Hacker News new | past | comments | ask | show | jobs | submit login
Google finally revealed how much personal data they collect in Chrome (twitter.com/duckduckgo)
374 points by URfejk 4 months ago | hide | past | favorite | 239 comments

A company that purchases data from another search engine (that most likely also uses aggregated personal data to deliver results) with just two products (search + browser) compares its app data usage to a behemoth that strives for the most personalized experience possible in exchange for personal data in order to display personalized ads.

Google's apps offer opt-in voice search (solving Audio), optional end to end encryption for bookmarks & search history (solving Browsing History), while location and diagnostics are opt in as well and it's also up to you if you want to store your address book of store you credit card with Google (solving Contacts & Financial Info).

Yes, most people will probably use Google Contacts, Maps, unencrypted bookmarks & browsing history and and store their credit card data in the browser, but you're not forced to do that.

I really wish DDG would innovate on search, improve their own crawlers & indexing and then attack Google head on by comparing better results with the ad-ridden, SEO-flooded shit show that Google results have become. Instead, their marketing keeps on comparing apples to oranges and just keeps on playing the privacy angle, which is intellectually dishonest because DDG and Google have completely different goals.

Boy do I hope for some real competition in the search engine market. Brave and Neeva can't launch soon enough. I'm so sick and tired of giving DDG changes upon changes only to switch back to Google because the results haven't improved much.

> I really wish DDG would innovate on search, improve their own crawlers & indexing and then attack Google head on by comparing better results with the ad-ridden, SEO-flooded shit show that Google results have become.

DuckDuckGo's organic results are proxied from Bing (or sometimes Yandex). Their crawler (DuckDuckBot) just fetches favicons and scrapes data for a few Instant Answers.

Most of DuckDuckGo's non-privacy-related selling points are their instant answers, which in my experience are really good.

Alternative indexing engines to the "Big Three" English indexers (Google, Bing, Yandex) with decent privacy include Mojeek, Right Dao, Gigablast, Gowiki, wbsrch, and others. I've counted 16 English alternatives in all.

> Most of DuckDuckGo's non-privacy-related selling points are their instant answers, which in my experience are really good.

And yet has no undeprecated pipeline for submitting non-"essential bug fixes" to[1].

I really love the idea of having an engine that does just a little bit more for me up front, but not if it's all closed off; that's what I'm trying to get away from.

[1]: https://duckduckhack.com/

Google just doesn't optimise their software and deployments. I can run searx, email, git, jitsi, invidious, and other various software on an old Xeon PC from aliexpress. Meanwhile youtube stores 10 versions of the same video on their platform, and dares bring up costs vs revenue arguments.

I guess the majority of people on HN already know this more or less. The problem is still this: We still don't have good alternatives to Google's products and services.

1) Android: Google still owns all our phones. Even on rooted phones it hard to remove google services that god know send so many requests containing whatnot to the eeee addresses. Just install no-root firewall and you will be amazed the amount of pending requests that accumulate in 1 hour.

2) Google search: I guess I can manage with DDG but when it's not that straight forward search, subconciosuly I'm still thinking that let's just do a quick google search to see if i'm not missing anything. And often I find better results. While adblocks makes sure I filter most of the crap.

3) Gmail: Yes there are alternatives but switching emails is hard. It's a big commitment for most people to switch a 10 year old gmail address. And it still works great at filtering spam and whatnot.

And same for maps, youtube and all their services.They really have a big leverage on everyone.

Quiting facebook and instagram was child's play in comparison. I haven't logged in for almost an year now. Quitting google is really hard otoh.

There is one good argument for Google, and that is it’s free as in beer. For most people, any price over $0 is a dealbreaker.

However, assuming you’re willing to pay for privacy, switching e-mail is super easy. For example, from the Fastmail UI, you literally log in to your Google account and all your mail is transferred to Fastmail.

Switching to DDG? It’s 95% as good.

Switching to Apple Maps or OSM? It’s 95% as good.

Google Drive? There are 100 competitors.

There is one site you cannot do without, and that is YouTube. Everything else from Google can easily be ditched, the only two things in your way could be a reluctance to pay money and a slight feeling of unease at having to get used to something else.

Switching to DDG? It’s 95% as good.

I would say for personal stuff (ie, non-programming) it is. For programming, I continually have to switch back to google. DDG is way worse for me. Maybe it's just me, but the types of things I search for just don't work on DDG and I've wasted way too much of my time looking for answers using DDG, only to find them quickly with Google. It totally frustrates me, because I would much rather use DDG.

Even for personal searches, I find myself using the g! operator in DDG about 50% of the time to find what I'm looking for.

Critical operators like "site:" are not available in DDG.

"site:" is definitely available in ddg and has been for a long time

> any price over $0 is a dealbreaker.

The user pays for Google in the end, just not consensually. It's a closed loop. All the money ultimately comes from the users. Product or politics, all advertisers are expecting to get some return.

Unfortunately it's in human nature to not want to pay. Search needs to be a utility that we all fund to make it the best tool for society.

> All the money ultimately comes from the users.

All the money comes from some of the users. Sure Google is collecting everyone's data, but in the end the vast majority of it is worthless. I'd be surprised if even 1% of users are profitable for the ecosystem. The tiny minority clicking on ads and buying products is subsidizing everyone else.

Software is free to make. Why would you ever pay for software when there are free alternatives?

Are we talking about the same Google? I don’t remember them taking money without my consent.

That is the genius of the design. The trick is, you give millions of people "free" email. Scraping emails aside, the real money comes from anyone that "needs" to email a large number of gmail/yahoo users. So if I am a business owner and 30% of my customers are using yahoo and 50% are using gmail and I have a lot of customers, the volume of email I will be sending to those companies is rather large. After a point I will have to buy into a whitelist/approve-list to get around throttling or being flagged as a spammer. Google/Yahoo don't know that you are my customer after all, so they have to prevent actual abuse of their system given the massive number of email accounts they host.

So I have to recoup that cost. I pass that cost onto all of my customers by mixing it into the cost of goods and services. If you buy things from me, even if you are not a subscriber to google/yahoo, you have in effect paid for those services. This is somewhat invisible to the people with those email addresses but does actually affect them, if only a little bit.

Google would tell you that you can simply start with a low volume and ramp up slowly. In reality this is simply not practical for most businesses. This gets into discussions around queue-per-domain management and rate-limit-per-domain, but quickly falls apart when you have to notify a large number of your customers on a time sensitive transaction that is out-of-band from their web browsing experience. A modern work around is to have a cell phone application for notifications rather than email assuming you let your own customers choose that over smtp in their profile. Another work around is to use an email campaign provider that already pays into the whitelists, but then I have to give your email address to a potentially shady company that may cross-sell / cross-market to you.

I switched to DDG and ProtonMail with very little effort, even after using multiple GMail accounts for well over a decade. I occasionally retry searches on Google if the DDG results aren't good enough, but Google rarely finds anything DDG can't.

Android has proven much more difficult to drop, although I'm hopeful that Librem and PinePhone are paving the way for an eventual alternative. I'm still using Android for now, but I at least try to source my apps from F-Droid instead of the Google Play Store.

Maps and YouTube have been a little difficult. I'm trying to use OsmAnd on my phone, but I still find myself going to Google Maps somewhat frequently. I've replaced the YouTube app on my phone with NewPipe and I try to watch content on alternative platforms when possible, but there's a lot of stuff posted exclusively on YouTube.

> I switched to DDG and ProtonMail with very little effort, even after using multiple GMail accounts for well over a decade. I occasionally retry searches on Google if the DDG results aren't good enough, but Google rarely finds anything DDG can't.

Same. Paid Protonmail was quick and easy to get my domains working, and DDG works 90% of the time. I occasionally have to throw things to Bing or Google but DDG is pretty good.

For any readers I strongly recommend buying a domain name and then trucking it to whatever email provider you want. Jonny-C-Doe.com let's you keep the same front end name while changing the back end if, say, you don't like protonmail.

Google Maps has the wrong street names near me, so I looked for something from OpenStreetMap. But there's nothing that works with Android Auto. In fact, there are only two Android Auto navigation apps, Google Maps and Waze. Both owned by Google, and Waze seems happy to send me through the most confusing intersections if it thinks it will save 5 seconds of driving time.

I've submitted multiple corrections to Google Maps and all of them eventually were fixed. I even got a same day response one time, with the longest taking about 3 weeks. I haven't made any corrections recently. Have you attempted to submit feedback on the Maps site?

+1 ... rather than complaining about it, leverage the editing functionality provided in there to make the maps better for everyone.

As counter anecdata, I've reported a concrete coatings company claiming to be inside of a post office. I've reported it several times over the course of several months and nothing has happened. See for yourself: https://goo.gl/maps/LvAZXpSJgURoUqYk8

And with the blackhole that is Google support, what's the point in feeding the beast? We're all better off using Open Street Map and not rewarding Google for their poor behavior.

Their website lists their address as a PO box which is probably causing problems. Some automated process added the business to Maps and the only solution might be for the business to take action and claim the listing on maps and update it.

OsmAnd (open source) [1] is working on it! [2] Here's the Github Issue [3].

[1]: https://osmand.net/

[2]: https://www.reddit.com/r/OsmAnd/comments/l17r3l/any_updates_...

[3]: https://github.com/osmandapp/Osmand/issues/3391

Have you tried https://www.magicearth.com? I’m using it on iOS where it supports Car Play. From a quick search it seems to me that it also supports Android Auto.

Android Auto was the biggest pain for me. I tried /e/OS, but for the life of me I couldn't get AA to work with MicroG.

For search: Use Startpage - gives you Google results with privacy.

For email: Most people have multiple emails - work, school, personal, from the early 2000s. It's not out of this world to switch to an encrypted email service.

Android: Never used it because I like iPhone. And, iPhone is a pretty great alternative to Android - definitely more private. But isn't there GrapheneOS and LineageOS?

> For search: Use Startpage - gives you Google results with privacy.

FYI, Ads company brought up Startpage. Despite their public statement with privacy for Startpage, I don't trust them since they can 180 it without any repercussion.

(Startpage employee) Privacy policy hasn't changed and that's legally binding.

"Marketing messages can claim almost anything, but a privacy policy has legal status." - Robert E.G. Beens, Startpage CEO and Co-founder

If you have questions, let me know.

Yes, are you aware billion dollar corporations get away with leaking terabytes of information, so a smalltime ad company will get away with leaking data over time? Are you aware someone has to manually pursue startpage?

If I can't ssh into their servers and have a look-see or run my own instance, then their claims are unverifiable.

You're completely right, Big Tech gets away with a lot - including collecting/selling a ton of data to make profit. That's because their revenue model is based on behavioral advertising. For Startpage it's always been based on contextual advertising. And, you don't need personal data for that.

And, it happens that System1 is interested in "capturing" that revenue from contextual advertising.

"System1 is interested in Startpage's ad revenue, not its data," the company said. "The reason a company like System1 openly owns other search engines and consumer tech products like Info.com and Mapquest is that they want to capture that ad revenue that is slowly shifting to private search engines. There has been a steady increase in people using private search engines and therefore a steady increase in their revenue. It is a growing market that they feel will continue to thrive and grow." (https://www.computing.co.uk/news/4017337/privacy-focused-sea...)

That being said: At the end of the day, it all comes back to trust. Even with OSS, you have to trust that they won't change the code. And, you should use products that you trust to best protect your privacy.

You really like to shill startpage for some reason despite a search engine needing 0 advertisements?

As mentioned above - I'm a Startpage employee. I know quite a bit about the subject so I jump in when it comes up.

Advertising on a search engine is main form of revenue > pays employees > updates > keeps current users and gets new users. You could make the argument for crowd sourcing, but it doesn't always work.

Interesting. I'm happy startpage gets revenue, whatever it is. I think I'll keep using ddg and a searx instance.

Switching from Gmail is basically zero effort. You configure Gmail to forward all your email to the new account. Done.

Email is generically really great in this regard. Very little lockin.

This is true but I think the point is about not having your email touch Google's servers - forwarding from your Gmail account means Google still gets to see your incoming email.

Spam filtering is the reason I use Gmail and set it up for my family.

I hate filtering spam, but it's outright dangerous to not have an effective spam/malware filter for my parents and children.

Switching email is the easiest, because service level is similar elsewhere. The migration just take a long time, but keeping the legacy gmail in parallel of the new account is not too bothersome. It's also a great occasion to use your own domain, so a future switch to another hosting is even easier.

YouTube alone has been a wonder of the world quite honestly.

Here's what I did for each point:

Android: iPhone. I don't know if I trust Apple more than Google, but at least on the surface level our interests align better. Might try a Librem 5 or Google-less Android in the future.

Google search: DDG. Agreed with your points there, sometimes it's tempting to go back to Google.

Gmail: Hey.com commercial account, plus a custom domain and individual aliases for each service I give my email address to. That helps with portability somewhat, in the future at least.

Maps: Apple Maps has been pretty nice. Might give OpenStreetMap a try.

YouTube: Invidious.

Android Auto: Apple Car Play. I wish there were a better option that didn't depend on Apple.

Google Drive: OneDrive, but I'm looking for alternatives.

What is a "eeee addresses"?

Also Chrome/Chromium.

Controversial opinion:

Half the data Chrome collects is harmless, and the other half is up to the user to give up:

- Location data: you are asked and must approve for Chrome to use (at least on macOS) - Financial data: you must enter it manually and click "save for future use".

Could it be better? Sure! But I think DDG is exaggerating here. We're not _that_ bad.

This is kind of deceptive. Approving location data to be saved or used during a web search is not the same thing as approving location data to be used for advertising and product personalization. Same with contact information, same with browser history, same with search history and unique IDs.

Also, none of that data is harmless.

> I think DDG is exaggerating here

Google shouldn't be basing advertising off of individualized browser histories in the first place, I don't think it's an exaggeration to call that a massive privacy issue. It's a single category, but one that encompasses basically everything you do online.

And while you can technically turn this off in Google settings, doing so will break a large number of Google products and features in other apps because Google ties access to browser histories and app data into other products in a way that is impossible to disentangle from normal functionality.

Back when I used to use Google Maps, turning off location-based advertising disabled my ability to save locations. Like, I couldn't mark a place on the map as my home on my local device unless I gave Google permission to advertise to me based on my location. Every time I wanted to navigate there, I needed to type in the full address. Even weirder, turning off web history took away my ability to use voice commands with my contact list on Android phones. I couldn't tell my phone "call mom", because that feature required access to my search history.

So this phrase "we're not that bad" creates this impression that Google isn't perfect but is still basically respecting privacy choices everywhere, and that any violations are just accidental -- when in reality trying to opt out of these systems is met with outright hostility from Google products, and giving an inch in any area is often interpreted by Google as permission to use that data in any way they see fit.

The system is a lot deeper and more deliberate than the parent comment suggests.

> location data to be saved or used during a web search

Does location data even help with relevance?

During road trips in 2018, location relevant results were turrible. Too many times I'd have to manually add my current location. eg "dog parks albuquerque nm" Sorry, no, I don't care about Dog Park Pub and Office Supplies in Duluth MN. Absolutely enraging.

It seems to work with chains, at least.

e.g. a search for "home depot" turning up the close ones with location turned on.

Ya. My guess is that proper nouns are weighted much heavier than distance when displaying results. I also guess that indexing of stuff gets worse in smaller markets.

I vividly recall wanting to pick up some flowers while driving north of Phoenix. Google was useless. No local businesses. Just national chains and stuff from other time zones. Infuriating.

Nope. There was a study released that location targeting in ads only works 40% of the time


It turns out, solving the problem of being an assistant device approaches the "AI complete" boundary, and the set of data interconnections needed approaches "arbitrary." Hence, the interpretation that the data should be usable as Google sees fit.

> It turns out, solving the problem of being an assistant device approaches the "AI complete" boundary, and the set of data interconnections needed approaches "arbitrary."

Wait, why do you say that? There's nothing inherent to the way that assistants work that mean that they need full access to everything in my life.

Human beings are "AI complete", but when I go to the library and ask them to help me find a book, they don't demand that I show them my phone contacts first. Data access and intelligence are separate concepts.

And Google's voice assistant could figure out what phone number I mean when I say "call mom" without doing anything involving AI at all, because I actually explicitly put that information into my address book in machine-readable, labeled fields. The assistant doesn't need to have an advanced AI to solve that problem, and it certainly doesn't need to look at my search history.

You left out the /s

Half the data Chrome collects is harmless

If true, that still doesn't negate the other half that is not harmless.

More importantly, how about I get to choose what I consider harmless, rather than having a Silicon Valley advertising agency do that for me?

Also, there's no way of knowing what Google shoves into the "other" category. Sunlight disinfects, even in Mountain View.

Fair enough.

But beware, Chrome's lead on render speed is most likely thanks to the performance data they collect. Any other browser you may choose might not collect that data, but don't be surprised if it halves your battery life and takes twice the time to render stuff (such as Firefox in macOS about 6 months ago, don't know how it performs now).

There are reasons for data collection, and I don't think everything is used for malitious intent, which is DDG's point.

>There are reasons for data collection, and I don't think everything is used for malitious intent, which is DDG's point.

That is not DDG's point at all. Their point is right in the linked tweet - "Spying on users has nothing to do with building a great web browser or search engine."

Chrome halves battery life on macs, compared to Safari.

Clearly the fix is collecting even more performance data! :)

> Any other browser you may choose might not collect that data, but don't be surprised if it halves your battery life

This is literally what Chrome does on a MacBook, the battery drain is insane

Incredible that performance analysis for benefiting consumers is being linked to advertising and behavioral analysis for making profits.

I think it opens many file pointers and keeps them open. Trying to run chrome with anything that has io operations on an older machine and you can see how chrome hogs resources.

I happily trade 'slower' performance for more privacy.

And you make that trade by using another browser (or Internet search service, email service, etc).

Are you suggesting Chrome isn't a battery hog?

If you chose to allow Chrome to know your location, so it can show you on the map, do you consent to have your location tracked continuously and associated with your Google account?

No, that's a setting in your Google account and not in the browser. https://support.google.com/accounts/answer/3118687?hl=en

That Q&A is very careful to avoid stating that location data is not sent to Google when "location history" is turned off. You really think that by flipping a switch on your account page, they are going to start discarding some of the data they are sent from client devices?

But would people necessarily associate "I gave Chrome the OS-level location permission, so I could enable location on <non-Google website>" with Chrome itself tracking the location and connecting it to a Google account?

How do we know if turning off that setting actually does stop location tracking, considering what we know about Google's past history?


I have long ago turned all of Google's activity tracking preferences off and erased the existing activity, yet once in a while some Google service reveals to me that it knows something it shouldn't.

Google Takeout is a good way to find out all the things you thought you deleted, but are still hanging around on their servers. Even stupid banner photos from PicasaWeb and G+ 8 years ago were buried in my Takeout that I had zero access to see or delete, but they were there (and probably still are).


Also, why must all the services attempt to guilt me into turning it back on?

The interesting thing is the failure mode if you don't agree to continuous tracking. Google uses the last place it was allowed to track you to instead of allowing the user to specifically enable a location update for "near me" queries to maps or the assistant. It may not be meant as one but it feels like a dark pattern, particularly when you can tap an icon to update your position in maps but any "near me" requests still go back to the last tracked location.

It definitely is. You can't even set a "home" or "work" location without enabling continuous tracking.

Yes, you can. I have location history disabled but I can route to home or work in Google Maps. Unless I am missing something.

Disc: Googler.

No. I still can't use Home or Work. Maybe @google.com accounts have an exemption.

It's on my @gmail.com account.

Does this work?:

Enable it, then set home and work. Then disable it.

That link is 2.5 years old. Not sure when it changed but it's not the case right now AFAIK.

The linked image says "coarse location" for Chrome/Analytics.

So this is not your GPS data but most likely IP based city/metro.

Also it says "may" everywhere. AFAIK DDG may be doing all of those things too.

From a technical POV this looks such a huge FUD that it's sad.

> AFAIK DDG may be doing all of those things too.

Except that DDG explicitly says they are not:


The word "location" is nowhere in your link.

Sure! But the page does say this:

When you access DuckDuckGo (or any Web site), your Web browser automatically sends information about your computer, e.g. your User agent and IP address.

Because this information could be used to link you to your searches, we do not log (store) it at all. This is a very unusual practice, but we feel it is an important step to protect your privacy.

If they don't store IP addresses then (I believe) they can't use wifi-router-based methods to find your location. Your browser also doesn't get a popup asking to give ddg your location.

So yeah I stand by my link and my interpretation of it.

It's actually annoying, you have to go turn on a setting somewhere. I've had a few folks frustrated with this, I think for most users if they give google access to their location they expect google will remember it.

Fair point, I do believe we shouldn't live in a world where we have to continously watch what flags has our software enabled, but I guess I'm someone who's always alert (or at least that's what I tell myself).

At this point, I think mine is more of a nihilism towards this as I cut everything at the only reliable level: the network. But even then, I've hammered myself way too much over privacy, and it didn't make me any happier, since, at the end of the day, if anyone wants to track you, they'll track you.

Seems hard to make the argument to make that browsing history is harmless, given how often it is used in police investigations and court cases.

I agree "harmless" is absolutely the wrong word.

I also think that data that might be harmful to a user because it could record them breaking a law should be thought of differently than data that could be harmful when used maliciously by a third party. Even allowing for the often oppressive and unfair application of the law, data that is harmful to the user when sent to the authorities should be considered differently than other data because there is obviously a balancing question around relative harms to different parties. If you witness a crime, reporting it might be good, but it isn't always.

Seems like you are arguing that it’s ok for Google to use the data they collect to actively report people for suspected crimes.

I wasn't saying what we should do[1], just saying that if the reason data collection hurts a person is that the data is evidence of a crime then the situation involves more than just that person and we should think about it that way. It stops being enough to say that we should avoid all harm to the user. Instead, we need to ask if the harm to the user in recording the data might prevent or address greater harms.

[1] Personally I feel like providers should be legally barred from doing anything other than responding to warrants for information related to a real person and they should, in that case, be prevented from including any information linked through statistical imputation.

I'd love to see some data to back your point.

Is browsing history being used as evidence in criminal prosecution? Where? How?

This is really interesting, thank you.

If you were competent, you wouldn't make assumptive searches on an obviously subpoena-able device ala burner using Linux and Tor.

All any investigation on me would find is I can't for the life of me remember the order of in_array and google it way more often than I should.

Consider the UK is right now [0], as we speak, passing a bill that forces an ISP to hand over browsing data, without a warrant, to non-law enforcement agencies (a list of which is in the source below). Agencies like the DWP (who handle unemployment, and have been subject to much criticism on how they make decisions and handle clients) will have warrantless access to browsing data for specific people.

A little far fetched, but if you're employed by one of those agencies, your boss (or bosses boss etc) can access _your_ data, find out how often you're googling basic information and use that information against you.

[0] https://news.ycombinator.com/item?id=26430266

it's cool that your life is perfect and free of danger. consider that you are an outlier

Since I didn't explicitly say it, I'm not okay with giving out browsing history and 100% stand behind privacy controls and laws that prevent this completely.

thank you. unfortunately your comment was frustratingly indistinguishable from the "i've got nothing to hide" fallacy often seen in comment threads like this. when there's no way to tell you're being humorous, your language does the work of someone being serious.

as the tumblr kids say, satire requires a clarity of purpose and target lest it be mistaken for and contribute to that which it intends to criticize.

Most people are not at risk for being unjustly harmed by law enforcement due to their online data. The people that are at risk are outliers, and still worthy of concern.

> Most people are not at risk for being unjustly harmed by law enforcement due to their online data.

This isn’t true. The risk is currently low of actually being targeted but that doesn’t mean people are not at risk.

Also law enforcement is not the only problem by a long shot. Civil suits, family court, etc, all routinely use browsing history data.

Here is something from 2021.

"Police confirms that Disha was arrested after Google shared details."


This is like arguing that you don't need a right to a fair trial if you never break any laws.

If you give me six lines written by the hand of the most honest of men, I will find something in them which will hang him. (Cardinal Richelieu)

Our company has decided we no longer need whiteboard interviews as we just contract with Google for candidates' search history (filtered for technical issues only of course!).

(In case anyone thinks google sells search history retail: this is a joke...at least for now).

They wouldn't sell browsing histories; that data is a valuable asset. They would follow the model used by most "AI" products: an "AI"/"smart" service that launders candidates' history data into an opaque score. The hiring company's workload is reduced to mapping a score value onto their hiring plan, and Google will make a carefully worded claim that they are not selling personal information.

A shrewd distinction.

Sometimes I worry that after all the concerns about data collection, and even if most people would say they don't want to give up that data in a survey. But:

When presented with a screen that's hiding a silly cat picture they would just instinctively would click "I agree" 99 times out of 100, and at that moment, and maybe most, they really don't care...

Hot take: why the duck would you need all that info? Stick to the ducking results and show clearly marked ducking sponsored results based on search keyword, not the shadow avatar of me you're creating one "harmless" bs at a time.

>Could it be better? Sure!

Is there anything that _cant_ be better? I'm sure as engineers we can all come up with proposed improvements on pretty much anything. :)

>But I think DDG is exaggerating here. We're not _that_ bad.

The point (that DDG is making, paraphrased here) is spying on the user is not necessary to build a great browser/search engine. Do you disagree with that? I don't.

I agree. The word "spying" is thrown around a bit loosely. I suspect most users are oblivious, but the information is there to see; the choices are there to make.

That said, I have to make a conscious choice to avoid Google data collection wherever I can, but I still end up using many Google products. I was more accepting when data collected was silo'ed in individual Google services. Now that those barriers are down [1], it will probably take government intervention to re-isolate key platforms (like Chrome, Android, Youtube, Search, Ads, Maps, etc.)

[1] https://slate.com/technology/2016/10/google-changed-a-major-...

For a first step these labels are okay but I would like for the developers to have to provide more details on the what/why/whatfor for all these points to settle exactly this dispute.

I think a critical view is important to prevent further advancement in privacy violations. If we are all okay with Chrome now, they're likely to include more privacy violating data collection in the future. A critical view doesn't necessarily mean the product is bad (it's very good at its job), but it is important to understand how much of our data we're allowing to be collected, especially when the user approves of it mindlessly (we've all been there).

> Location data: you are asked and must approve for Chrome to use (at least on macOS)

Now if only we could take away Apple's ability to create a walled-garden...

If only we could take away customer's satisfaction with, and preference for a well maintained walled garden.

Alternatively, if only people who don't like Apple's solutions would just go away and leave those of us who do alone.

And yet, people inside the walled garden want to interact with people outside the walled garden.

And when they can't get full compatibility, it literally causes the exclusion of those outside the walled garden:


I don’t follow you. How would breaking the walled garden change that?

Data collection like that is harmless until it isn't, and then there's no turning back. So, no, it's not harmless.

I'm assuming by your use of the word "we're" that you work for Google?

Location data is sent by default to the default search engine and there's no way to disable that unless you deny location permissions from the OS to Chrome. If you want to use a map and give permission only to that (Bing maps for example) you have to allow Chrome to gather location data which will also be sent to the default search engine (usually Google). There's only the illusion of choice there (you can change the default search engine and send location data somewhere else though).

Edge’s privacy report on the iOS App Store does not include location data.

Or use a private search engine.

I am in agreement. You can choose not to log into Google from Chrome, for example. I don’t think Chrome misleads when it collects these specific information. Where it collects, it’s obvious— I didn’t see anything in the OP picture that was a surprise/hidden collection.

Under no circumstance do I want my browsing history being sent to a server. That's a pretty black and white issue being violated here. Extremely anti-user.

It's not remotely "anti-user". I want my browsing history sent to a server. I want that history available from all my devices. I suspect most users want that as well. I love it that on Chrome iOS I see history from my desktop Chrome. Even Firefox has this feature. Nothing "anti-user" about it

It's extremely anti-user. There is zero reason for this data to be passed unencrypted to Google, other than for them to spy on you. It would be trivial to implement syncing in a way that didn't expose all of your browsing habits to a spyware company.

It's a complete violation of privacy.

Half the data Chrome collects is harmless

Until it's not. Meaning, we don't know if there's a way yet to harm users, or we don't know if anyone is actually using it to harm users.

If it's harmless, don't collect it.

Chrome's the fastest browser on the market. That, along with some nice marketing strategy is what makes it the absolute market leader.

The reason Chrome is so fast, is most likely thanks to the performance (harmless) data it collects. Firefox may be proud of not collecting as much data, but (at least on macOS) they spend twice the battery to render twice as slow.

Not saying you shouldn't be able to choose what data you're collected (which, you are) but there are reasons (not necessarily evil) to get that data to the devs.

Please... 90% of users don't even know what web browser they are using. I can't count the number of times I've gone to someone's house to fix their computer, and they don't know what Internet Explorer or Chrome is. They just know what icon to click to get to the internet.

what makes it the absolute market leader

What makes it the absolute leader is the void left by a dismal IE, and a completely lost Firefox, a few years back. Today's lead is coasting. I don't know OSx, but perceived performance in Linux/Windows is not any better than today's Firefox/Chromium derivatives, if any at all.

You keep saying "harmless", and keep missing the point. If you don't want data to be used against users, don't collect it. And use explicit opt-in for everything.

This argument is like the classic _well, if you haven't made anything wrong, why do you care if the state collects that much info about you?_. The problem is not being harmless today. Is that, when the moment of being harmful come, then it's too late.

Today's lead isn't remotely "coasting". All you have to do is read the list of new features added every release. If Chrome was coasting that list would be empty.

"nice marketing strategy" is I think a fairly strong euphemism for the ways in which Google has its tentacles in absolutely everything. From Android to search to identity through a google account, gmail, and so on.

The browser itself is trivial to separate from Google, which is why (completely ungoogled) Chromium exists, but to get yourself out of the Google services web is very, very, hard.

Recently, Google shared data about Google Docs which led to an unnecessary arrest.

"Police confirms that Disha was arrested after Google shared details."


Was the shared data as a result of a lawful request? Any company would have to comply in that case.

Any company would have to comply with the data that they held, perhaps, which is precisely why this comes up when suggesting that perhaps they should have a little less data in the first place.

Why is stuff like saving browsing history, doing voice search or autofilling credit cards suddenly a bad thing? Chrome lets you turn all of that off in a single click if you want. I have personally found most of the features on that list to greatly enhance my web experience.

Same! I'd like critics to point out the downsides of Google not having this information too.

For me, the Google search is sometimes magical. Way better than any other.

If the data stayed local, I would agree with you. ...but the issue is that they upload it and merge it into a profile of you that they keep, sell to 3rd parties, and is available to governments to inspect.

I would get pretty mad if chrome wouldn't autofill my credit card information

What do we suppose this picture is actually comparing?

I think these are self-assessments, and crowing that you've assessed yourself as not having problems is not a very reliable sign that you don't have any problems.

Is there more context for this? I'm seeing an infographic sourced to "Apple App Store as of March 2021," but I don't own an iPhone so I don't know where this information comes from. Are these boxes permissions declared by the app, data collection as detected by some heuristic at Apple, or what?

> Are these boxes permissions declared by the app

Pretty much. My understanding is that they're self-reported (as opposed to inferred from eg SDK/API usage), but I haven't looked into it super deeply.


I don't understand why Location (and other data) is 5 times for the Google app for example. Can somebody explain the differences?

There are column headings that show the data is being used for different purposes.

I see, so the collected data is the same, just the way it is used is different. Thanks!

I am going to make the real controversial opinion:

Who is surprised here? Google makes money by spying on people. Everything they make is designed to make money. Search history gathers what you are interested in. Android and Chrome vacuum your physical data and more. YouTube both gathers your interests and might become a serious advertising platform someday. Gmail vacuums up what Android messaging misses. Google Ads, Fonts, and Analytics catch anyone who isn't using Chrome with the help of webmasters. Every major Google product is designed around one purpose: knowing everything about you.

I have used Firefox for years and years because this is obvious to me. Google shuts down divisions that make a lot of money all the time. Yet somehow, they are just spending ungodly amounts of money on all this "free stuff." Please. I don't care if you watch a 30 minute YouTube video on how to set all of your Google settings in just the right way for them to graciously not upload live video of your face. Two patches later you have to do it again. This is all while trusting this highly sketchy company to honor its settings. It's like trying to set the perfect contract with a demon or wish for a monkey paw. The real way to win is to not do it.

I don't think many people here are surprised, but putting this information front-and-center for ordinary people is an important step in raising the general awareness of privacy issues in nontechnical communities.

I think that the average person on the street might jokingly say that Google knows everything, but seeing the extent of that data collection right in front of them might have a different emotional impact.

Why does it matter who is surprised?

Because it won't change. Everyone here knows what Google is and I will bet you that over 90% of HN unique users come from a Chrome browser.

It will only get worse. Google always steps on everyone when it dominates a market. Gmail marked your private email server as spam by mistake? Good luck even finding someone to care. Chrome is at this very moment disabling the HTTP2 standard push feature, essentially asserting Chrome as the real standards body.

This is what all of us chose. Without some regulatory body stepping in, privacy will never come back. Even then, that regulatory body will probably be completely staffed by Googlers, since they are experts in Internet privacy.

I disagree. Change is possible, though it may be a while before we see it across all mainstream products. But, the EU and California are making progressing in pushing Big Tech to making changes to their data collection policies, consumers are opting for privacy friendly products (DDG saw the dramatic increase in search of 62% in 2020), and companies are making structural changes in some of their products.

And yes, privacy law is needed to bring privacy back. But, it's also people and privacy friendly products. We have some power. Don't dismiss everyone because one company is too big.

> Google makes money by spying on people.

Wait..was this a secret?

I use Safari. It's the best browser for Mac.

> I use Safari.

So, instead of handing all of your info to Google, you hand it over to Apple.

Nothing to write home about.

What major tech company monitors you less than Apple?


We live in an era where you can be a tinfoil hat closed off out of touch Linux user or just deal with it. Nobody likes it so you're not special for touting an obviously majority opinion. But the utility it brings to connect people makes most forget and not care.

What do you use?

PS Also, I'd rather share *some* data with a company that proactively (1,2) teaches users how to minimize data sharing and is moving to an opt-in model rather than opt-out. I realize that this is a marketing strategy also. But at least it's not disingenuous.

(1) https://www.apple.com/privacy/docs/A_Day_in_the_Life_of_Your...

(2) https://www.apple.com/safari/docs/Safari_White_Paper_Nov_201...

The real question is how much data is collected from users who have "Web and App Activity" sharing turned off.

This is cool and I'm glad to see Apple reporting on it - but do they offer you a way to simply bypass it and achieve better privacy without breaking things? Like send fake location data, randomize a device ID per app, etc. XPrivacy did this quite nicely on Android and I'd love to see something similar on iOS.


You can’t stop Google doing geoip, but you can stop iOS providing GPS to Google.

Device id’s can indeed be switched off.

My biggest privacy concern with Google is how search result URLs contain user identifiers.

Do you have an example of this?

When Google Ads is linked to Google Analytics, the links append the 'gclid' query parameter to the URL they point to. This value is how a downstream conversion, collected by Analytics, is associated with the upstream ad click from Google Ads. The 'gclid' parameter is unique to the ad impression, i.e. it's a join key to both the term that was searched, and the user who searched for it.

gclid is appended to ad clicks, but not organic search: https://support.google.com/google-ads/answer/9744275

(Disclosure: I work at Google, speaking only for myself)

From mobile browser it can also tell the phone firmware and brand

Why use DDG when you can use Bing directly?

Because DDG has bangs [0]

[0] https://duckduckgo.com/bang

Compare their privacy policies. Otherwise you are right and it's better to use https://yacy.net and SearX.

1) I use VPN anyway, so Bing doesn't know who I am.

2) Bing belongs to Microsoft whose primary business is to sell software, not ads, so they are less dependent on collecting user information.

3) If I wanted a search aggregator, I would use a non-US company, for example, Qwant.

1) VPNs only hide your IP address. They don't make you anonymous. Search engines and websites can still track you.

2) If it's non-private, it still collects personal data.

3) Or Startpage - HQed in the Netherlands, hides IP address, Anonymous View feature lets you visit results in private, and Google results.

Well, I do everything I can to avoid tracking. I don't use any G$$gle service, browse with Firefox with a bunch of anti-spying extensions. Startpage is good, I switch to it if qwant doesn't produce the required result. But I heard it feeds into G$$gle.

> Microsoft whose primary business is to sell software, not ads, so they are less dependent on collecting user information.

If it was true they would not collect every keystroke on their OS.

Yeah, and Bill Gates installs mind controlling chips via vaccines

yacy is interesting, thanks!

DDG: compared to Google, yes.

How does the duckduckgo mobile browser compare to safari on iOS with regards to privacy though?

DDG will still have a hard time competing with Google in both search quality and revenue even if only keyword-based ads is allowed and used in future. Privacy is a nice feature to have, but not sufficient.

Okay maybe it won't overtake the tech giant but what about just providing a private choice? And what about Startpage? 1. Startpage provides Google results while protecting privacy. 2. So far, contextual marketing has been profitable for both Startpage and DDG. It's not Google level revenue, but interest in private search is growing significantly.

What part of those vague descriptions covers Google's practice of reading messages sent to a GMail address that are purchase receipts and adding it to a list of places you've shopped at?

That's not a function of Chrome, that's a function of Gmail.

In the last weeks I had seen a phone repeating the entered password in a clear voice (after a "security update" none less), and other showing in google maps the exact point where a home video has been recorded while playing the video.

Why would you use a proprietary browser when Firefox is around?

Chromium is open source and Firefox collects quite a bit of data by default as well.

(Mozilla employee) Yeah, but how much of what Firefox collects is PII? (And no, Telemetry is not PII)

Chromium is open source, but almost nobody uses it. Almost everyone uses either of the proprietary forks, Chrome and Edge.

Not if you use Linux, and Chromium is also in the Chocolatey repo and Homebrew.

People who use Linux to browse the web, or install browsers with Chocolately or Homebrew, are all an extreme minority of browser users.

Also, this post is about iOS...

And on Android you can use Ungoogled Chromium.

Not all devices permit installing freestanding browsers (applies more to iOS /Safari).

The Chrome engine provides app Web functionality (on Android).

Forcing all Chrome users to disclose data is coercive.

Chrome has ~70% browser share.

Maybe cos it's a laggy as hell?

Firefox has been faster than Chrome for months now. I switched over to it on Windows and I'm enjoying myself so far. It's not for everyone though, so I get your apprehension.

It changed recently, it's quite amazing tbh, I'm back on FF however weird it sounds !

I'm all-in with Edge. After lasts weeks update the startup time is... wow. I've since started closing my browser when not using it.


Enabling either the OpenGL or WebRender compositor might help in case of performance issues (`layers.acceleration.force-enabled` and `gfx.webrender.all` in `about:config`).

Firefox on iOS, like Chrome, is a shell around the engine behind Safari. Performance is pretty similar.

Performance problems on macOS/Linux, Firefox seems fine on Windows but that's where I spend the least of my time.

I have had 0 performance issues on macOS or Linux with Firefox. I use both OS'es extensively.

I've been using firefox for years and I have no idea what these performance problems are.

Same here. I don't get the complaints. I use it regularly on macOS, iOS, Linux and used to run it on Windows every day...

Lucky you!

I use Firefox everyday for work and home. For a few years now Firefox has beaten Chrome in speed/usability for me.

Yeah, I had to use Chrome on my old Macbook 12' before I got my M1 Macbook Air (now everything is instantaneous with Firefox).

Because Chrome syncs to my Google account so the large collection of devices I browse on have shared history, defaults, and bookmarks.

Firefox does not sync to my Google account. I appreciate that Firefox Sync exists, but I've already got a lot of configuration invested in my Google profile, and it's not worth the effort to switch to another sync system.

Where can I find Safari's privacy nutrition facts?

When has Google not revealed the data Chrome collects?

is it the same for EU and non-EU users?

Good find here!

Using Brave + Duck duck go.

Why Brave??

It's better than Chrome and FF imho. Lacks the tracking BS from Chrome, and FF has gone downhill..

Any reasons not too?

Why not use a Firefox fork like Waterfox? That fixes a number of the complaints people have with Firefox while not pushing us towards a browser engine monopoly - which you do by using a Chromium based browser.

Besides, the Basic Attention Token crap in Brave is kinda shady.

> Waterfox

Or IceCat. Or, even better, original Firefox.

What's wrong with Firefox?

Nothing, so long as you're okay with telemetry, bundled junk like pocket, and the removal of the compact UI (see the thread from yesterday - https://news.ycombinator.com/item?id=26464533).

Firefox's internals are great -- it's never been faster or as stable, and for that we made real sacrifices like losing XUL extensions but increasingly I don't understand Mozilla's decision making.

EDIT: I understand many of the things I'm talking about can be fixed with about:config. I had a list of over 30 flags in my notes and it was becoming untenable to patch all my devices whenever a feature I needed was changed or removed. Whereas with Waterfox, I so far have only one about:config change:

    dom.security.https_only_mode = true

>> I don't understand Mozilla's decision making.

Yeah lots of (usually subtle-ish) incongruous actions.

Ignore the public messaging and work backwards from what they actually do to understand their real motivations.

I've written some other comments with my analysis on it if you're interests you can check my comment history.

I have not heard about Waterfox, will give it a try.

I've only been using Brave for the last ~2months.

Brave uses Chromium.

What's wrong with Chromium? I don't think Google's tracking specifically has anything to do with Chromium. Chromium !== Chrome

Because the direction Chromium is heading is in large part controlled by Google, more than Firefox. Also Chromium still has Google bits, otherwise ungoogled-chromium won't exist right?

I see. I generally agree with that, which is one reason why I'm a Firefox user, but I'm not totally sure I buy it as a reason not to use Brave. It's a fair viewpoint, though. I could see it being a reason for being against Brave if the Google-ness of Chromium is able to make Brave less private.

I think Google recently took out the syncing capability from Chromium. Things like that.

Edit: Also the manifest v3 thingy which made Ublock Origin operation restricted, also I think it prevented CNAME uncloaking. Idk whether Google went ahead with manifest v3 though.

I think the main problem is that by using it you're still giving google decision-making power over the future of the web

Nothing. I use Chromium. I just prefer it over Brave.

It's produced by a "Reputable" company and has a good update process. I can TRUST my software updates from brave.

"Ungoogled Chromium", while FOSS, have no good update method, and since i'm not going to build it myself, I don't have the same level of trust that something malicious hasn't been implanted.

Brave provides similar features to ungoogled chromium and I don't have to support Mozilla or Google and their practices.

Big issue is the trust factor. As well as all the Chrome zero days going out, not having security updates in a timely manner is risky.

There is a a lot of talk here about "Trust", that's somethings I cannot attribute to Brave. I am sorry.

What is the reaon?

What's the business model again? How are they making money?

"If you are not paying for it, you're not the customer; you're the product being sold"

Brave is still new and when it comes to security, we will have to see how it turns out.

You put quotes around reputable and rightly so. Brave just bought a ton of clickstream data, harvested stealthily by another "privacy-focused" browser. When it comes to privacy, no, I don't trust Brave an inch.

Are they not violating GDPR because of that? Surely they don't need to know most of that data to process search queries? Or it is a classic example of trying to bypass regulation by creating the fake need for this data in their T&C. Another question is that why regulators don't look into that? If I search for "Pythagorean formula", do they need my address for that? I think the business model like Google should be outlawed (and I believe it already is illegal in the EU) and it should not be possible to pay for a service with your personal data. Yes, I get the argument that if services become paid, then a lot of people won't be able to afford the subscriptions, but we could have a law that email operators should provide basic email service for free, just like banks have to provide basic bank accounts free of charge.

Is Google 'Do No Evil' dead?

Yes, officially almost three years ago. https://gizmodo.com/google-removes-nearly-all-mentions-of-do...

What a terrible article.

Look at what the last paragraph says despite the title:

The updated version of Google’s code of conduct still retains one reference to the company’s unofficial motto—the final line of the document is still: “And remember… don’t be evil, and if you see something that you think isn’t right – speak up!”

I feel terribly misled—for several years now, I thought they removed "don't be evil" entirely (apparently, courtesy of overhyped news headlines and whatnot). Obviously it doesn't matter much in the grand scheme of things (I don't suddenly trust Google a whole lot more), but it feels bad to have both believed and passed on misinformation.

(And, yeah, it's also my fault for not having checked primary sources at the time.)

I just searched around and picked one near the top of the results. Lots of similar reporting at the time.

I always find it funny that some think we have this company that at some point decides to go rogue but because they had a "do no evil" in their motto they couldn't proceed. So they decide to remove it to unblock themselves.

That is nothing short of a cartoon movie villain.

"Removes nearly all mention..."

AKA: they moved the line from the opening statement to the closing statement.

Hasn’t quite a lot of time passed since they gave up on that motto? I’m not upset about the content of the “article”, I hope it wasn’t a secret to anyone that Google, the owner of the worlds largest web advertising platform, has been collecting data from users this whole time.

Please tell me why this kind of data collection is harmful for the average user?

I love data collection, it makes the web sing!

There was not anything in that list that I wasn't already aware of. I was expecting some kind of smoking gun that caused me to say "Aha! THAT is how I know Google is EVIL!" and it was never there. Half the things are opt in, the other half are disclosed if you read the TOS/AUP at all or even just think about why they don't charge for basic services. So yawn whatever.

All is about threat model. I really would love to switch to firefox but afaik it's less secure. So who would hurt me more, so random dude or corporation? My choice is simple.

It's the same with all messengers. I use facebook messenger (because everybody around me use it) and i know that they collect a lot of data (and have acess to my chats). For me, still threat isn't facebook but my acquaintances who use weak password, so they're easy target (and my messages would be compromised).

We have to change our mind about computers. Everything can be exploited and used against us.

> I really would love to switch to firefox but afaik it's less secure.

Afaik it’s more secure. Personally, I’ve enabled DNS-over-HTTPS and HTTPS-only mode, which are both available as standard options in Firefox. There are more security options on the about:config page.

Of course, there’s also Enhanced Tracking Protection, which is enabled by default. It’s more of a privacy feature, but it has a positive effect on security as well..

> afaik it's less secure

Firefox doesn't have a Spectre vulnerability that allows websites to read crossorigin images, videos, and JS that won't be fixed for another month or 2 :)

Applications are open for YC Winter 2022

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact