When I moved into IT almost 10-15 years ago, Google was one of the companies that I adored (in a kind of naive way, but nevertheless..).
Working at that company has always been a dream of mine. They had the reputation for hiring the best of the best engineers, with great benefits and work culture.
Meanwhile I'd hate to apply for them. Everything they do in terms of tracking, etc. has become so vile and almost evil that even Microsoft has a better standing among my peers..
Would love to hear some insight from ex employees on what changed on the inside of that company, but from the outside it doesn't even seem to be the same any more.
Maybe they're just worse at hiding it..
As an Xoogler, my experience is that one thing changed, and one thing didn't.
The thing which changed is that Google operates on a much, much larger scale than anything imaginable back in the late 90s when they first started. In 1999, nobody had any inkling about the cloud and SaaS revolution that was about to come. Nobody knew that everything was about to move into web apps and cloud services, which permit and require(?) tracking in ways, and on a scale, no one had thought possible. (Require with a question mark because - ad tracking aside - what little I know of frontend development includes that they need to be able to see certain information, like your browser type, in order to provide effective services.)
The thing which didn't change is the mindset of the engineers building the services. On average, Googlers tend to be much less concerned with personal privacy than an equally educated consumer, and much more interested in the features and services they can build for themselves and others which happen to require huge amounts of personal information to function. In other words, a typical Googler is more likely to think, "Oooh, having a personal digital assistant is great! If I give Google access to my email inbox, it can suggest tasks, automatically add calendar invites, and do other cool things."
The problems we're seeing now come when the engineers working on advertising products have that mindset and access to Google-scale information. They don't consider it a problem or a violation because they don't mind targeted ads, they don't mind giving up their data in exchange for services, and they don't (want to) understand why people who aren't them might object.
It's a lot more complicated than that because Google, while the largest and arguably most effective, is not the only player in this game. There are a lot of other corporate and social influences at play. This is just to answer the question about what changed at Google.
> They don't consider it a problem or a violation because they don't mind targeted ads, they don't mind giving up their data in exchange for services, and they don't (want to) understand why people who aren't them might object.
And worse, they never thought to ask. Most users never really had the opportunity to provide informed consent.
Seems to equally apply here though. Many people are perfectly fine with targeted ads in exchange for free useful services. I would even propose the majority (otherwise these services wouldn't be popular in the first place!).
> > > Most users never really had the opportunity to provide informed consent.
> Many people are perfectly fine with targeted ads in exchange for free useful services. I would even propose the majority
I feel like these two remarks should be taken together, and not in isolation. My straw poll of a few non-technical folk in a highly-technical firm is that they're broadly unaware of these kinds of things (but everyone has anecdotes...)
Speaking for my own perspective, I was perfectly fine with Gmail when it first launched (1GB of free email storage in exchange for a computer scanning my mail and showing me text adverts on the side? DEAL!), mostly because in 2003 I had no idea what my data was worth (individually, very little. in aggregate along with eevryone else's? $GOOG indicates it's in the ~trillion range). Facebook? For sure! Have my favourite books, albums, movies, tv shows, all my photos, why not?
It took many years before the implications of that decision that we (collectively) made came through. Not everyone has the bandwidth to focus on this, and so it just becomes background noise.
> > and all it would take was a disregard of the sanctity of personal privacy
;)
I would have been aghast if you had told me 30 years ago that by now our movements, purchases, letters, phone calls, photos, rolodex, walkman, television, and more would all be connected to a central database and used to produce models to coerce us into changing our behaviour.
Eh. One of the things Microsoft was actually punished for was bundling IE, and it didn't help that they were actually hostile to other browsers as proven by the fact that their documentation pages would work if Opera faked the IE headers.
Googles pushing of Chrome and disregard for other browsers across their web properties comes dangerously close in my opinion.
I think that Googles' push is even worse. Just think about how many possible devices Microsoft could target back in the days. 300-500 million devices maybe?
Google not only invaded desktops in the past decades, but completely owns the Android platform, which comes bundled with Chrome and Google as the primary search engine. Desktops with Chrome plus the Android platform must be far more than 2-3 billion devices.
Well, I'm an ex employee. Actually nothing has changed inside the company. "Tracking" as you put it isn't perceived as evil, it never has been, and for good reasons. The only thing that's changed is people's perception of the company and - very recent post 2016 political issues aside - that was mostly driven by a sustained campaign by an angry media industry that wanted money (see: link taxes).
Firstly, if tracking usage statistics or activity was actually evil then everyone would hate it, desperately try to stop it and have tons of stories about the horrors of it.
In fact what Google sees is:
1. Web apps are extremely popular although they all keep server side logs that reveal every button click, every message you type, every email you send, every search you do. Users routinely migrate from thick client apps that give great privacy to web apps that give none whatsoever without batting an eye.
Hacker News readers in particular should understand this. It's overrun with Silicon Valley types who build their entire livelihoods around "let me run this program for you as a service". There's nothing special about Google in this regard. The entire software industry has moved away from privacy in the last 20 years because ...
2. Users rarely if ever use privacy features when they're provided, even when they're heavily promoted. In fact, despite all the noise, hardly anyone cares. For the vast majority convenience wins over privacy every time. But not just convenience, also ...
3. Security trumps privacy. People say they like privacy, but they hate getting hacked and tend to blame the service provider if it happens. They have very little patience for explanations of the form "yes this attacker was obviously not you and yes we had enough data to know that, but we didn't use any of it ... for your own good!"
4. Users can't and won't give accurate feedback about what they value or what their actual experience of using an app is like. This means A/B testing is critical to avoid making bad business decisions. The heavy reliance on experiments and data driven decision making is one reason tech firms tend to steamroller their legacy competitors.
Google hasn't become evil over time. It's been doing A/B tests, keeping server logs and writing unused privacy features since the company first began. All that's changed is it got big and rich, so people - rightly - started to think about its power more. But the hypocrisy is strong. The world is full of companies collecting and using data for the benefit of their customers. It's really only Google and Facebook that get the vitriol.
Most people use default settings and have no idea about the software they are using at all. "everyone would hate it" assumes people know about these things, but they do not. Don't use this as a point.
ad 3), you make it sound as if it was one xor the other. This is sometimes the case to some degree (like checking urls for phishing sites), but far from always.
ad 4), it is not my problem as a user that you have trouble doing tests. If you need information for your business, then spend the money and effort to acquire it. Do not abuse your users without care. Your business case is not more important than people's privacy. And if others do this to gain an advantage over your business, don't whine, sue them.
When I was involved in user tests we had a lot of trouble due to our ethical concerns, but we did not consider dropping these concerns.
edit: I may add that I'm German. We were taught about the value of privacy in our history. "boring statistics about religion" led to the murder of hundreds of thousands of Jews. Disregard for privacy led to the atrocious human rights violations in Eastern Germany. I cannot understand why Americans, who explained this to us Germans after WW2, apparently forgot all about the _reason_ for privacy.
"everyone would hate it" assumes people know about these things
It's based on direct experience of these tradeoffs.
Firstly, yes, people accept the defaults most of the time. They expect those defaults to be convenient and secure. But even when forced to click through screens that literally won't let them proceed until they consider their privacy settings, they don't care and routinely opt in to data sharing because it's more convenient.
Believe me, Google has tried everything in this space. Every combination of popup, click through, interstitial, notification, endless usability studies. Everything. New products that use user data in clever ways get instant uptake on the order of hundreds of millions of users with virtually no promotion at all. Privacy-oriented features get nearly none despite heavier promotion. To the extent people don't know about privacy settings it's because they do not care.
I know this goes against the tech industry zeitgeist or groupthink. It's unpopular to spell this out, but that's why it's important to do so. Way too many companies and engineers are working on dead-end privacy projects that address an imaginary market demand.
you make it sound as if it was one xor the other. This is sometimes the case to some degree (like checking urls for phishing sites), but far from always.
It's not 100% always, but it's hard to come up with cases where privacy and security aren't in tension.
For instance, one of the reasons you can't build truly end to end encrypted consumer services is people don't want to swap public keys. It's more hassle and nobody has it, so every end-to-end encrypted service has a big central key directory ... which makes the encryption pointless, as the service can still decrypt conversations on demand. That's not the only problem but it's a big one.
Another problem is people expect password reset. You can't build a service without password reset or else you'll have an angry mob at your door demanding their accounts back. If you say, sorry, there's no password reset because the data is all encrypted and we can't get it back then you'll lose your market position. Hence why iPhone backups are unencrypted.
It's not hopeless. Google get the most pressure on these topics so they've been coming up with some of the best solutions. Their Titan architecture is quite innovative in this space, although we'll see what happens when people realise "I forgot my PIN, please verify my identity some other way" doesn't work anymore.
And if others do this to gain an advantage over your business, don't whine, sue them.
I'm afraid this is extremely naive. There is nothing illegal about running user tests, server logging and gathering metrics. And don't talk about GDPR to me. It's a meaningless law that is so badly drafted it affects nothing. You can do basically anything if it's justified by a genuine business need, and understanding customers is an absolute need of any business.
But if the EU under German direction decides to interpret the GDPR such that it bans making convenient and secure software, then so what? America crushes the EU in the software business already. It will simply extend its lead. American startups will learn "don't open offices in Europe and you're OK" and so the EU will continue to degrade its own economy, continue to have no tech startups of note and the USA's more sensible approach to privacy will continue to be the only one that matters.
"boring statistics about religion" led to the murder of hundreds of thousands of Jews.
At the risk of going full Godwin on this thread, that's a severe mis-understanding of your own history. No wonder Germans have such strange approaches to internet privacy if that's what you're being taught. Americans haven't "forgotten" the reasons for wanting privacy, they just don't think spreadsheets were relevant to what happened. And BTW I'm not American.
So: Nazi-ism wasn't enabled by the collection of statistics. They would have hunted down and eradicated groups of people all the same. We know this because communists hunted down threw huge numbers of anti-communists into concentration camps, although being anti-communist isn't a birth trait and that fact existed in no statistical databases. They didn't need Big Data because they had a large network of ideologically motivated informers and collaborators instead: just like Hitler did.
Finally, I'll say that going from "Google runs A/B tests to learn if a new feature is popular" straight to "sue anyone who does this because they're directly leading to Jew murder" is really quite offensive and shows no sense of proportion. Google is not enabling the Third Reich. It's just doing what any boring old city shop does when they experiment with putting different items on sale, or experiment with different layouts of the stores. The fact that it's online changes nothing.
I think it's key that I never see any kind of comparative behavior. Does Amazon do this, does Facebook do this, do private platforms do this? How does this compare to tracking done by apps? Based on my experience and knowledge, Google falls on the ethical side of the spectrum among its peers.
I get ads from Microsoft now (in app in some cases, other free services). I know this is a Mac/Linux heavy forum, but I would also love to see how this tracks with Windows telemetry (to the point made about security). I am sure that every Windows 10 install has higher fidelity fingerprinting sent with telemetry.
What has changed is how easily people can be manipulated on social media and how they can be programmatically orchestrated with much less effort than before 2000-2005.
Your points are sound, but I'm puzzled by your last line:
>It's really only Google and Facebook that get the vitriol.
The way I read it, it seems as though it's unfair that they get away with doing questionable stuff when "others do worse". Why yes, if you have nefarious intentions but no power to act them out, people are going to throw less "vitriol" at you than if you do act them out.
Thats right. Is google the most evil? Well, no, I really don't think so. But they exert a lot of evil to the world because of their size, power and ubiquity more than others. Same with Facebook and Amazon.
I always keep in mind the motto Google carried when they stepped in: "Do no evil". I used to love Google back then, but they were something else.
They killed good products that people loved, they abused their trust, they are what they are not because they keep on innovating but because of their current size. They killed a lot of small fries who in aggregate could have given us a lot more value.
What I mean is that offline businesses have been running experiments to see what works forever. They run a billboard campaign in city X and run a slightly different one in city T to compare the results. They count customers as they come through the door. They issue loyalty cards that people sign up for in their millions, making a special effort to share data with giant supermarkets because they're (effectively) given a share of the resulting revenue increase.
Nobody cares or talks about any of these things. But when Google does the online equivalents, it's suddenly the next coming of Hitler (literally, look at the comment I replied to above!).
This isn't really proportionate, it doesn't make sense, and it's quite offensive to people who work or used to work at these firms.
> 1. Web apps are extremely popular although they all keep server side logs that reveal every button click, every message you type, every email you send, every search you do. Users routinely migrate from thick client apps that give great privacy to web apps that give none whatsoever without batting an eye.
I think people here might be shocked at the amount of surveillance going on in the most basic web apps. Lots of telemetry like you describe and other ambient data is being captured all as part of the terms and agreements you probably clicked through with the website. Google is not alone in this.
I find this a bit strange and maybe it's a cultural/US thing, but the races I have competed in (Germany) always had two trophies: overall male winner and overall female winner. Which would easily eliminate this issue.
TIL that this is not the same everywhere.
As I said upthread, it's just a poor choice by a race director. The way you mentioned is how we do it too. They could have chosen to give trophies to the overall winners, to the last place finisher, to the 4 median finishers, or any other silly combination, but they chose what they did and Runner's World wrote an article about it.
Meanwhile I'd hate to apply for them. Everything they do in terms of tracking, etc. has become so vile and almost evil that even Microsoft has a better standing among my peers..
Would love to hear some insight from ex employees on what changed on the inside of that company, but from the outside it doesn't even seem to be the same any more. Maybe they're just worse at hiding it..