[HN Gopher] Google misled consumers about the collection and use...
___________________________________________________________________
Google misled consumers about the collection and use of location
data
Author : Khaine
Score : 498 points
Date : 2021-04-16 10:36 UTC (11 hours ago)
(HTM) web link (www.accc.gov.au)
(TXT) w3m dump (www.accc.gov.au)
| fblp wrote:
| I worked for the ACCC from 2008 and 2011. I'd like to share some
| more context on the ACCC and Australian legal system that may be
| of interest to HN readers.
|
| The ACCC is an independent authority empowered to enforce
| Australian Consumer Law (ACL) which contains consumer protection,
| completion product safety, anti-trust (competition) and other
| adjacent laws. It is most similar to the Federal Trade Commission
| in the US.
|
| The ACCC leadership are commissioners who are appointed based on
| input of federal and state governments. The appointments tend to
| be "non-partisan" with the current chair leading the organization
| for 10 years (with 3 term renewals under multiple governments).
|
| The ACCC has been taking action against Google since mid 2000s.
| The last case against Google that they won was in relation to
| consumers being misled about what were advertisements vs native
| results. [1]
|
| The main provision of law protecting Australian consumers that is
| invoked in these cases is s18 of Australian consumer law that
| states: "A person [or entity] must not, in trade or commerce,
| engage in conduct that is misleading or deceptive or is likely to
| mislead or deceive."
|
| Laws with this wording have existed in Australia since the the
| 1970s.
|
| This law is enforced widely and there are also state agencies
| that enforce similar laws. All kinds of industries have received
| enforcement action ranging from retailers to supplement
| providers. As far as i know it's one of the but most broadly
| enforced consumer protection laws in any country.
|
| The ACCC won a case against Apple under this same law in 2018 for
| misleading consumers about their warranty rights after third
| party repairs were done. Apple was fined $9 million dollars.
|
| The action against Apple included 254 complaints from customers
| impacted. You can literally call or email the ACCC to log a
| complaint about any business and it will use this complaints to
| identify patterns of misconduct thst then enforce enforcement
| priorities.
|
| The ACL currently limits penalties to $10 million per
| contravention for corporations. Only parliament can increase thst
| limit amending legislation. Individuals can also be fiend up to
| $5million.
|
| Litigation is typically the last resort, and businesses have many
| oppurtunities to resolve or settle the matter. I am not in any
| way privy to this case, but typically a remediation action the
| ACCC seeks is notifying and posting notices that it engaged in
| misleading conduct, sometimes with a way for the consumer to seek
| a remedy. It's likely Google was not willing to do this without a
| fight.
|
| Individuals and businesses can also privately take action if they
| were misled or deceived.
|
| The Australian Court system that enforced this law is also
| relatively non-partisan. The australian government and judicial
| system was formed relatively recently - in the late 1800s and
| there was a strong intention to prevent political patronage in
| tbe public service and court system. [2]
|
| Australian Consumer law also has other specific protections that
| i like such as requiring businesses to make the price the
| consumer has to pay most prominent (as opposed to making the
| price exclusive of taxes and fees most prominent).
|
| The ACCC has just under 1000 employees and a small team would
| have worked on this case with support from outside lawyers.
| Congrats to them and hopefully this will encourage Google and
| other vendors to be more thoughtful about their data collection
| opt-ins.
|
| [1] https://www.australiancontractlaw.com/cases/google.html
|
| [2]
| https://www.aph.gov.au/About_Parliament/Parliamentary_Depart...
| mdoms wrote:
| ACCC is utterly toothless. They issue these pathetic fines but
| the behaviour continues. Yes you may have issued Apple a $9
| million fine but it is commonly known that Apple stores in
| Australia openly flout Australian consumer laws. I would be
| embarrassed to admit I had ever worked for ACCC in any
| capacity.
| shadowgovt wrote:
| Does anyone have a source for additional information on the
| mechanism by which Google is collecting location data when "Web &
| App Activity" is turned on? Is that permission giving access to
| the location API in the browser?
| bagacrap wrote:
| this article from 2018 has a bit more detail. What it boils
| down to seems to be that if you use search or maps to look for
| something local, say a restaurant, Google will remember that in
| your search history, which connects you and your location.
|
| https://www.abc.net.au/news/2018-08-17/google-makes-changes-...
| gman83 wrote:
| There's no way this is what this is about, no? This seems
| totally fine, whereas the article makes it seem like they
| were actively tracking your location while telling you they
| weren't.
|
| If this is it then I disagree completely with the ruling.
| _underfl0w_ wrote:
| The problem is that this wasn't the _only_ way they were
| gathering this info, and that they misled consumers by
| allowing them to turn off a setting that supposedly stopped
| this kind of tracking, while still continuing to track due
| to a different setting defaulting to "on".
| shadowgovt wrote:
| Did some digging. Details are a little fuzzy, but I think I
| see why the Australian courts had a problem with this.
| Here's one blog post that expands on the topic from a
| couple years back: https://rise.cs.berkeley.edu/blog/the-
| right-to-not-be-tracke...
|
| Google isn't just making an educated guess about where you
| are based on what you searched for... It's making an
| educated guess based upon what its servers are allowed to
| know about your query. It's unclear to me whether all the
| data Google collates is published anywhere public, but this
| includes things like originating IP address and headers
| sent in the request that can be inferred to be locale-
| relevant.
|
| For example, looking at my own search history, Google's
| real certain it knows when I'm doing queries from "home"
| (perhaps because I told it my home location in Maps and
| it's correlated requests from a specific IP address with
| that location, perhaps because Google's fabric is huge and
| it can disambiguate origin of request based on where the
| request enters the network, perhaps because I registered
| Google appliances at "home" that are on the same network).
| Key idea is: none of those are _technically_ "Ask the
| device for its GPS state and cache it," so none of them are
| controlled by disabling Location History.
|
| If the Court is arguing "you can't claim you aren't
| tracking location by making 'location' a technical term and
| then combining several other pieces of state to estimate
| someone's geographic point of origin for a web request," I
| can see that argument.
| [deleted]
| treelovinhippie wrote:
| And I'm guessing the fine will be something abysmally small. Fine
| them $5B: $2.5B in taxes (since they don't pay their fair share)
| and $2.5B in class action distributed to affected users.
|
| In 2020 they made $4.8B in revenue locally in Australia but ran
| most of that on the books through Singapore. Dodgy.
| https://www.abc.net.au/news/2020-05-18/google-pays-more-tax-...
|
| HN'rs will upvote posts/comments on Google taking away privacy.
| But mention that Google should be paying their fair share of tax
| in the country they extract those revenues from or be punished in
| proportion to their revenues for severe consumer rights
| violations... downvotes. Pathetic.
| mdoms wrote:
| You can't "fine" someone "tax". What does that even mean?
| austhrow743 wrote:
| There's no way we're worth $50B to them.
| wisdomdata wrote:
| the question is, are the downvoters paid or incentivised to do
| so? we will never know.
| therealbilly wrote:
| Google and FaceBook received funding from the US government in
| the early years of their existence. I think we all know why. All
| that information being collected was/is of massive importance.
| izacus wrote:
| The important parts:
|
| > The Court ruled that when consumers created a new Google
| Account during the initial set-up process of their Android
| device, Google misrepresented that the 'Location History' setting
| was the only Google Account setting that affected whether Google
| collected, kept or used personally identifiable data about their
| location. In fact, another Google Account setting titled 'Web &
| App Activity' also enabled Google to collect, store and use
| personally identifiable location data when it was turned on, and
| that setting was turned on by default.
|
| > The Court also found that when consumers later accessed the
| 'Location History' setting on their Android device during the
| same time period to turn that setting off, they were also misled
| because Google did not inform them that by leaving the 'Web & App
| Activity' setting switched on, Google would continue to collect,
| store and use their personally identifiable location data.
| mikeiz404 wrote:
| I'm curious, does anyone know if the location data collected
| under "Web & Activity Data" is derived from GPS, WiFi, and/or
| IP data?
| ehsankia wrote:
| I assume it would be whatever you gave the specific app. If
| you search for "weather in [your city]", they might get
| either that or ip data. If you share your GPS to get your
| weather, then they get that.
|
| Unlike Location History, which is a specific feature that
| keeps a history of your location, Web & Apps activity is just
| that, activity from Google websites and apps. Said activity
| may include location data depending on the app or website.
| ocdtrekkie wrote:
| This is a gross mischaracterization of what occurred, of
| the level of falsehood that Google itself is being punished
| for:
|
| "That isn't true. Even with "location history" paused, some
| Google apps automatically store time-stamped location data
| without asking.
|
| For example, Google stores a snapshot of where you are when
| you merely open its Maps app. Automatic daily weather
| updates on Android phones pinpoint roughly where you are.
| And some searches that have nothing to do with location,
| such as "chocolate chip cookies" or "kids science kits",
| pinpoint your precise latitude and longitude accurate to
| the square foot and save it to your Google account."
|
| https://www.theguardian.com/technology/2018/aug/13/google-
| lo...
|
| Yes, Web and App Activity both includes location data still
| collected despite Maps being told not to, or when
| obviously-location-specific information like Weather is
| being retrieved, but also when unrelated searches are made
| for ad targeting purposes. Basically, every unrelated
| bloody app would collect your location, and since your
| Google phone is running 20 some-odd Google services, they
| still had a pretty good location history, even when your
| location history was completely off.
| bagacrap wrote:
| the Guardian coverage is less editorialized. Here's the judge's
| actual words:
|
| "Google's conduct would not have misled all reasonable users in
| the classes identified; but Google's conduct misled or was
| likely to mislead some reasonable users within the particular
| classes identified.
|
| "The number or proportion of reasonable users who were misled,
| or were likely to have been misled, does not matter for the
| purposes of establishing contravention."
| notRobot wrote:
| Well, shit. I've definitely been misled by this exact thing.
| Fuck Google.
| stjohnswarts wrote:
| The google agreement seems to break the "reasonable person"
| aspect of laws that I learned in college. It's not reasonable
| to have more than one place to shut off geolocation/tracking
| and the court decided this in the obvious way. Google should
| be fined heavily for such evil bait-and-switch tactics. Not
| only are they not avoiding "evil" they're embracing it the
| past decade or so.
| wlesieutre wrote:
| Fun fact: if you turn off "Web & App Activity" tracking,
| Google won't let you set a Home or Work address in Maps!
|
| https://twitter.com/jonathanmayer/status/1044300922149588993
|
| https://support.google.com/maps/answer/3093979
|
| _> Fix problems with home and work in Maps_
|
| _> To use home and work when you search or use directions,
| you must turn on Web & App Activity. If can't find home and
| work in Maps, learn how to turn on Web & App Activity._
| GoOnThenDoTell wrote:
| I was always annoyed by that, it feels like low level
| malicious compliance: "see? not storing anything, anything
| at all"
| Cerium wrote:
| Indded it feels like that. It's like you are paying with
| your data and here is where you choose the plan you want.
| Oh, you don't want the pro plan but would rather the free
| plan? It has less features.
| laurent92 wrote:
| Are you sure you want Google to have definitive answers
| for "Work" and "Home"? I know they already infer it by
| tracking overnight location; but
|
| - When I type "Ho" in GMaps it will first suggest all
| businesses -- "Ho... Home Depot? House Garden? Horror
| House (375km)?" then cities ("Ho... Chi Minh City,
| Vietnam?") and, after many tries, "Home", the real.
|
| - I had Web Activity and Location History registered, in
| France but English with a address for "Home",
|
| - I was using it for every return trip; They could have
| suggested by default without typing anything; Clearly
| they optimize to promote businesses or other usecases
| first, not convenience.
|
| - I ended up putting a Label "XKDJF" on my home, which is
| more convenient (until a city starts with "XK" - hoping
| Elon Musk will not name a city on Mars this year).
| wlesieutre wrote:
| _> Are you sure you want Google to have definitive
| answers for "Work" and "Home"? I know they already infer
| it by tracking overnight location; but_
|
| I would say the root problem is that supplying any
| information to a Google app is by default assumed to mean
| "This should be uploaded to a persistent profile of user
| data."
|
| They could just let me set a Home and Work location on my
| phone and leave that data on my phone (regardless of
| tracking preferences), or they could store it in a more
| private mechanism with a key that lives on your device
| (see Chrome bookmark sync), but they choose to not do any
| of that.
| mediumdeviation wrote:
| Another fun limitation - apparently for my Pixel phone to
| remember I prefer my temperature in Celsius, Google also
| needs "Web & App Activity" tracking. In other words Google
| wants my whole location history when using Google apps just
| to remember my preferred units.
| Spivak wrote:
| I doubt this is some malicious compliance thing and more
| that they don't want to do per-device settings basically
| ever.
| ruined wrote:
| yeah i'm sure they have some technical justification for
| it but i know it's trivial so why should i care? it's an
| intentional refusal
| [deleted]
| foobiekr wrote:
| I have worked for some insanely political companies and
| this just made me laugh. That's a genius application of a
| dark pattern/malicious compliance "nudge."
|
| I hate that companies that work this way are some of the
| biggest and most powerful on the planet, but it's also
| darkly funny if your humor runs to Kafka or Dante...
| wsinks wrote:
| And because I've been watching a lot of FFVI lately, if
| your humor runs to Kefka...
|
| /low brow comment
| FigmentEngine wrote:
| and so i type me home postcode every time i do a route -
| and it reminds me its' my data and not google'$.
| Jordrok wrote:
| Yeah, I really hate that. One workaround is to temporarily
| turn on the setting, set your home and work locations, then
| immediately turn it back off again. It will keep the
| locations and allow you to use them, you just can't change
| them unless you turn the Web & App activity setting back on
| again.
| bushbaba wrote:
| Google has really adopted the worst of Microsoft. And
| Microsoft adopted the best of google.
| greyhair wrote:
| Which is why I wish Microsoft would release an updated
| Windows Phone 10. I know it never captured "mind share",
| but find someone that actually used Windows Phone for over
| a year as their main phone, and ask them how it was. My son
| and I each had Nokia phones running Windows phone, as
| "insiders" updated to Windows Phone 10. The UI was actually
| quite nice. The lack of apps is what hurt it, though Here
| maps was pretty good.
| beauzero wrote:
| I second this. The apps that were missing for me are the
| ones I don't use anyway. I want navigation, a phone, text
| messaging, and a browser without having to disable
| preinstalled facebook services and other stuff I have
| been "gifted" by purchasing.
| simiones wrote:
| I share the love of Windows Phone 10, but as someone who
| (used to, before Covid) travel around Europe, the lack of
| apps really hurt access to public transport and even some
| cultural experiences (museum companion apps). HERE Maps
| was also way behind on public transport data for anything
| outside major capitals.
| laurent92 wrote:
| > The lack of apps is what hurt it
|
| Not sure the market would react the same.
|
| Many people are fighting phone addiction. Rich people
| want their kids off the grid. Lacking apps could be a
| feature in a more mature market.
|
| Rich people could display wealth (better the children not
| be seen with a crappy phone) with a great UX, while at
| the same time being exempt from the dopamine addiction.
| Now that we know what we pretty much do on a phone, we
| could create a phone with all main apps hard-coded and it
| would fulfill the necessary needs.
| 1_person wrote:
| Windows Mobile was the pinnacle of the smartphone
| experience.
|
| The release of the iPhone imo was the Eternal September
| of the mobile experience in so far as it was the tipping
| point wherein a demographic of users who didn't even need
| to be convinced that yielding full and openly adversarial
| control over the hardware to the network operators and
| advertisers became an uncontested majority.
|
| They came with a text editor, a calculator, and a file
| browser out of the box -- can this generation even
| imagine not having to run the app store gauntlet of
| monetization and fraud to Open Files, I wonder?
| jodrellblank wrote:
| What use cases does "opening files" have which isn't
| addressed by iPhone's built-in apps and at the same time
| doesn't involve any risk of using a random third party
| app that has to be sourced from somewhere like an app
| store?
| 1_person wrote:
| The Cartesian product of the set of all use cases of file
| storage excluding those for which the iPhone does include
| an app; and the set of all methods that distribute the
| content of an app with verifiable authenticity and
| authorship excluding all methods which are "like an app
| store"
| jodrellblank wrote:
| You can get a good app from an original developer using
| an appstore. The problem you described is not that
| genuine developers cannot share their apps, it's that
| users are taken in by fake apps pretending to be genuine.
|
| If it was the norm to download a signed binary from a
| random website, random websites looking genuine and
| offering genuine fake signed binaries would be the norm.
| "Are you sure you want to install Adobee PhotoShop?
| (Signature verified!)"
|
| "No mom, Adobe PhotoShop!"
|
| "I have Abobe PhotoShop, Adode PhotoShop, Adobe
| PhotoShop, PhotoStop by Adobe"
|
| "Mommmmm"
| ocdtrekkie wrote:
| A file system isn't the greatest design from a security
| standpoint, but the Apple model is particularly limiting
| if, for instance, you want a library of data to be
| available to one app, and then later available to another
| app. You'll notice the iPhone cheats in this regard, by
| providing generic system libraries for photos and
| contacts, but if you say, have an ebook library, and want
| to switch reader apps, you'll have a bad time.
|
| It would probably be better to have a system of secure
| file buckets, where you could create them arbitrarily and
| choose to allow access to any bucket to any app, rather
| than permit open access to the file system as Android
| traditionally has done.
| stjohnswarts wrote:
| It would be nice if directories would allow you (via
| metadata?) to add an App to allowed "apps" on a per app
| basis, or at least let you create such a folder so that
| you would have to interact and opt in apps. Most users
| would never need it but power users certainly could use
| something like that.
| FourthProtocol wrote:
| Nothing comes close to Windows Phone usability. Not even
| today. Just turning Do Not Disturb on Android on or off
| is more frustrating than threading a needle. I wish
| they'd bring it back.
| dhosek wrote:
| Hmm, on my iPhone, I swipe down from the top right corner
| and tap on the moon icon to turn do not disturb on or
| off. Maybe it's not that Windows Phone was so great but
| that Android is not so good?
| rightbyte wrote:
| Didn't Iphone even have switch for that earlier?
| amelius wrote:
| I'm guessing that a literal slap on the wrist of the CEO,
| executed by a random internet user would hurt more than the fine
| they would get for this.
| hyperpallium2 wrote:
| Being found guilty of misleading cinduct hurts trust in their
| brand.
|
| Because it's easy to switch search engines, public relations
| are a key economic moat.
|
| Although now, Android being so entrenched makes a deeper moat.
| However, as google can't help itself from increasingly screwing
| users, it creates space for new entrants.
| Khaine wrote:
| Penalties have not yet been decided. Lets hope the Judge is
| brave and sticks it to them as an example to all slimy
| companies who trade on PII and lie about it.
| parhamn wrote:
| People say this frequently. Is this true? I always assume the
| fine establishes the illegal behavior and awareness of it for
| both parties and Google would be forced to correct the behavior
| regardless of the fine's size.
|
| Were they to do it again or resume the behavior after the fine
| I assume the charges would escalate and eventually become
| criminal, hence companies curb their behaviors.
|
| While this does create a 'get fined first' mentality, it does
| mean that good regulating could curb bad behavior. Am I wrong?
| ClumsyPilot wrote:
| "eventually become criminal"
|
| They've been breaking the law for over a decade, has abyonw
| gone to jail?
|
| And before someone says: "those instances were different
| law/etc", please remember that you will bot avoid jailtime if
| you rob the bank three different ways. Commiting crimes one
| after another makes sentences more aevere for an individual
| even if you broke totally different laws.
| heymijo wrote:
| Yes, recognizing fines as a cost of doing business is well
| recognized in corporate law.
|
| These legal scholars even hypothesize that there might not be
| a big enough fine to deter illegal behavior from
| corporations. [0]
|
| Your idea of escalating punishments doesn't take into account
| corporate influence of legislation and regulatory capture.
|
| [0] https://clsbluesky.law.columbia.edu/2020/03/18/the-cost-
| of-d...
| amelius wrote:
| The only punishment that works is to take away their brand.
|
| Which is also an appropriate punishment given that brands
| are about trust.
| schmorptron wrote:
| I'm still in favor of throwing the CEO, CFO, Board of
| Directors and highly invested members of the Board of
| Investors in jail for grossly unethical business
| practices & gross privacy invasions.
| simiones wrote:
| That would annoy consumers more than it would hurt the
| business. Do you think people would stop buying the Apple
| iPhone if tomorrow it was called the Pear jPhone?
|
| The name part of a brand is valuable, but it doesn't
| really define the brand, especially for huge brands like
| Google.
|
| A bigger punishment perhaps would be if they allowed
| competitors to use the brand instead - if you could have
| Apple "Google Maps" and Bing "Google Maps" and OSM
| "Google Maps" for one of these cases, but that is even
| less realistic as a possible option.
| amelius wrote:
| How about: if a judge found that Google screwed their
| users then their trademark/logo is extended with a dagger
| symbol, which warns users about the company's behavior:
| Google+
|
| And the next time they break the law, another dagger is
| added: Google++
|
| After three daggers, the trademark is gone.
| bushbaba wrote:
| That would be interesting. Like the google maps trademark
| is no longer valid in Australia and google must stop
| using it immediately.
|
| That would actually be a huge punishment.
|
| Especially if they blocked the domain as well -
| maps.google.com
| NewLogic wrote:
| Don't have to look too far to see regulatory capture in
| action. Facebook pulled all news in Australia [0] to fight
| a (bad) link-tax legislation and "won". It was politically
| untenable.
|
| [0]
| https://www.abc.net.au/news/science/2021-03-03/facebook-
| news...
| seesawtron wrote:
| Haven't companies like Google been fined enough in the past
| alerady and despite that they have made little effort to
| conform to the data privacy measures? Instead they have
| enabled alternative ways for tracking (eg. recent FLOC
| debate). Once the right to privacy (online or otherwise)
| becomes fundamental, such violations of privacy, consciously
| or otherwise, by the private companies will fall into illegal
| activities prosecutable with imprisonment like it is done atm
| for insider trading and so on. This will create a substantial
| sense of responsibility in everyone working on any aspects of
| user data.
|
| The lack of a direct way to measure how much profit in $$ a
| company made in the past decade because of a single privacy
| violation makes it an arduous task for prosecuting agencies
| to decide the amount of fines and/or prison time.
|
| A multivariate regression using do-calculus might help, could
| be an interesting graduate project.
| [deleted]
| mtgx wrote:
| In fact, in a lot of cases, these companies "settle" with the
| government, pay a fine, but they DON'T EVEN HAVE TO ADMIT
| WRONGDOING.
|
| Ridiculous. Honestly, it's more ridiculous that the
| government agencies accept such BS to begin with.
| matkoniecz wrote:
| It is good that they were fined. But it is absurd that
| breaking law is not criminal if done for the first time and
| in sufficiently sophisticated way.
| FreezingKeeper wrote:
| :s/misled/lied to/g
| egberts1 wrote:
| This article is not about chastising a data collector but about
| how ignorant a government can be in letting this go on ...
| unpunished.
| sldksk wrote:
| If you think this is mere ignorance, I would suggest you are
| the ignorant party yourself.
| Khaine wrote:
| I'm not sure what you mean since a government agency who is
| responsible for consumer competition and conduct took Google to
| court and won?
|
| They did their job. To challenge dodgy practices, and get
| courts to uphold the law. I'm not sure what else you want them
| to do.
| random5634 wrote:
| If you manage domains and force this stuff off your users will
| def complain.
|
| My worry is we end up w a situation such as cookie notices -
| users have gotten so used to clicking through content screens
| they don't pay attention anymore because a lot of it is
| meaningless
| Red_Leaves_Flyy wrote:
| >users have gotten so used to clicking through content screens
| they don't pay attention anymore because a lot of it is
| meaningless
|
| I suspect the goal is to manufacture consent through inundation
| of fraudulent and coercive consent agreements.
| random5634 wrote:
| Actually many are required.
|
| I had a funny situation in person recently. This place had
| consent forms - lady checking folks in would offer to sign on
| your behalf. A few folks asked what it was - a consent form -
| oh sure, please sign for me.
|
| In gsuite I guess there are some settings that can impact
| things like location - people want recent locations to pop up
| etc I learned. So anytime you make 95 percent of users click
| through stuff they don't care about - you start losing the
| battle here
| Red_Leaves_Flyy wrote:
| Consent forms force people into legally binding agreements,
| with massive power disparity, under duress.
|
| The consumer bears all the risk and the provider absolves
| themselves of any - unless one afford a lengthy court
| battle or join a class action. I suppose even more rarely a
| consumer can get, often fractional, relief through a
| government or consumer rights agency.
|
| EULAs, consent forms, and similar are a wholesale
| miscarriage of justice that causes incalculable irreparable
| harm to a staggering number of people every day. Think
| about it this way, a liability waiver at a doctors office
| is not dissimilar, in terms of bargaining ability, to an
| entry level employee's boss demanding sexual favors to keep
| their job. I have a broken arm, fix it, if the doctor
| screws up pay for all resulting costs forever.
|
| Justice, equality, and equity should never be limited to
| those with the most means.
|
| One last point to hopefully drive my point out of the park.
| Say I don't want to consent to gmails EULA, so I go and
| look into hosting my own webserver. Bad news, windows has a
| eula, okay I'll learn how to use Linux and FOSS software.
| But wait to need to connect my pc to the internet. I can't
| escape an internet providers take it or leave it eula. But
| I need email, I will get fired (lose everything in life)
| without it. So in effect I am forced, under duress, to
| 'consent' to a non-negotiable agreement that I reject with
| every fiber of my being so that I do not lose my home,
| family, and everything else.
| random5634 wrote:
| Which is why these govt type of interventions, which are
| all centered around getting more and more permissions
| from users are annoying. We will get more click through
| screens that 99.99% of users will say yes to. Seriously,
| how many users read the google ToS clickthroughs and make
| a decision based on that to not sign up with a google
| account?
|
| I turned this stuff off at policy level, and instead of
| praising me, users were pissed at me. They wanted google
| to track them. Most didn't understand why stuff didn't
| work (things like saving locations in maps break at least
| in past, and most use gmaps for work / home commute
| checks). Seriously - if you run a larger gsuite deploy,
| put all the privacy features on and watch how folks start
| trying to work around / do the shadow IT thing.
| nicbou wrote:
| And the answer is increasingly to silence the question itself
| with ad blockers.
| sbagel wrote:
| the cookie debacle really illustrated how toothless and futile
| current regulatory attemps are, the industry simply side-
| stepped the intent of the legislation and that was the end of
| it. It seems the cookie notices are annoying by design to guide
| public opinion against future regulatory attempts. "See what
| they made us do? Don't regulations stink?!"
| varispeed wrote:
| If think the regulation wasn't a point of this work, but the
| main reason this was worked on in my opinion, was to fleece
| the tax payer. Imagine how many dinners, conferences,
| experts, lawyers, contractors, researchers had to be paid
| over the years. They eventually had to come up with something
| and that's the half bottomed result. If it doesn't work?
| Well, everyone already got paid and probably now work on
| something completely different. If there is too much noise
| about this, they'll have a reason to fleece the tax payer
| again and go through years of "fixing" the legislation. This
| is when you have unaccountable organisation (EC) without any
| bodies that would and could investigate corruptions and scams
| like these.
| MereInterest wrote:
| That and an attempt by companies to continue a business model
| that is expressly illegal under the GDPR. If a company relies
| on user-tracking with assumed consent, being required to get
| affirmative and freely given consent tanks their income. And
| that's perfectly okay and reasonable for laws to do. Business
| models are not a right.
|
| But, those companies then have a choice. Option A: Accept
| that their business model relied on widespread stalking of
| their users which was never acceptable and is now illegal,
| and significantly change the business. Option B: Pretend they
| didn't notice, throw up a pop-up ignore the "freely given"
| requirement for consent, and hope nobody calls them out on
| it.
|
| Option B is a lot easier for scummy companies to do, and the
| prevalence of opt-out banners with assumed consent and dark
| patterns shows how many companies went that route.
| dTal wrote:
| >It seems the cookie notices are annoying by design to guide
| public opinion against future regulatory attempts. "See what
| they made us do? Don't regulations stink?!"
|
| I get that impression also, and doubly so for the FUD-packed
| GDPR messages. "Oh sorry, we can't legally serve this webpage
| to you, EU resident, because of the atrocious GDPR! (because
| it's full of spyware which the GDPR forbids but we won't say
| that part out loud)"
|
| For what it's worth, I do think the GDPR messages are raising
| awareness in a way the cookie warnings were not, in part
| because some websites use dark patterns to get you to "agree"
| and others do not, and people are starting to smell the
| bullshit. If nothing else, the laundry list of trackers the
| websites are required to tell you about is a real eye-opener
| to the layperson who doesn't run uMatrix.
| 4cao wrote:
| Ironically, the ACCC website also attempts to load a script from
| *.google-analytics.com.
| fnord77 wrote:
| quel choc
| williesleg wrote:
| Sounds like another pointless congressional hearing coming up.
| buggythebug wrote:
| In other news, shit stinks.
| sunsipples wrote:
| "The ACCC is seeking declarations, pecuniary penalties,
| publications orders, and compliance orders. This will be
| determined at a later date."
|
| pecuniary penalties differ from fines and depending on where they
| are taxable could be a deduction :/
| varispeed wrote:
| Google, Facebook and other companies, in my opinion, are allowed
| to continue ignoring the law, because they provide valuable
| information to various services. They are essentially an enormous
| network of unwilling spies / informants. If the data they (in my
| opinion) provide wasn't useful, they would have been shut down
| long time ago.
|
| Other thing is why even publish materials like this and what's
| the point of such commissions if they are toothless?
|
| Isn't that a massive waste of tax payer money?
|
| In many countries government creates various commissions to be
| able to give family members and associates well paid bogus jobs
| or pay for favours (if you vote for X, we will give a job to your
| wife's sister) and so on. Other reason is also to tick boxes -
| when asked by unscripted journalist about something, they can say
| look we care about this, we setup a commission...
| gatlin wrote:
| It's definitely an artifact of my personality but I don't get
| the sense they are unwilling, though I imagine they would be
| coerced anyway and you could certainly start a discussion about
| how meaningful their consent would be in that context.
|
| I'm a broken record but the profit motive is what will always
| always always enable this: people depend on this machine for
| their livelihoods and are only personally responsible for a
| negligible, ignore-able portion of its activities. Path of
| least resistance in a world of friction is these companies will
| continue to act with an agenda even its employees might
| disagree with (if that isn't fault tolerance though idk what
| is!)
| gigatexal wrote:
| Is anyone surprised?
| Majestic121 wrote:
| > https://news.ycombinator.com/item?id=26832412
|
| Yes, I'm surprised that the "Web & App" permission also gives
| access to my location when there's another permission called
| "Location history".
|
| Are you not ?
| 1_person wrote:
| I'm personally more annoyed that even with GPS disabled and
| denied to all applications Google Play Services enables it
| and samples the location randomly.
|
| It even brags on the status screen that it's doing it, like
| Google grabbing your lunch money and asking what you're going
| to do about it, punk?
___________________________________________________________________
(page generated 2021-04-16 22:01 UTC)