain a little better what's going on, but clearly lots of folks wouldn't still understand that the 'history' is only on their end. "I wanted no history of what I was doing anywhere!" Use Firefox+uBlock, or Tor, or...

My problem here is google's attempt to correlate incognito users to their non-incognito history.

The intent of the user is clear.

>My problem here is google's attempt to correlate incognito users to their non-incognito history.

To a web server incognito mode isn't a thing. It's a client only thing. You don't know if a user is using incognito mode, or if they just cleared their cookies / cache. There's no way to know the user's intent.

And this is by design (even though it's actually detectable -- try watching Netflix or Amazon, or any similar DRMed content, in incognito mode), because telling the server "hey, I'm in incognito mode" is antithetical to the goal of seeming to blend in.

But I still see a problem with Google's control of both sides of the connection, and with fingerprinting in general.

In your view should Google not allow people to log in to Gmail while in incognito mode? How can someone remain untracked by Google while in incognito mode but also interact with personalized Google services, like email?

By logging into one's account. Surely you see the distinction between deliberately availing oneself of a service and bring tracked on entirely separate websites without being informed, much less consenting.

You're making an argument against tracking in general. That's fine, but it's not what we're discussing. What we're discussing is if sites should treat traffic from browsers in incognito mode differently than traffic from browsers not in incognito mode. Do you think they should? I would argue that sites shouldn't even know whether or not their users are in incognito mode.

> Because "incognito mode" is not about tracking! It is about saving information on your local machine.

Expecting laypeople to understand that distinction is probably a bit optimistic.

Porn mode is also about companies and governments finding out information that they can use to blackmail you.

The legal argument is not about Google's tracking in the abstract, but about whether is is misleading users in how they describe Incognito mode. As of today, the Incognito mode screen says loudly that that Chrome won't record your activity, not that Google won't record your activity, so I think it's a hard argument that users were deliberately misled.

It is placing the onus on a layperson to understand the technicalities of how third-party advertising trackers work.

What is interesting is that they do explain this more clearly in some of their help articles -- but the leave out some of those details in description embedded in chrome. It takes 4 clicks to get to this from the "learn more" link -- it's pretty buried.

> Your activity, like your location, might still be visible to: * Websites you visit, including the ads and resources used on those sites * Search engines


Yet, the first click from "learn more" has even more confusing language:


> Chrome doesn’t tell websites, including Google, when you're browsing privately in Incognito mode.

It seems that you really have to dig to get to the parts that tell you clearly that Google is one of the "websites that track you" that they're talking about.

> It is placing the onus on a layperson to understand the technicalities of how third-party advertising trackers work.

No they aren't. It's spelled out entirely when you just open incognito mode. It specifically says "Chrome won't save the following information" and also specifically says "Your activity might still be visible to websites you visit"

You don't have to dig into any help articles or have deep technical knowledge of how Google Analytics works. Open up incognito and it's all right there right in front of you.

A layperson would understand the phase "website you visit" to be the name at the top of the page. Google leaves out the fact that the vast majority of those websites you visit also include their trackers... and they do not even suggest this as a possibility unless you dig into their help articles. The initial page doesn't mention that the list of those who can track you is incomplete and is conveniently missing themselves.

A layperson also understands that when a company says "this product does X" they don't mean "everything we make does X."

Sometimes. [0] There are ways that statements can be made 100% textually correct, but semantically misleading. Other companies have done this before to mislead people, with varying degrees of legal success.[1] What a court would be interested is not whether Google is technically correct, but whether they misled people. They are in a unique position in this case to monetarily profit from misleading people, which may be something that would look bad in court.

0: For example: ask anyone who works at a helpdesk what it means when someone says "my Google doesn't work"

1: For example: Regulatory action against AT&T for "unlimited data" claims

> It is placing the onus on a layperson to understand the technicalities of how third-party advertising trackers work.

Let's remove computers from laypersons because they can't understand simple English. /s

Seems to me that the end result of such a lawsuit, if it moves forward, is that Chrome will drop the feature. It's not like it has any legal requirement to provide a feature like Incognito and if the courts decide that it can be easily misunderstood (and if it costs Google actual money because of that decision) then why spend engineering time providing such a feature.

I think it's obvious that they were mislead. If you allow this form of defence, then I can, on one hand, sell you a privacy product, and on the other, have my subsidiary, which knows exactly how to get around it, spy on you and sell your data. Both entities are controlled by the same holding company, their 'separateness' is legal fiction.

Its basically like insider trading. You are playing both sides.

But suppose I were to take your argument - are the entities actually separate? Is Chrome development not funded by revenue from google ads? They would not pass any kind of test for 'independance'

> all three being "Google" is not sufficient for the public to reasonably expect that "private browsing" means Google will still be monitoring you

The reasonable expectation to have is that nobody is monitoring you in the first place. This is doubly true when using private browsing features. Anyone violating this assumption is obviously guilty: the first group did not explicitly consent and the second group explicitly did not consent.

It's not just in the EULA. It's in plain english right there when you go into Incognito mode.

"Chrome will not save the following information"

"Your activity might still be visible to websites you visit"

But Nike Air is a product and Nike is a Company. What are you trying to convey????

Takata is a company. They produced defective airbags...

No. Chrome is doing exactly what it says it is. It's different data, used for different purposes, by different entities. That's a huge legal difference, and also a significant practical one.

Or it's by the different parts of the same entity. Why are you confident that Google's internal choices about organizing their business are what win the day here, rather than Google's interface with the consumer?

No. Chrome is owned by Google. Claiming otherwise is like punching someone in the face with your right hand, and then telling the judge your right hand is a separate entity.

Is it? What about X-Client-Data header?

It's all stuff from Google but in the hands of different people.

Google Analytics is installed by the owner of the website; it makes a promise to them: it collects everything it can.

If Google Analytics actually ignored data from Chrome in Incognito mode, it raises some questions:

* How does it detect that, exactly?

* Is there an unfair competition aspect to it? What about other browsers, not from Google?

> If Google Analytics actually ignored data from Chrome in Incognito mode, it raises some questions: How does it detect that, exactly?

The most honest implementation would be to set the DNT header in incognito mode (as Firefox apparently does) and to have Analytics honor it. Does not require anything shady/anticompetitive

This. Would be amazing to have a ruling enforcing DNT on GA, even if for Incognito since that gives backing to the DNT header, which has mostly been "don't honor" for advertisers.

As long as I can disable it (because DNT provides a pretty strong identification signal right now).

Yeah, making incognito mode detectable would be a huge privacy issue: it would enable blocking users based on incognito and all sorts of other bad issues.

If incognito mode is undetectable, there’s no way for Google Analytics to distinguish between “cross-device” traffic from an incognito window vs. from a phone and a laptop. Whether or not cross-decide tracking is good or bad, it’s irrelevant to this question.

How is blocking incognito a bad thing? Right there it should tell the user they need to avoid that site at any price.

I'm pretty sure incognito is detectable right now. I'm always going to assume it is.

That second point is really interesting. It seems sketchy on both ends, really. Either they are intentionally circumventing their own privacy feature, or they are giving their own browser an unfair competitive advantage.

Huh, maybe the level of integration here is just inherently problematic and companies shouldn't try to fulfill every role in the market.

> How does it detect that, exactly?

Detect that chrome didn't send the x-client-data id it sends to every google owned domain. Oh, wait, it probably still does that in incognito mode.

What other browser hold 70/80% of the market?

The difference seems pretty meaningful. Google analytics really has nothing to do with Chrome in this context, the same thing would be true in any browser visiting a site with Google analytics tracking.

Chrome is designed to give Google control of the information it collects. That is the only reason it exists. It has everything to do with GA. They're not burning millions on developers out of goodwill.

> Chrome is designed to give Google control of the information it collects

Sure, but chrome does not do this in incognito mode, same as any other private mode browser, there's nothing specific about chrome that allows GA to collect your analytics in incognito mode, GA can do so in any browser.

Says who? Not according to the public discussions at the time it was started.

Not quite. Having a blanket "Google doesn't track you" statement doesn't capture the complexity of reality: what if the website you're browsing is using Firebase for their authentication, or Google Pay for payment. I'm certain most users would want the website to function correctly, otherwise it defeats the point of using incognito. In all of these cases, Google will have a record of you, even if those records are not actively joined. Where do you draw the line?

Maybe it's the perfect time to seriously consider whether Google should be split up. They control everything. From a nameserver, through a web browser, to online services and advertisement.

I would agree. It's an interesting position to be put in. I think most of us in tech can see the technical separation between the two bits of software, and likely feel like Google Chrome is not responsible for Google Analytic's actions, but I wonder if the court will see it that way. I think it's not an unreasonable take that if a user has let Google know it doesn't want to be tracked, that Google shouldn't track them with any of the technology they have.

> I think it's not an unreasonable take that if a user has let Google know it doesn't want to be tracked, that Google shouldn't track them with any of the technology they have.

So the same people saying Google is a monopoly would say they must then further abuse their monopoly position to stop Google Analytics from tracking specifically Google Chrome users in incognito mode?

The only correct outcome of this case is for those involved to realize that a browsers' "private browsing" mode is referring to a completely different type of privacy. It has nothing to do with whether Google Analytics is present in a website. Unless they want to rule that websites can't track users at-all (and what does that even mean?) when they're browsing in private mode (and how would they know?), but that would be omnibus legislating from the bench.

I don't think that's abusing their monopoly, it's acknowledging that they are a monopoly and so they should be held accountable as a wholistic entity.

I don't have a legislative outcome in mind, but I would like to point out that "Do Not Track" program was an attempt to do exactly what your second paragraph suggests, it just had no teeth and was entirely voluntary. I really don't think it's too big of an ask to not track someone flagging they don't want to be tracked, and if it takes regulation to do that then so be it. Ad-tech needs a wake up call to start behaving more ethically.

> I don't think that's abusing their monopoly, it's acknowledging that they are a monopoly and so they should be held accountable as a wholistic entity.

The reason it would be abusing their monopoly is that Firefox and Edge private mode browsers would not get the same treatment. Google Analytics would still be active for them in private mode.

The only ways out for parties here are:

* Accept the way technology works, that browsers are separate from code that runs on websites, and acknowledge that users can be tracked regardless of what their browser chooses to do

* Mandate that Google devise a way to stop tracking for all browsers in private mode (not a technically possible solution; judicial overreach), or just for Google Chrome (possible; but amplifies their monopoly because it would be a privacy incentive for users to switch to Chrome, a Google product; is also judicial overreach)

* Mandate that browsers have a standard way to indicate to websites that they do not want to "be tracked" and websites must respect that (and I don't have to tell you that this one is judicial overreach :) )

So, that's why I say the only way forward that makes sense for this case is for the plaintiffs to drop it. There's no acceptable judicial recourse for them here. They can lobby the legislature if they want to make it mandatory that ad networks respect the abandoned Do-Not-Track header.

Another outcome is for Chrome to drop the feature. I think that's far cheaper than the alternatives considered.

I mean, it's all Google, right? If Google analytics is de-anonymizing you in incognito mode, does it matter if Google build a back door into Chrome, or whether they just didn't develop patches in Chrome to plug whatever workaround it's own tool was using?

Furthermore, wouldn't a reasonable person expect when a company offers a product with a privacy feature, that at the very least it would provide privacy from trackers that the very same company controls?

How can there be a reasonable expectation that websites won't track users in incognito mode when browsers don't give websites that information (unless the website works it out in a backwards way)?

Firefox sets the Do-Not-Track flag when you're browsing in Incognito mode. I think it's only Chrome that doesn't provide that information. So it's entirely possible for your analytics trackers to not forward those analytics on for users who are in Incognito mode if those users are using a browser like Firefox.

Do-Not-Track failed. According to Wikipedia, Apple dropped support and not many people adopted it anyway.

It was always doomed to fail. You're asking the wolves not to eat you by setting an HTTP header. If these companies were the kind to care about the honor system, they wouldn't be tracking you in the first place.

I think the point jschwartzi was trying to make is that Do Not Track paired with legislation requiring companies to honor it could be a reasonable solution.

I'd still end up having to disable it because there are plenty of trackers that are not bound by US laws (or any laws) and providing DNT is a stronger identification signal than not giving it.

It is like the "Evil Bit" in rfc3514[0]. But if thus judge forces DNT on Incognito to be honored by Google, it could result in some adoption?

[0]: http://www.faqs.org/rfcs/rfc3514.html

Regulation around Do-Not-Track failed, as it often does when captured by industry. The Do Not Call list started in 2003, but it seems it's starting to be taken a lot more seriously lately. Everyone should keep using Do-Not-Track and somehow logging/reporting/publishing violations of it (although I don't even know to whom -- maybe the best we can do is a version of plaintextoffenders for now). It can eventually end up as ammunition for a future bill to actually start regulating this effectively. Calling it a failure and abandoning it is not going to help.

> The Do Not Call list started in 2003, but it seems it's starting to be taken a lot more seriously lately.

Is it though?

I'd say Do-Not-Call is a failure. Much like CAN-SPAM. Both are 2003. Check the calendar. I'm still wading through more spam than ever in my inbox and getting an ever increasing number of scammers calling my cell phone.

The problem is always going to be that you need a watchdog with teeth. As we've seen in recent years, all of these government three letter agencies can be gutted simply by swapping in some corporate patsy at the top. Maybe you can beg the government mommy for your freedom and law enforcement back in 4-8 years. Antitrust laws exist. How many decades have we gone now since actual, serious enforcement?

Shouldn't Do-Not-Track be the default anyway? Why must we opt out of tracking, spam calls, and spam emails?

And, of course, the elephant in the room is: who wants spam calls, spam emails, and tracking in the first place? No one! No one would opt in to any of that crap. Which is why the laws are carefully designed for apathy and toothless enforcement.

If you want to talk legislation then talk legislation. If you want to talk tech solutions then talk tech solutions. But an HTTP header is neither of those things.

Imagine we all just drop encryption. Instead we just pass a flag in the TCP header that says "please don't look at my data passing through this network." Yeah that sounds insane, right?

DNT was about trying to avoid government regulation. It was an opportunity for the ad industry to show that it could self-regulate and respect people's choices. Now that it has failed, the next step is for the government to step in and mandate privacy protections.

The only chance it had was the EU (or California, or some other influential region) mandating compliance. I still don't get why the EU didn't do it (either using the existing DNT header or a new one). That could easily put an end to the cookie dialogs.

Upon opening an Incognito tab, Chrome warns you that your activity might be visible to websites that you visit. I'm sure Google's attorneys are aware of this.

Chrome warns you that websites that you visit may still track you. It doesn't warn you that Google, who owns Chrome, will still track you, which would put the lie to "incognito" anyway.

It's as silly as if I ran an "anonymous" clinic where you didn't have to give your name, but my employees were instructed to figure out who you were by running in-house facial recognition software and to place the results in your file. That's materially different than warning people that "although our clinic is anonymous, you may be recognized in the waiting room by other patients" which is the way people understand Chrome's warning.

There are many sites on the internet, and other clinics to visit in your metaphor.

>Upon opening an Incognito tab, Chrome warns you that your activity might be visible to websites that you visit. I'm sure Google's attorneys are aware of this.

To a layperson, there is a marked difference between activity and identity - there is nothing on the tab that states that the identity of the user is still discoverable.

You make a good point. There are trusting people, and then there are software devs and lawyers.

Why is this a surprising thing? The only thing incognito mode does is that your browser doesn't remember what you surfed on the internet, pretty much everything else is fair game. Your ISPs know what you're upto, adtech is so advanced that they can still track you purely based on your IP, all the websites pretty much know who you are (if you've visited them before) even if you don't log in, why is it so surprising?

Wasn't Incognito pretty much built so you could go to PornHub without every time you type P in your address bar it shows everyone looking at your screen what kind of porn you're into?

Did Incognito give anyone any indication that it was somehow making you untrackable? It just meant that the browser itself wasn't storing what you were doing.

Incognito mode includes the following text on the new tab screen:

> Now you can browse privately, and other people who use this device won't see your activity. However, downloads and bookmarks will be saved.

> Chrome won't save the following information: Your browsing history, Cookies and site data, Information entered in forms

> Your activity might still be visible to: Websites you visit, Your employer or school, Your internet service provider.

I'm normally a pretty pro-digital privacy person, because I believe the odds are stacked against average consumers to an unimaginable degree. That said, I don't believe incognito mode is misleading about what it achieves. I think it's pretty upfront about what it does and what it doesn't do.

It would be interesting to see counterproofs to the claim that "other people who use this device won't see your activity". They might not see it in Chrome, but what if I search pregnancy tests and then another user of the same device sees Google Ads for pregnancy tests, or for baby products? They'll reasonably infer someone was looking for them and this might put lives in danger.

The example is not theoretical: https://www.ftc.gov/news-events/blogs/business-blog/2021/01/...

I get the complaint, when the browser and analytics stack are both Google.

But what if the browser is Incognito Chrome, and the analytics is another company, say Adobe? Does the browser industry need a universal way to signal browsing is in "incognito" and then all analytics and tracking software MUST adhere to that, or what?

There's already the Do Not Track header, which is supposed to serve exactly this purpose. Its problem is it has no teeth.


Yes! You are right that it lacks teeth, but also maybe doesn't go far enough. I think that's where some hoped the GPC would come in.

Also, does it mean that Amazon shouldn't log general traffic, that they later decide the analyze? Even Anonymized, that data holds value to the target site, even if it were never traded/sold/etc.

Lot of room for improvement beyond DNT, GPC, etc.

I think the question then becomes, is Google able to tie your Incongnito activity back to your regular activity?

Obviously yes. The activity comes from the same IP address, user-agent and everything.

That's a pretty vague and ultimately meaningless distinction. You use a Google product that says it's not going to track you, and then it tracks you and sends your data to Google's servers.

The fact that the link to Google's servers is on "other websites" doesn't really change the basic reality of what is happening.

But in context chrome doesn't track you. The website you visit tracks you.

But in context falling out of a plane doesn't kill you. The land you hit kills you.

To use your metaphor, if you jump out of a Boeing plane and land on a Boeing factory, it's not Boeing's fault that your parachute failed.

well it is if they sold you the Boeing parachute that says "makes your fall safe"

And then people go "but it was the landing, not the fall that killed you! The contract didn't say anything about that! "

But they don't. They manufactured the plane, and even had a warning on the door that jumping out is dangerous since parachutes can fail!

I guess I should modify my comment above. You can't sue them for the plane being broken, which is what this suit is.

Going incognito on Chromium still gives a warning that it does little for website tracking and purely does not save browsing history.

So one can browse the finest pornography[1] without one's cohabitants finding out.

[1] https://nhentai.net/g/335688/3/

The problem is that google refuse to fix bugs that allow fingerprinting. Those bugs can be years old!! This is why we need laws that force devs to fix privacy and security bugs or pay HUGE!!! fines. Hit them where it hurts. If each unfixed bug costs them 25% of the company's total worth per MONTH while it remains unfixed I bet they will fix them very fast. The dev tools window is still detectable by malicious javascript on sites. That stops and hides when the dev tools window is detected. I am certain google use that detection for their malicious behavior too. Why else drag their feet? They are hypocritical. First they are anal-retentive about security and on the other hand they ignore bugs for years.

Not to mention the double standard google have. Long ago they fixed chrome to detect auto-installed extensions when you installed other software and yet google is doing the same bloody thing themselves. Try it yourself on a fresh new profile and check the extension page and the extension folder. Extensions are auto installed without permission. Manually removing them doesn't work either. They will be reinstalled.

Edit: Speaking the truth will get you down voted. It's hilarious people down vote instead of coming with a counter argument. Perhaps they are so annoyed because they can't make a legitimate excuse for that nasty malicious behavior.

People often defend companies with explanations of how the world is, when common folk often expect (or just want) the world to behave differently.

Is it unreasonable to want, or even expect, an incognito window to disable all forms of tracking?

Wouldn't the world be far better if a phone alerted me to an app scanning my local area network or contacts? Or if I got warnings when it took such actions?

I think us tech folks need to, collectively, stop defending companies reasoning and explanations for the world they created, and start standing with and for a world which matches common folks expectations. It really seems like a better world.


EDIT: Ask what the layperson would think tracking is! Imagining the answer is pretty simple "a website [or the web at large] learning or remembering anything about me." If we start from there, rather than the mumbo-jumbo thrown at us, we can make progress.

> Is it unreasonable to want, or even expect, an incognito window to disable all forms of tracking?

"Tracking" is a nebulous term. If a company records your visit in their logs, is that tracking? If they increment a counter every time someone visits a page, is that tracking? If a user logs in under Incognito Mode and the site records their new last login IP and timestamp, is that tracking? These questions would have sounded facetious years ago, but now nearly every form of user tracking has come under scrutiny.

The common confusion is that Incognito mode isn't equivalent to using Tor or a VPN. For 99% of cases, that doesn't really matter. Explaining the distinction to the average user is a challenge, though.

> Wouldn't the world be far better if a phone alerted me to an app scanning my local area network or contacts? Or if I got warnings when it took such actions?

Modern phone OSes will ask for permission if an app wants to access your local network, your contacts, or your photos. That's not the concern here, though.

I'm not sure how tracking is nebulous. If you want to identify an anonymous counter, or keep depersonalised logs, or IP logs for security, that's fine; it can't identify the user. (Maybe IP logs could)

Essentially you can boil "tracking" to two main sources: when there's data collected without a legitimate purpose for doing so, and when data is collected to the point that could identify a user, but no explicit consent is given.

Take for example a Facebook comment section on a third party site. It'd be fine to click the comments and have a quick prompt for Facebook to interact – the comment is public, so it's known to all. But if the user never comments, Facebook has no right to be aware the user was ever there; that's tracking.

You could make the extended argument that overcorrelation of data for advertising is tracking in a sense, as this would cover intra-site tracking (e.g. a shopping site knowing you're pregnant before you know yourself.) This is a little more nebulous to define, as it's hard to define who it benefits If your phone launcher suggests an app, or Uber suggests a location, that's because it wants to save time. But if a shopping site suggests a product, that's advertising, and should be given explicit consent.

> If you want to identify an anonymous counter, or keep depersonalised logs, or IP logs for security, that's fine; it can't identify the user. (Maybe IP logs could)

Some laypeople would disagree.

That's what it means to be "nebulous". A term like "tracking" needs to be defined in technical/legal language. You can't simply ask a random sample of the entire world's population and expect to get a consistent answer about what should be allowed and what should not.

There is no such need. Plenty of laws are based on what a "reasonable person"[1] would believe rather than based on an objective standard.

[1] https://en.wikipedia.org/wiki/Reasonable_person

the gdpr managed to do that. the solution is to focus on user experience and privacy not technical details as counters or ip addresses

By your definition Google Analytics is not tracking because they disallow PII.

> when there's data collected without a legitimate purpose for doing so

Who gets to decide what's legitimate? Most people would agree that detecting and fixing crashes is a legitimate usecase, but most of HN is probably staunchly against Windows telemetry.

It is quite easy to answer in legal terms, tracking is about gathering, collecting, and linking together Personally Identifying Information.

if you track my incognito sessions but what gather makes you unable to (statistically) associate me with my non-incognito sessions that is not tracking.

incrementing a counter for the number of visits is not tracking, recording my mouse move patterns to a precision where you are able to identify me "biometrically" is tracking.

it is not about what technology you are using it is about your data gathering is being used/can be used to populate a personally identifying profile about me

(I admit that tracking is nebulous in one sense: suppose that I have recorded internet usage patterns of 20% of the population with complete and accurate data collection, using sophisticate AI models I am now able to identify your age/gender just by how you scroll a page, even without remembering anything about your session, I can calculate this on the fly. this is essentially what Cambridge Analytica did and it is nebulous "who" they were tracking, the original users or you?)

> Is it unreasonable to want, or even expect, an incognito window to disable all forms of tracking?

> Ask what the layperson would think tracking is!

No. No no no no no. There is a serious problem with this line of thinking. Lay people cannot dictate how technology must work. Because they don't understand what is possible.

This post is like the famous quote from that Australian politician

> The laws of mathematics are very commendable, but the only law that applies in Australia is the law of Australia

It's simply not appropriate to assume that just because a lay person wants something to be true, that it must somehow be possible to actually do.

> Lay people cannot dictate how technology must work.

That's an extraordinarily elitist view that, frankly, raises my hackles. It's worth remembering that the entire framing of entire political systems was and is done by non-technical "lay" people.

> It's simply not appropriate to assume that just because a lay person wants something to be true, that it must somehow be possible to actually do.

That's got everything backward. Regulation is about limiting technology's intrusion into our lives, technology that did not exist just short years and decades ago. Since we lived without this technology (by definition) since the dawn of man, clearly it is technically feasible.

The attitude above is basically arguing for a technocracy where the "lay" people just have to suck it up and accept whatever their overlords thrust on them. Hint: it's gonna be heavily weighted to those overlords making money and taking choice away.

I don't think it's elitist, it's really just HCD, no? We know that users are great at helping engineers hone in on their problems, but not so much their solutions - the whole "faster horse" thing.

There's more than one problem here, but one main one seems to be that users don't understand that incognito is more about your own computer (cookies, history) than the web's ability to do its thing.

Solutions could be anything, from do not track toggles and added incognito funtionality, to a simple visual indicating the point of incognito, to some trivial copy/branding changes.

Here's how I want encryption to work: it should be unbreakable when it's used to encrypt communication between journalists and their sources, but it should be breakable when used to encrypt communications between terrorists. I really "want [this thing] to be true". So why doesn't it work like this?

Would you ask someone random off the street to invent a COVID vaccine? To treat someone with cancer? To represent you in a homicide trial? Maybe you could get them to opine about what interest rates to set at the Fed?

We hire scientists, doctors and lawyers to do those things. No one thinks it's "elitist" to say that lay people's opinions on how to do those jobs is worse than irrelevant.

We need to accept that "computer technology" is one of those things that is simply too difficult for most people to simply intuitively know about without actually putting in the effort to understand it.

You don't think its appropriate for users to have informed consent?

No one is saying that since my father wants the tv to just know what he wants to watch, that we should even attempt to make it that way.

What the "lay people" want, if we are going to use this term, is the same privacy that the internet had 2 decades ago. It's not like things didn't work this way previously.

Two decades ago, the internet wasn't even encrypted. You're living in a fantasy history.

> The laws of mathematics are very commendable, but the only law that applies in Australia is the law of Australia

Isn't this true though. If a country decided one day that 2+2=5 and wrote laws around it and enforced it then in that country you have to say 2+2=5 even if the laws of mathematics would disagree. It would be a dystopian place to live but that's just how laws work (assuming we're talking about some sort of authoritative regime where you can't challenge this law).

I think programmers are at a much greater luxury though because there is not really a thing called the laws of computer science. There are certain problems like P=NP or the halting problem but ad tracking is so far removed from that to the point that if we decided one day that it made sense to outlaw tracking, it could be done. It would kill a lot of businesses and would probably be a bad thing but to say that we shouldn't take into account lay people's wants when designing software systems is wrong.

It's not really true because Australia can't "enforce" 2+2=5, they can only punish Australians who say otherwise, which isn't meaningful enforcement.

Suppose that Australia enacts a law that says: passwords must only be accessible to the government but no one else. How can Australia reliably enforce that? Regardless of what the government decrees, other people can exploit the same backdoors that the government uses to access passwords. At most, they can punish people who do that against their wishes, but only after the password has already been accessed and only if they find out. Governments aren't omniscient or omnipotent, what they can enforce is limited by natural laws. We have yet to find a way to overcome natural laws.

If lay people are misunderstanding what incognito does, and cannot be expected to understand how it truly functions then Google shouldn't be allowed to advertise it to lay people in the way that they do.

It'd be easiest to just not provide incognito mode at all, than allow another footgun into the hands of the public at large in a way that only benefits Google.

I think though that people can be made to understand with better education and examples in a reasonable time period.

Man. So many comments responding with more descriptions of the world tech companies created. Fascinating how much even us tech folk don't realize how much of our work environment is subject to design.

The problem is that "tracking" has no meaning, unless you are trying to align the wheels on a car. It has no definition in the language, no definition as industry jargon, and definitely no definition in the law.

Why don't you ask the layperson what they think Chrome's Incognito mode is for? The answer I imagine is also pretty simple: "hide my porn habits from my family or friends". It's what everyone I know expects and what I expect, and that's what Incognito does. If anything, it's the tech folks who get hung up on what "tracking" means.

> Is it unreasonable to want, or even expect, an incognito window to disable all forms of tracking?

Yes, because the product explicitly says it does not do that.

Your activity might still be visible to:

- Websites you visit

- Your employer or school

- Your internet service provider

>Is it unreasonable to want, or even expect, an incognito window to disable all forms of tracking?

No, because incognito doesn't have power over what sites do with request data.

As for the layperson, I think they hold the (reasonable) model that an incognito session is just like using a burner phone that you throw away after: it creates a dummy identity separate from your normal one. So at worst, the places you call can compare notes and see that the same number called both of them, and they might also secretly log or record the calls. A burner phone doesn't prevent any of that, and neither would incognito (prevent the analog of).

However, if the phone companies somehow learned which people bought which burner phones, and shared their "normal" info with anyone who asked about a particular burner phone, then yes, that would break the expectation/agreement, and it sounds like Google does something similar to that.

> incognito doesn't have power over what sites do with request data

Again, this is just a description of how the world works. It says nothing about how the world could work. Incognito could turn your browser into a Tor client, or use a random sequence of VPNs to tunnel your traffic, or both, for example.

Fair enough -- I agree that there's more that a browser can do to protect your privacy. But I was mainly speaking to the question of what a reasonable user can expect, given what incognito mode communicates to them. And that reasonable expectation is "browser works the same, except with a new dummy identity", just like a burner phone vs your regular cell phone.

A mode like you describe is great, but I wouldn't expect a browser's built-in privacy mode to do all of that by default.

(And, FWIW, even then my statement is true. Even with the max privacy protections, once your request data has reached their servers, you can't do anything about their data storage by technical means. So even with a Tor client, if you've logged in and have to persist cookies to maintain session state, you can expect that the site to match identities across VPNs/Tor endpoints.)

Your last paragraph is exactly right: the problem is that it's doubtful that Incognito mode actually produces burner identities. If all Incognito does is create a temporary cookie jar, there are plenty of other ways to fingerprint a browser that would persist across Incognito sessions. The average user almost certainly doesn't realize that, and Google absolutely benefits from keeping up the pretense of privacy in Incognito.

Well said! We're so deep in the details that we can't see that every long-winded explanation sounds like total BS to regular people but is really just a subconscious apology.

You might enjoy this article about "positive" and "negative" definitions of liberty (and discussion about whether a a clear division like that really exists) from Stanford's Encyclopedia of Philosophy: https://plato.stanford.edu/entries/liberty-positive-negative...

I wonder if this could be the case where Chrome's dominant position would bite Google in the ass.

Because if you're just a website, you do what you can with the information provided to you by the user agent (browser).

But if you're also the browser manufacturer which provides an "incognito" option, and your other (main) property explicitly goes around it as much as it can... that smells bad.

I would say that, yes, no one wants "incognito" or "private browsing" to prevent any kind of tracking. Wouldn't this render the majority of websites useless? The average person is probably looking for something that allows tracking of some information by sites they deliberately want to use but not as much (or at all) for third party websites. Except third party sites that they use to log into sites that they want use. And so on.

Neither of these features is meant to address the use-case you outline: browsing the internet free of tracking. I do think there is a market for such a mode, but both "incognito" and "private browsing" are meant to hide your activity from _the physical computer you are using._ You would want to use this mode if you are using a shared computer, like in a library or a computer lab.

I think people are conflating Chrome and Google Search. A better example is Chrome and Facebook. Chrome Incognito can appear as an anonymous user but how is Chrome supposed to prevent Facebook from storing ip addresses and clicks?

Upton Sinclair is why you see this behaviour. Google pays well, very well indeed.

I hate tracking as much as the next person, but a simple reading of the "You've gone incognito" screen ought to make obvious that its primary purpose is to hide your activity from others who use the same device. It's literally written on the first line:

"Now you can browse privately, and other people who use this device won't see your activity."

It goes on to list other technical specifics about what is not saved, but those are pretty much just sub-points. I'm not sure it's fair to expect Incognito to do something it's not meant to do.

(I worked on Chrome.) I remember struggling over how to word this page. At a technical level Chrome the program can only control what it itself does, which is also what the page promises. Unfortunately despite that the result is still confusing to users (and judges, it appears).

chrome the program could not make network requests to known tracking domains

Then websites would be able to tell if you were browsing with incognito on. Isn't that itself a privacy issue?

This is the irony here, to achieve what these people ask, Incognito mode itself would have to become inherently less private, for the sole purpose of stopping Google Analytics, but every other tracking service would probably become even more powerful.

uBlock Origin will do this for you, if you want that level of privacy. You do have to specifically allow it to operate under Incognito Mode, but then it "just works".

Yes, it's an add-on and not built into Chrome... and yes you have to know about it to install it in the first place. I'm not exactly sure that's a problem though - if you are technical enough to navigate through settings menus in your browser, understand what the settings mean and toggle options (presumable to enable some built-in version of uBlock Origin), then you clearly have the capability to install the add-on.

It's pretty funny how quickly the principles behind "net neutrality" (neutral platform, neutral pipes) fall to convenience.

I'm confused by your comment. Are you saying that browsers should connect to any host any website tells them to because of net neutrality?

Yes, a browser should be content-agnostic.

Browsers filtering "known trackers" is a very quick slide into "known malware", "known spammers", "known foreign propaganda", "known conspiracy theories", "known fake news", and more.

It's the exact path that social media and other online platforms took, and guess what? The same companies build browsers.

A browser should let the user control their browsing experience and make it extremely easy to block all manner of user hostile content, starting with trackers.

I don't disagree with you, but I think parent's point still stands that "user hostile content" is defined by a company that could change their definition at any time.

A truly user friendly solution would be to allow community curation of blocklists and full user control over which they choose to enable. Google is not interested in providing a good user experience though, they're interested in sucking out as much value from the user as possible, using dark patterns when convenient.

With that, I also agree that Google couldn't be trusted to editorialize.

No. "User hostile content" is defined by the user.

Google's whole business model is user tracking though. If they can't spy on you they go belly up, so chances are they won't stop spying on you.

Related: I don't understand why people choose to work for Google

I find it's the reverse:

"You've gone incognito" doesn't mean what it says on the tin.

It means "You've gone incognito... from other users of this computer, not from us. From us you're still plenty cognito."

Yeah but you are conflating the "tagline" with the full message.

By that regard, you aren't buying Apples, you are buying "Golden Delicious Apples certified organic by the State of California and could contain random chemical that might cause cancer to you"

Still apples, but now you question whether they are truly edible or safe, which you used to assume about all apples

In that analogy, it would be buying apples, but they only taste like apples. Underneath they’re oranges and always have been, and the little sticker on them says “Apple-seeming oranges”, so the consumer should have known.

When it came out it was don't save cookies so I can't be tracked.

Now that it is known google can track you outside of stored cookies it should probably be relabelled to no persistant cookies mode and leave the idea of incognito. Using that word makes it seem like you are using tor.

I think this is a difference between what someone who knows what's going on under the hood understands the disclaimer to mean, and what other/most people understand it.

The disclaimer put front and center is designed to tell you exactly what is going on. But, I'm not at all surprised that most people assume incognito/private modes provide far more protection than they actually do.

This is a fairly difficult and important technical communication problem: To make sure that most people after reading something understand what is meant. It's why you end up with all those really stupid sounding disclaimers on various products not do stupid things that seem obvious not to do.

Only because of the tension between honest communication and marketing. It is not shameful for a feature to be used less because it's misunderstood, but KPI's and product managers don't see the world that way, thus the tension.

I don't think that's always the case or completely the case here.

What is actually communicated is dependent on both parties in the communication. An entirely accurate statement can be made by one party, intended to communicate the facts in good faith. However, depending on what the second party knows, the statement may not actually communicate what was intended or what is true and accurate.

The difficulty then is saying something which is short enough to actually get read and still communicates to a large majority of people an accurate understanding of the situation.

Again, this is the best case where the people making the statement are acting in good faith. It all goes down hill from there though, if they are actually trying to mislead.


"you can browse privately, and"


"you can browse privately, in the sense that"

What does a user think browse privately means? Do they think it means "your browsing is shared with third-party data brokers that aren't displayed in the UI at all and you might not know exists?

It's one thing to say "well obviously we can't control what you choose to do with foobar.com"; it's another to say, "the same legal person who told you 'you can browse privately' is buying your browsing data from foobar.com".

Why not say,

"Now other people who use this device won't see your activity."

What does the bit before the 'and' mean?

I read it as "Now you can browse privately, and [therefore] other people who use this device won't see your activity."

Except that if Google is still tracking you, you're not browsing privately.

Right, unless you interpret the second half of the sentence as clarifying or defining the first. Which I do. If may not be your preferred definition of "private", but it is a definition of private.

To paraphrase it another way, it says "what you do on your browser is hidden, specifically it is hidden from other people who would try to find out using this device"

Further, given the overall ambiguity of English, and given the goal is something casual, not legalese, the way it is phrased is reasonable.

Actually, that raises an interesting point, how is this phrase rendered by chrome for other languages, and do any of them phrase it in a less ambiguous way?

Fun story, if you have a Gmail account and share it with many people. Gmail won't like it people logging in from a lot of different places... except when in incognito mode, then you can login without issue.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact