Half the data Chrome collects is harmless, and the other half is up to the user to give up:
- Location data: you are asked and must approve for Chrome to use (at least on macOS)
- Financial data: you must enter it manually and click "save for future use".
Could it be better? Sure! But I think DDG is exaggerating here. We're not _that_ bad.
This is kind of deceptive. Approving location data to be saved or used during a web search is not the same thing as approving location data to be used for advertising and product personalization. Same with contact information, same with browser history, same with search history and unique IDs.
Also, none of that data is harmless.
> I think DDG is exaggerating here
Google shouldn't be basing advertising off of individualized browser histories in the first place, I don't think it's an exaggeration to call that a massive privacy issue. It's a single category, but one that encompasses basically everything you do online.
And while you can technically turn this off in Google settings, doing so will break a large number of Google products and features in other apps because Google ties access to browser histories and app data into other products in a way that is impossible to disentangle from normal functionality.
Back when I used to use Google Maps, turning off location-based advertising disabled my ability to save locations. Like, I couldn't mark a place on the map as my home on my local device unless I gave Google permission to advertise to me based on my location. Every time I wanted to navigate there, I needed to type in the full address. Even weirder, turning off web history took away my ability to use voice commands with my contact list on Android phones. I couldn't tell my phone "call mom", because that feature required access to my search history.
So this phrase "we're not that bad" creates this impression that Google isn't perfect but is still basically respecting privacy choices everywhere, and that any violations are just accidental -- when in reality trying to opt out of these systems is met with outright hostility from Google products, and giving an inch in any area is often interpreted by Google as permission to use that data in any way they see fit.
The system is a lot deeper and more deliberate than the parent comment suggests.
> location data to be saved or used during a web search
Does location data even help with relevance?
During road trips in 2018, location relevant results were turrible. Too many times I'd have to manually add my current location. eg "dog parks albuquerque nm" Sorry, no, I don't care about Dog Park Pub and Office Supplies in Duluth MN. Absolutely enraging.
Ya. My guess is that proper nouns are weighted much heavier than distance when displaying results. I also guess that indexing of stuff gets worse in smaller markets.
I vividly recall wanting to pick up some flowers while driving north of Phoenix. Google was useless. No local businesses. Just national chains and stuff from other time zones. Infuriating.
It turns out, solving the problem of being an assistant device approaches the "AI complete" boundary, and the set of data interconnections needed approaches "arbitrary." Hence, the interpretation that the data should be usable as Google sees fit.
> It turns out, solving the problem of being an assistant device approaches the "AI complete" boundary, and the set of data interconnections needed approaches "arbitrary."
Wait, why do you say that? There's nothing inherent to the way that assistants work that mean that they need full access to everything in my life.
Human beings are "AI complete", but when I go to the library and ask them to help me find a book, they don't demand that I show them my phone contacts first. Data access and intelligence are separate concepts.
And Google's voice assistant could figure out what phone number I mean when I say "call mom" without doing anything involving AI at all, because I actually explicitly put that information into my address book in machine-readable, labeled fields. The assistant doesn't need to have an advanced AI to solve that problem, and it certainly doesn't need to look at my search history.
But beware, Chrome's lead on render speed is most likely thanks to the performance data they collect.
Any other browser you may choose might not collect that data, but don't be surprised if it halves your battery life and takes twice the time to render stuff (such as Firefox in macOS about 6 months ago, don't know how it performs now).
There are reasons for data collection, and I don't think everything is used for malitious intent, which is DDG's point.
>There are reasons for data collection, and I don't think everything is
used for malitious intent, which is DDG's point.
That is not DDG's point at all. Their point is right in the linked tweet - "Spying on users has nothing to do with building a great web browser or search engine."
I think it opens many file pointers and keeps them open. Trying to run chrome with anything that has io operations on an older machine and you can see how chrome hogs resources.
If you chose to allow Chrome to know your location, so it can show you on the map, do you consent to have your location tracked continuously and associated with your Google account?
That Q&A is very careful to avoid stating that location data is not sent to Google when "location history" is turned off. You really think that by flipping a switch on your account page, they are going to start discarding some of the data they are sent from client devices?
But would people necessarily associate "I gave Chrome the OS-level location permission, so I could enable location on <non-Google website>" with Chrome itself tracking the location and connecting it to a Google account?
I have long ago turned all of Google's activity tracking preferences off and erased the existing activity, yet once in a while some Google service reveals to me that it knows something it shouldn't.
Google Takeout is a good way to find out all the things you thought you deleted, but are still hanging around on their servers. Even stupid banner photos from PicasaWeb and G+ 8 years ago were buried in my Takeout that I had zero access to see or delete, but they were there (and probably still are).
The interesting thing is the failure mode if you don't agree to continuous tracking. Google uses the last place it was allowed to track you to instead of allowing the user to specifically enable a location update for "near me" queries to maps or the assistant. It may not be meant as one but it feels like a dark pattern, particularly when you can tap an icon to update your position in maps but any "near me" requests still go back to the last tracked location.
When you access DuckDuckGo (or any Web site), your Web browser automatically sends information about your computer, e.g. your User agent and IP address.
Because this information could be used to link you to your searches, we do not log (store) it at all. This is a very unusual practice, but we feel it is an important step to protect your privacy.
If they don't store IP addresses then (I believe) they can't use wifi-router-based methods to find your location. Your browser also doesn't get a popup asking to give ddg your location.
So yeah I stand by my link and my interpretation of it.
It's actually annoying, you have to go turn on a setting somewhere. I've had a few folks frustrated with this, I think for most users if they give google access to their location they expect google will remember it.
Fair point, I do believe we shouldn't live in a world where we have to continously watch what flags has our software enabled, but I guess I'm someone who's always alert (or at least that's what I tell myself).
At this point, I think mine is more of a nihilism towards this as I cut everything at the only reliable level: the network.
But even then, I've hammered myself way too much over privacy, and it didn't make me any happier, since, at the end of the day, if anyone wants to track you, they'll track you.
I also think that data that might be harmful to a user because it could record them breaking a law should be thought of differently than data that could be harmful when used maliciously by a third party. Even allowing for the often oppressive and unfair application of the law, data that is harmful to the user when sent to the authorities should be considered differently than other data because there is obviously a balancing question around relative harms to different parties. If you witness a crime, reporting it might be good, but it isn't always.
I wasn't saying what we should do[1], just saying that if the reason data collection hurts a person is that the data is evidence of a crime then the situation involves more than just that person and we should think about it that way. It stops being enough to say that we should avoid all harm to the user. Instead, we need to ask if the harm to the user in recording the data might prevent or address greater harms.
[1] Personally I feel like providers should be legally barred from doing anything other than responding to warrants for information related to a real person and they should, in that case, be prevented from including any information linked through statistical imputation.
Consider the UK is right now [0], as we speak, passing a bill that forces an ISP to hand over browsing data, without a warrant, to non-law enforcement agencies (a list of which is in the source below). Agencies like the DWP (who handle unemployment, and have been subject to much criticism on how they make decisions and handle clients) will have warrantless access to browsing data for specific people.
A little far fetched, but if you're employed by one of those agencies, your boss (or bosses boss etc) can access _your_ data, find out how often you're googling basic information and use that information against you.
Since I didn't explicitly say it, I'm not okay with giving out browsing history and 100% stand behind privacy controls and laws that prevent this completely.
thank you. unfortunately your comment was frustratingly indistinguishable from the "i've got nothing to hide" fallacy often seen in comment threads like this. when there's no way to tell you're being humorous, your language does the work of someone being serious.
as the tumblr kids say, satire requires a clarity of purpose and target lest it be mistaken for and contribute to that which it intends to criticize.
Most people are not at risk for being unjustly harmed by law enforcement due to their online data. The people that are at risk are outliers, and still worthy of concern.
Our company has decided we no longer need whiteboard interviews as we just contract with Google for candidates' search history (filtered for technical issues only of course!).
(In case anyone thinks google sells search history retail: this is a joke...at least for now).
They wouldn't sell browsing histories; that data is a valuable asset. They would follow the model used by most "AI" products: an "AI"/"smart" service that launders candidates' history data into an opaque score. The hiring company's workload is reduced to mapping a score value onto their hiring plan, and Google will make a carefully worded claim that they are not selling personal information.
Sometimes I worry that after all the concerns about data collection, and even if most people would say they don't want to give up that data in a survey. But:
When presented with a screen that's hiding a silly cat picture they would just instinctively would click "I agree" 99 times out of 100, and at that moment, and maybe most, they really don't care...
Hot take: why the duck would you need all that info? Stick to the ducking results and show clearly marked ducking sponsored results based on search keyword, not the shadow avatar of me you're creating one "harmless" bs at a time.
Is there anything that _cant_ be better? I'm sure as engineers we can all come up with proposed improvements on pretty much anything. :)
>But I think DDG is exaggerating here. We're not _that_ bad.
The point (that DDG is making, paraphrased here) is spying on the user is not necessary to build a great browser/search engine. Do you disagree with that? I don't.
I agree. The word "spying" is thrown around a bit loosely. I suspect most users are oblivious, but the information is there to see; the choices are there to make.
That said, I have to make a conscious choice to avoid Google data collection wherever I can, but I still end up using many Google products. I was more accepting when data collected was silo'ed in individual Google services. Now that those barriers are down [1], it will probably take government intervention to re-isolate key platforms (like Chrome, Android, Youtube, Search, Ads, Maps, etc.)
For a first step these labels are okay but I would like for the developers to have to provide more details on the what/why/whatfor for all these points to settle exactly this dispute.
I think a critical view is important to prevent further advancement in privacy violations. If we are all okay with Chrome now, they're likely to include more privacy violating data collection in the future. A critical view doesn't necessarily mean the product is bad (it's very good at its job), but it is important to understand how much of our data we're allowing to be collected, especially when the user approves of it mindlessly (we've all been there).
Location data is sent by default to the default search engine and there's no way to disable that unless you deny location permissions from the OS to Chrome. If you want to use a map and give permission only to that (Bing maps for example) you have to allow Chrome to gather location data which will also be sent to the default search engine (usually Google). There's only the illusion of choice there (you can change the default search engine and send location data somewhere else though).
I am in agreement. You can choose not to log into Google from Chrome, for example. I don’t think Chrome misleads when it collects these specific information. Where it collects, it’s obvious— I didn’t see anything in the OP picture that was a surprise/hidden collection.
Under no circumstance do I want my browsing history being sent to a server. That's a pretty black and white issue being violated here. Extremely anti-user.
It's not remotely "anti-user". I want my browsing history sent to a server. I want that history available from all my devices. I suspect most users want that as well. I love it that on Chrome iOS I see history from my desktop Chrome. Even Firefox has this feature. Nothing "anti-user" about it
It's extremely anti-user. There is zero reason for this data to be passed unencrypted to Google, other than for them to spy on you. It would be trivial to implement syncing in a way that didn't expose all of your browsing habits to a spyware company.
Chrome's the fastest browser on the market. That, along with some nice marketing strategy is what makes it the absolute market leader.
The reason Chrome is so fast, is most likely thanks to the performance (harmless) data it collects.
Firefox may be proud of not collecting as much data, but (at least on macOS) they spend twice the battery to render twice as slow.
Not saying you shouldn't be able to choose what data you're collected (which, you are) but there are reasons (not necessarily evil) to get that data to the devs.
Please... 90% of users don't even know what web browser they are using. I can't count the number of times I've gone to someone's house to fix their computer, and they don't know what Internet Explorer or Chrome is. They just know what icon to click to get to the internet.
What makes it the absolute leader is the void left by a dismal IE, and a completely lost Firefox, a few years back. Today's lead is coasting. I don't know OSx, but perceived performance in Linux/Windows is not any better than today's Firefox/Chromium derivatives, if any at all.
You keep saying "harmless", and keep missing the point. If you don't want data to be used against users, don't collect it. And use explicit opt-in for everything.
This argument is like the classic _well, if you haven't made anything wrong, why do you care if the state collects that much info about you?_. The problem is not being harmless today. Is that, when the moment of being harmful come, then it's too late.
Today's lead isn't remotely "coasting". All you have to do is read the list of new features added every release. If Chrome was coasting that list would be empty.
"nice marketing strategy" is I think a fairly strong euphemism for the ways in which Google has its tentacles in absolutely everything. From Android to search to identity through a google account, gmail, and so on.
The browser itself is trivial to separate from Google, which is why (completely ungoogled) Chromium exists, but to get yourself out of the Google services web is very, very, hard.
Any company would have to comply with the data that they held, perhaps, which is precisely why this comes up when suggesting that perhaps they should have a little less data in the first place.
Half the data Chrome collects is harmless, and the other half is up to the user to give up:
- Location data: you are asked and must approve for Chrome to use (at least on macOS) - Financial data: you must enter it manually and click "save for future use".
Could it be better? Sure! But I think DDG is exaggerating here. We're not _that_ bad.