[HN Gopher] Google keeps records of everything you buy, even if ...
___________________________________________________________________
Google keeps records of everything you buy, even if you delete the
email receipt
Author : decrypt
Score : 570 points
Date : 2021-09-23 16:37 UTC (6 hours ago)
(HTM) web link (mastodon.social)
(TXT) w3m dump (mastodon.social)
| jrochkind1 wrote:
| I don't understand what I'm looking at. What is this showing?
| lizknope wrote:
| I remember when Google Mail launched on April Fool's Day in 2004.
| I thought the 1GB of storage for email was a prank because it was
| a huge amount to offer for free.
|
| I made an account just to try it out but then I saw all the
| advertisements it added. Seeing ads based on the content of my
| email was really creepy. I stopped using Gmail and now I pay
| Fastmail for my email. It seems worth it to me.
| packeted wrote:
| Are google workspace accounts treated the same? I have several
| fill me domains hosted with Google duo curious if this behavior
| tracks over to their paid products
| antattack wrote:
| I am pretty sure Microsoft is doing the same.
| gsich wrote:
| Of course, there is/was a feature that showed you your recent
| transactions, delivery notices.
| darthvoldemort wrote:
| I wish I could pay $20/month for Gmail without the spying and
| data collection, actual customer support, with a guarantee that
| my account wouldn't get locked because of one of their fucking
| mistakes.
| rubyist5eva wrote:
| fastmail is a fantastic email service, and much cheaper than
| that.
| lom wrote:
| It's not only about gmail. The google suite is unbeatable in
| terms of functionality and UX.
| reilly3000 wrote:
| I pay $11 / mo and have all of those things. GSuite/Workplace
| doesn't run any ads or extraneous tracking, their corporate
| customers would never allow it.
| afandian wrote:
| I used to, before leaving for fastmail. But it's a joke to
| suggest that you get any meaningful support for your money.
| And I don't think that my account would get better treatment
| than a free one if they decided to delete it for some reason.
| meibo wrote:
| What do you mean by that?
|
| I run a basic GSuite organization and the two times I've
| had an issue with the service, I literally had a
| representative on either chat or phone support within
| minutes. It was a very pleasant experience.
|
| Happy to spend my money on that. They did have to transfer
| me twice for a technical issue, but that was resolved too
| in the end.
| afandian wrote:
| I had a google suite account (with one email user) for
| years.
|
| I had used the account to purchase stuff on Google Play.
| I wanted to close the GSuite organization account but
| retain the purchases. Either by transferring to another
| (disposable) gmail account, or by somehow closing the
| organization account but continuing to be able to log
| into other parts of google using a now-third-party email
| addresss. Or a refund. I don't know what options were
| available, that's why I contacted support.
|
| So this was a transactional support request, not a Q&A. I
| did get through to a chat support but their answer was
| pretty much "I don't know, check the support forums".
|
| I'm not trying to make my point about the situation, more
| about the customer experience I got for trying to ask
| what I imagine is a fairly common question.
|
| (I feel like an idiot for spending money on DRM, but
| different story)
| reilly3000 wrote:
| Could you get the same email with a different host and
| create a Google account with it?
|
| This is me realizing I'm probably locked in for
| eternity...
| afandian wrote:
| I still don't know!
|
| Will Google give you the mechanism to ask your question?
| Will you trust the answer? Will you take that gamble?
| reilly3000 wrote:
| This prompted a bit of searching on my part and I found
| the following:
|
| 1. Migrating core assets:
|
| https://www.39digits.com/migrate-g-suite-account-to-a-
| person...
|
| 2. Sharing Play purchases via family sharing
|
| https://www.quora.com/Can-you-transfer-your-Google-Play-
| purc...
|
| 3. Migrating YouTube channel between accounts via Brand
| Channels
| https://support.google.com/youtube/answer/3056283?hl=en
|
| So it appears there is no one-click or Google support
| method for migration to a personal Google account and you
| cannot ever have a Google account with the same email
| address except for reactivation of a Workplace
| subscription. You can move virtually everything with
| Takeout and use account sharing features for the rest (so
| long as you have a small family...).
| reilly3000 wrote:
| Your point is well-made about the level of support you
| might get from a Google rep. The answer they should give
| is that Play store purchases cannot be transferred to
| protect the IP contracts with sellers, otherwise there
| could be a potential for an aftermarket on Google Play
| account assets. I know some people at Google understand
| that, but I doubt that's in their support playbooks.
| afandian wrote:
| Then it wouldn't be Gmail.
|
| Not being flippant. Google's whole business model is predicated
| on operating like this. An accountable Google would probably be
| a very different company with different products.
| mysterydip wrote:
| Could fake/phishing emails be used to poison your profile?
| "Thanks for your constipation medication order"
| bengale wrote:
| Isn't this largely the point of gmail? It's a data collection
| tool isn't it?
| decrypt wrote:
| From the same tooter:
|
| >If you use #Google Photos, there's a non-zero chance that there
| are secret, yet public URLs attached to your photos that allow
| un-authenticated access to every picture in your account. Mine
| did, and I tested the addresses in incognito and tor browsers and
| they worked. #privacy
|
| https://mastodon.social/@gerowen/106978306449754832
| judge2020 wrote:
| "unauthenticated access" is a stretch. It's like how
| rawgithubcontent links originating from GitHub.com on private
| repos contain a query parameter ?token= that is an API token
| for accessing that repo "without authentication" - it's in the
| URL, sure, but that URL itself contains a long, random series
| of characters that is needed to access the content.
| jeffbee wrote:
| "Secret yet public" is a new achievement in privacy
| derangement. The URL is secret. It is public if you share it,
| after which it is not secret.
| darthvoldemort wrote:
| I guess you've never heard of "security through obscurity".
| Zarel wrote:
| Secrets like passwords are not "security through
| obscurity". The existence of a key that can open a lock is
| not security through obscurity. "Security through
| obscurity" refers to obscuring techniques, not obscuring
| passwords and keys. No one has ever referred to RSA as
| "security through obscurity" because it requires obscuring
| your private key.
| prepend wrote:
| It's also really hard to audit, so if Google shares it and
| people access it, Google won't know.
|
| This is not cool for me because I don't want my photos
| available to people other than me, even if they have my magic
| url with a token I didn't create and can't revoke.
| morgosmaci wrote:
| You can revoke a link. Go to the shared album page.
| (clicking on the link will take you there) Click the
| options menu item and there is a toggle for link sharing
| that will revoke the magic url and token.
| jeffbee wrote:
| You can revoke sharing links, but there are also direct
| links to photos that work for unauthenticated clients.
| They aren't presented in the UI as a sharing option; you
| have to use your browser to copy the link. In other words
| the only way to make these links public is through
| intentional user action.
| kyle-rb wrote:
| How is a magic url really any different from a magic login
| cookie in this case? Yeah, I guess you can't revoke it, but
| what's the difference if the new cookie/url is equally
| unguessable?
| pantulis wrote:
| I am not that concerned with these opaque URLs as they are
| basically unguessable (and you will need the URLs to download
| the data if you are destroying your Google profile, so no other
| authentication is possible)
|
| But for how long are they retained? Are they generated during
| the takeout process or do they exist since the photo was
| uploaded?
| rastafang wrote:
| I wish stores and every other websites that require registration
| would stop requiring an email address in the process.
| fuzzieozzie wrote:
| .. and this is why I have different email addresses for shopping.
| stephc_int13 wrote:
| This is why I stopped using Gmail years ago.
|
| It combines bad user experience with giving them too much power.
|
| Google is really not our friend.
| themodelplumber wrote:
| Wow. It's not even just everything you buy from Google--from the
| post it seems like they actively compile and organize the data
| from every purchaser transaction that touches your GMail account.
|
| I think we deserve to hear from Google about this one. Unless we
| have already?
| samstave wrote:
| Drat!!! Google knows all about my dealings with Nigerian
| Princes!! I'm _ruined!_
| GeekyBear wrote:
| >It's not even just everything you buy from Google--from the
| post it seems like they actively compile and organize the data
| from every purchaser transaction that touches your GMail
| account.
|
| Google literally buys a copy of most people's credit card
| transaction data.
|
| >Google has been able to track your location using Google Maps
| for a long time. Since 2014, it has used that information to
| provide advertisers with information on how often people visit
| their stores. But store visits aren't purchases, so, as Google
| said in a blog post on its new service for marketers, it has
| partnered with "third parties" that give them access to 70
| percent of all credit and debit card purchases.
|
| https://www.technologyreview.com/2017/05/25/242717/google-no...
| nemasu wrote:
| I wonder if it's to get that fancy header at the top of
| purchase emails.
| jaywalk wrote:
| They wouldn't have to store the data after the email was
| deleted if that was the only reason.
| kreeben wrote:
| "We're organizing the world's information and making it
| searchable [so that we can show you ads]."
| prepend wrote:
| "And dynamically price things based on your income and
| calculated demand"
| tablespoon wrote:
| > Wow. It's not even just everything you buy from Google--from
| the post it seems like they actively compile and organize the
| data from every purchaser transaction that touches your GMail
| account.
|
| IIRC, that's why Amazon purchase emails are utterly useless
| now. They realized Google was getting their precious customer
| data via Gmail, so they cut off the flow years ago.
|
| It's another example of how the modern economy has many
| consumer-hostile incentives that have actually led to
| regressions rather than improvements.
| bserge wrote:
| Not like they're doing anything useful with it.
|
| "You bought a toilet? Would you like another 4 toilets?"
|
| I mean, ffs, maybe recommend a bidet or installation tools.
| mdale wrote:
| Well long as you click on the order link in chrome browser
| guess it's fair game :P
| jimmaswell wrote:
| How does it hurt Amazon's business? Google might recommend an
| ad for a competitor with similar products?
| llampx wrote:
| Since they are competitors, anything that helps google
| hurts Amazon
| jazzyjackson wrote:
| google keeps trying to make "google shopping" happen.
| reading customer data helps them improve their store front,
| amazon would like to avoid helping any (future) competition
| standardUser wrote:
| Huh, I suppose that's why I sometimes have to click through
| several different Amazon emails to find the specific order or
| shipment I'm looking for. They've removed the details from
| the actual email.
| mullingitover wrote:
| Just go to your order history in Amazon, it's all there and
| much more searchable than trying to rifle through emails.
| athenot wrote:
| I can search the million+ collection of messages on my
| mac in a second; with no paginated results page, no ads
| and no UI tricks designed to upsell me or get me to
| reorder things. And I'm not even using a fancy mail
| client, it's just Apple's humble Mail.app.
| TeMPOraL wrote:
| I.e. forcing you to use their platform to access this
| data, instead of an independent platform that is e-mail.
| Nice way of taking away users' control over their own
| data.
| ohgodplsno wrote:
| Had everyone not given full access to a worldwide privacy
| invading operation such as google, it might not have been
| a problem. You reap what you sow, and HN has sown plenty
| of Google seeds.
| shadowgovt wrote:
| It's not a Google thing; it's an Amazon thing. Amazon is
| hyper-paranoid about leaking any aspect of its purchase
| history data; that's what it considers the "special
| sauce" every bit as much as Facebook guards its social
| graph or Google guards the ad fraud detection algorithm.
| mullingitover wrote:
| You're already using their platform to generate the data,
| I don't understand the problem with also using it to view
| that data.
|
| Not providing intricate details about your purchases in
| email is a privacy-enhancing feature, given that probably
| most of their customers are using gmail.
| compiler-guy wrote:
| Except that I can't export that data from amazon easily
| if I, say, change or delete my account, or just want to
| run a program on my own data.
|
| Whereas that is pretty easy with any sort of email
| client.
| gigel82 wrote:
| I actually export the data from Amazon every year. They
| have nice CSV reports with all orders and all products,
| including cost, category, ASIN, etc. I wish there was a
| way to hook that up into mint.com to auto-categorize
| Amazon purchases.
|
| I noticed they stopped including product details in
| emails a few years ago, didn't click until reading it now
| that they're doing it to prevent data mining. Kind of
| makes sense if you think about it, but maybe they should
| have an option for that for people that self-host their
| e-mail or use privacy-focused providers.
| 5555624 wrote:
| Yes, you can. Go to https://www.amazon.com/gp/b2b/reports
| and you can generate a report of items, orders, returns,
| or refunds for a time period you select. It generates a
| .csv file.
|
| The report contains far more information than you can
| scrape from their old order emails, including: Date, ID,
| Title, Category, ASIN/ISBN, UNSPSC, Condition, Seller,
| List Price, Purchase Price, Quantity, Payment Instrument,
| Shipping Address, Carrier, and more
| aidenn0 wrote:
| Damn, I've been searching for that for a while. It used
| to be linked from the order history page and isn't
| anymore. I thought they had removed that feature. It is a
| bit annoying that I can get a CSV from my bank in under a
| second, but it takes a few minutes to get an order report
| for a similar date range from amazon.
| figassis wrote:
| Emails today work as receipts. I once had an issue with
| amazon where I bought a hight value item (relative to my
| usual buying pattern), and they silently cancelled and
| deleted it. When I contacted support, they first said if
| it's not in my orders list, then I never ordered it. Then
| I showed them a screenshot I have taken from my phone
| previously, with the order number, and they said it was
| from an account that does not belong to me. It took
| multiple calls to support over a few hours for them to
| finally admin that they deleted it.
|
| They can fix their privacy issues on their platform, I
| want my email receipts.
| ghusbands wrote:
| The context here is Amazon doing that to prevent Google
| mining that data, not to take away users' control.
| pempem wrote:
| I would argue the point is Amazon is doing this to fight
| Google's mining and neither company has your
| data/experience in mind.
| homerunnerhome wrote:
| On the contrary, it's sort of a way to give users _more_
| control over their data.
|
| I work for another online retailer and have been involved
| in discussions about this same topic (order information
| in emails we send), and the way we looked at it was that:
|
| - Gmail collects this data from emails
|
| - The overwhelming majority of users are unaware of this
| data collection
|
| - If we included the data in the email, while knowing
| that Gmail was collecting it and knowing that most users
| are not aware, that was tantamount to us just willingly
| handing over the data to Google without the users'
| consent
|
| Because of this, we asked ourselves if users would likely
| feel upset with us willingly handing over data to Google
| without consent, and we decided that yes they would. So
| we made a trade off to not include that data in emails
| because we thought that was more important than the hit
| to UX we would take from making the emails less
| informative.
|
| Either way we had to make a decision on behalf of our
| customers and we knew that no matter which one we chose,
| we knew some portion of users would be unhappy and
| decided to go with the more privacy-conscious choice.
| danShumway wrote:
| I think the followup question in these cases is whether
| consumers can get the data _off_ of the main websites.
|
| I do see a decent argument for companies being a little
| bit more conservative about what information they put in
| emails when this kind of information collection is
| largely invisible to the general public. It's just
| important to balance that against data silo worries by
| making it easy for customers to export their data and
| hook purchase confirmations up to other services that
| users might actually want to have access.
|
| I'm not convinced _Amazon_ makes these kinds of decisions
| out of a concern for user privacy (especially since
| Amazon isn 't actually consistent about hiding this
| information in their emails as far as I can tell), but
| I'm sure some retailers are.
| aidenn0 wrote:
| I have my e-mails well indexed for search and Amazon's
| order history is most certainly _not_ more searchable
| than trying to rifle through e-mails. In particular if I
| have a charge for $12.34 on my credit card, I can find an
| e-mail with that string in under a second, but I have to
| slowly page through my amazon orders doing a ctrl-f for
| 12.34 on each page.
|
| Amazon used to let you at least download a CSV for a date
| range, but the don't even let you do that anymore!
| tablespoon wrote:
| > Huh, I suppose that's why I sometimes have to click
| through several different Amazon emails to find the
| specific order or shipment I'm looking for. They've removed
| the details from the actual email.
|
| Yeah, and there's nothing you can do. I don't even use
| gmail anymore, and the emails are still garbage. I think
| for awhile they used to include a truncated name of one of
| the products in the order, but it looks like they even
| removed that (sometime around August 2019, based on my
| emails).
|
| Unrelated observation: in my original comment I added a
| second paragraph noting that this regression was due to the
| incentives caused by modern capitalism (and it is: owners
| trying to extract maximum value for themselves, even if
| that means hurting their customers), and it immediately
| started getting downvoted. Then I change "capitalism" to
| "economy" and it started going up again. Some people are
| really sensitive. It must be blasphemy to criticize the
| invisible hand and the wisdom of the owners ti guides. I
| guess right is whatever they do.
| space_fountain wrote:
| Could also be that they just want you back on their site
| because some ab test at some point decided you're more
| likely to be buy from them again if they can get you back
| onto amazon.com
| [deleted]
| Spooky23 wrote:
| It benefits them in many ways. Good luck figuring out where
| a random Amazon box was ordered from if there are multiple
| buyers in your household.
| [deleted]
| memling wrote:
| > It's another example of how the modern economy has many
| consumer-hostile incentives that have actually led to
| regressions rather than improvements.
|
| To be honest, I actually think it's probably more privacy-
| conscious to eliminate as much information as possible (but
| no more) from these kinds of emails. While I suppose Amazon
| is concerned with competitive behaviors from Google, I'm more
| concerned that Google or any other actor with access to my
| email could look through my purchasing list, or my library
| reading list, or...
|
| Email is an insecure and non-private medium, but we often use
| it for items that require some level of security or privacy.
| I'd prefer if more companies held that information closely.
| jazzyjackson wrote:
| if someone has access to my gmail they can just reset my
| amazon password and view my order history there
| tablespoon wrote:
| > To be honest, I actually think it's probably more
| privacy-conscious to eliminate as much information as
| possible (but no more) from these kinds of emails.
|
| But that makes them useless for what they are, especially
| the shipping ones: "You made three orders recently, one
| shipped. If you actually want to know which one (and you
| haven't memorized your order IDs) click here!"
|
| This is actually a pretty annoying regression for me,
| because I buy things from many sites and have no way to
| search my overall order history anymore.
|
| > Email is an insecure and non-private medium, but we often
| use it for items that require some level of security or
| privacy. I'd prefer if more companies held that information
| closely.
|
| It is, but there's no better system and ruining email
| doesn't solve that privacy problem (e.g. Amazon may sell
| this information). At a minimum, it should be a setting so
| people can opt to get useful emails if they want to make
| that tradeoff.
| pythonaut_16 wrote:
| Yep. The decision for Google to have access to the
| contents of my email is mine, not Amazon's (or whoever
| else). It's the decision I make when I use a Gmail
| account, and it's up to me to decide that based on
| Google' privacy policies and reputation.
|
| If I don't want Google to have any access then I'll use a
| different provider or self host my email. If I want to
| publish all of my emails publicly that's also my
| decision.
| JumpCrisscross wrote:
| > _that 's why Amazon purchase emails are utterly useless
| now_
|
| Would be nice if Amazon only made their e-mails to Google
| addresses (Gmail or otherwise) useless.
| JohnFen wrote:
| I completely understand why Amazon has done this. I do
| something similar, but more targeted -- I avoid sending
| emails to gmail addresses at all when possible, and when it's
| unavoidable, I try to make the emails as minimalistic as I
| can get away with.
|
| I see Amazon as doing something similar, but less targeted at
| gmail specifically.
| awill wrote:
| Thanks for this.
|
| I didn't realize why, but it's always annoyed me how little
| info is on Amazon's order confirmation emails, forcing you to
| click the link.
|
| This is why!
| pradn wrote:
| I thought it was just because email wasn't secure? That's why
| health and banking providers send you links to their
| messages; perhaps this is just for health and banking info.
| prepend wrote:
| That's funny, I wondered why Amazon order emailed sucked so
| hard lately. Thought it was just them being dumb.
|
| I liked getting an email with the item, price, shipping, etc.
| Now it's just an order number and shipping notice and I have
| to click on the order to figure out what items are coming.
| Particularly fun when I order 6 items and they get split into
| 6 shipments. Or just trying to keep track of my dozens of
| Amazon orders.
|
| I switched to Walmart as they send useful product updates.
| minsc__and__boo wrote:
| >That's funny, I wondered why Amazon order emailed sucked
| so hard lately. Thought it was just them being dumb.
|
| It's the opposite.
|
| Amazon wants you to click back into the store to buy
| things. One way to do that is forcing you to view orders in
| the store instead of your email inbox. They care more about
| that than Google seeing your purchase history.
| SV_BubbleTime wrote:
| Yea. That's a big lightbulb moment for me.
|
| Also, that's a great state of things today... Amazon has to
| make their product worse because Google won't ever stop
| siphoning.
|
| I still have a Gmail, but I'm properly compelled to kill
| it, finally.
| shadowgovt wrote:
| It's not like killing it will make your emails from
| Amazon better. Now that Amazon realizes that data can be
| scraped by _anyone_ , they won't leak it again.
| paxys wrote:
| I wish they would send useful emails to non @gmail.com
| addresses though
| mysterydip wrote:
| Can't you get @yourdomain.com pointed to a gmail address?
| Businesses hosted using the Google suite as well.
| wanderingstan wrote:
| Perhaps because many people, like me, have a primary non
| gmail address that is forwarded to my gmail address. That,
| and businesses with custom domains that use Google apps and
| thus have gmail as the UI.
| paxys wrote:
| Google doesn't scan business Gmail accounts, so that's
| not a concern at least
| SV_BubbleTime wrote:
| Even if they say they don't, how could you ever know they
| aren't scanning business accounts? What in Google's
| history has given you confidence in this conclusion?
| ohgodplsno wrote:
| [source needed]
|
| Google has been found to lie and play dirty over and over
| again throughout their existence. You'd be a fool to
| think they don't even scan it. For "safety reasons", and
| oops, the contents of your email have accidentally been
| logged and stored, what a shame.
| paxys wrote:
| The source is Google (https://workspace.google.com/learn-
| more/security/security-wh...). Of course you can make the
| "they are lying" argument for anything, but in this case
| there would be several billion dollar lawsuits from every
| large company they signed a contract with if this was
| actually happening.
| llimos wrote:
| Part of me wishes they would say what the reason is in the
| email. That might make Google think twice about this kind of
| thing.
| peakaboo wrote:
| In 2021, I'm surprised people expect Google to give you
| privacy.
| kelp wrote:
| The first time I heard about Gmail collecting your purchase
| history, I moved to Fastmail and I've been pretty happy.
|
| Downside is Gmail search is a lot better than Fastmail's. But
| otherwise it's worked great.
| hpkuarg wrote:
| I've been a happy Fastmail user for years as well, but now am
| looking to switch away due to the Australian surveillance
| bill.
| Isthatablackgsd wrote:
| Gmail Search is getting subpar now than it was before. It
| didn't show the email that I knew the subject, or the body
| have that. Sometimes I have added the email address or
| several names to get it to find the email. Sometimes it
| works. 5 years ago, it has no problem finding those emails.
| And now, it is hit and miss. This is on my Google Workplace
| account.
| [deleted]
| pat-jay wrote:
| Is it overstated to say "this is creepy AF"?
| ggalaxximm wrote:
| Who here is buying things with or through Google? Who actually
| has ever used "Google Pay"? Hell, I make it my religious duty to
| keep my GMAIL account under 15GB at all times, so I never, ever,
| ever have to reveal any of my banking information to Google.
|
| I would expect nothing less of Hacker News veterans.
| aidenn0 wrote:
| My understanding is if you have a receipt sent to your gmail
| account, google scrapes and tracks those purchases.
| pantulis wrote:
| Is Google Takeout only limited to GMail? I am pretty sure this
| transaction data can also be gathered via Analytics, so I guess
| there would be no foul play on the part of GMail. But of course,
| you are logged into your Google Profile _because_ you use GMail.
| Isthatablackgsd wrote:
| It is not limited to that, it encompassed everything under
| Google umbrella like Gmail, Search, Health, etc. They have
| multiple options that you can tick the data you want to obtain.
| To be warn, the folder itself can be absurdly large depending
| how entrenched you are in Google ecosystem. Last time I checked
| mine, it is over 50 GB.
| zokier wrote:
| I'm kinda confused which part of this is news? That Google
| extracts purchase information from mails? That's a feature that's
| been even exposed in UI for ages! Or that Google uses incoming
| mail to enrich user profiles? I would have thought that to be
| obvious? If you put 1+1 together, then it seems pretty
| unsurprising that they have purchase histories of users.
|
| Maybe I'm just too jaded at this point
| [deleted]
| rtomanek wrote:
| Does this show up in Google Takeout export?
| tdeck wrote:
| That's what the article says.
| decrypt wrote:
| Yes, from the toot, all of this data is visible on a Google
| Takeout export.
| tillinghast wrote:
| > Here's metadata from my takeout showing ...
|
| Apparently. Haven't tested myself yet.
| rc_mob wrote:
| so you are saying we should , send ourselves some fake purchase
| receipts just to fuck with googles data?
| tomrod wrote:
| Exactly this. Monkeywrench_Tech_as_a_Service.
| yawaworht1978 wrote:
| I have always wondered if google can see the YouTube, Gmail
| passwords, not from the database,but you can see your own
| passwords in the browser in plain text and since all the apps are
| theirs, a keylogger would be impossible to detect.
|
| Another thing is, do they have a back up of data from the
| Myaccount. Subdomain that users delete.
|
| Still I trust google and amazon more than Microsoft and apple and
| Facebook. Just me personal view, I could be totally wrong. The
| ones I trust are simply more open about data storage and have
| less dark patterns and clandestine TCS. But yes, wide spread
| Gmail usage will make google see many things and they will
| collect a lot of data. Probably even more delicate data than what
| Facebook gets to see.
| barneygale wrote:
| Working for Google is outright unethical.
| aj3 wrote:
| Well duh. They have to comply with anti-money laundering
| regulation.
| hungryforcodes wrote:
| What does AML have to do with what I buy online?
| ashtonkem wrote:
| Anyone who transmits your money, including CC companies, have
| to comply with KYC and AML laws. I believe this might include
| Google Pay, but I don't see how this would include Gmail for
| cases where you didn't use Google Pay.
| nemasu wrote:
| This was my first thought too. But it seems like any purchase,
| even if Google isn't involved, is logged.
| ashtonkem wrote:
| Do they? They're not the ones actually moving the money in this
| scenario. Generally KYC and AML laws apply to the actual banks
| or money transmitter, which sometimes is Google if you use
| their payment services, but not if it's just their email.
| kreeben wrote:
| User X: buys dildo
|
| Google: X likes dildos
|
| Dildo Salesperson: Google, who likes dildos?
|
| Google: X
|
| User X: deletes dildo receipt email
|
| Salesperson: Is X still into dildos?
|
| Google: Yeah, they just don't like receipts.
| reacharavindh wrote:
| Good thing they keep track of all the spam I get! The membership
| to something long forgotten, marketing emails from US shops(I
| don't live in US anymore) and some developer mailing lists from
| that one time I had to write to get support.
|
| If they are so evil and clever, I at least make them work through
| a lot of bull shit before they profile me.
|
| My emails are at Fastmail as a paid user. Hopefully they are away
| from advertising companies. But, any Gmail user I have emailed
| would leak that info to Google.
| passivate wrote:
| They do a good job of blocking email adverts/spam, but it also
| competes with their own paid service which shows the user
| adverts/spam. Okay, maybe I am a bit cynical :)
| clscott wrote:
| Worse, the stores are feeding them this info in easy to digest
| packets:
|
| https://developers.google.com/gmail/markup/reference
| c16 wrote:
| If you don't pay for the product then YOU are the product.
| ipaddr wrote:
| Am I the only person who would never think to give
| google,facebook, twitter my credit card? Or would never pay them
| any money regardless?
|
| After linking your credit history the targeting and linking of
| information that would follow would be a privacy blackhole that
| would be hard to recover from.
| asdfasgasdgasdg wrote:
| Very unlikely that they keep the record indefinitely after you
| delete the email. Instead, it's likely that the systems that
| store the derived information are not transactionally connected
| to the email database. Deletions would be reflected eventually,
| but only according to the periodicity with which the two systems
| are synchronized.
| tillinghast wrote:
| What would motivate Google to delete this data? The transaction
| shown in the screenshot is from 8 years ago.
| asdfasgasdgasdg wrote:
| When was the corresponding email deleted? That's when the
| clock starts.
| milesvp wrote:
| I would strongly disagree. This type of information is the most
| valuable information google can collect on an individual. The
| cost of maintaining this data is so small compared to its value
| that there is should be little pressure to do anything but
| store it indefinitely along with any metadata that might be
| relevant.
| ridaj wrote:
| On the basis of what data do you think that this information
| is valuable? I don't think my purchases from 5 years ago are
| meant as useful as the recent ones I made...
| asdfasgasdgasdg wrote:
| Ok, but your conjecture is in contradiction to Google's data
| retention policies, which describe a process something like
| what I wrote. It's possible that Google are just lying
| through their teeth, but I think it's not very likely. I
| think you have overestimated the value of this sort of
| information. It is not worth the reputational risk to retain
| it in contravention of posted policies.
| dave5104 wrote:
| > I think you have overestimated the value of this sort of
| information.
|
| Google's an advertising company. How is having a complete
| list of all the products I've purchased online not
| valuable? Seems like a great indication on what kinds of
| products Google can turn around and advertise back to me.
| burkaman wrote:
| No, Google's policies say they delete some things when you
| ask them to, but they won't say which things. Maybe email
| purchases are in this category, or maybe they're in the
| category of data they keep "for the life of your Google
| Account", or "for extended time periods".
| asdfasgasdgasdg wrote:
| Fair enough. At this point all we have is conjecture.
| Their policies seem congruent with my view, and it's also
| how I would design a system like this. On the other hand,
| you may be right that this is data they retain forever.
|
| There is no way to know for sure unless someone wants to
| do an experiment. It would be pretty easy to conduct: do
| takeout to find a purchase in the history, delete emails
| associated with the specific purchase, empty the trash,
| wait sixty days, then takeout again and check if the
| purchase is gone. But we won't find out today.
| prepend wrote:
| > overestimated the value of this sort of information.
|
| What do you estimate is the value of a dossier of all
| purchases I make over my lifetime? Or at least the ones
| Google knows about.
|
| It seems to me that this is very useful and valuable.
| [deleted]
| jjulius wrote:
| >Very unlikely that they keep the record indefinitely after you
| delete the email.
|
| Doesn't matter - I wouldn't want them storing purchase data for
| things I bought from other companies _at all_.
| junon wrote:
| And what makes you think this is the case? Or is it
| speculation?
| saalweachter wrote:
| https://policies.google.com/technologies/retention?hl=en-US
|
| > When you delete data in your Google account, we immediately
| start the process of removing it from the product and our
| systems. First, we aim to immediately remove it from view and
| the data may no longer be used to personalize your Google
| experience. For example, if you delete a video you watched
| from your My Activity dashboard, YouTube will immediately
| stop showing your watch progress for that video.
|
| > We then begin a process designed to safely and completely
| delete the data from our storage systems. Safe deletion is
| important to protect our users and customers from accidental
| data loss. Complete deletion of data from our servers is
| equally important for users' peace of mind. This process
| generally takes around 2 months from the time of deletion.
| This often includes up to a month-long recovery period in
| case the data was removed unintentionally.
|
| > Each Google storage system from which data gets deleted has
| its own detailed process for safe and complete deletion. This
| might involve repeated passes through the system to confirm
| all data has been deleted, or brief delays to allow for
| recovery from mistakes. As a result, deletion could sometimes
| take longer when extra time is needed to safely and
| completely delete the data.
|
| > Our services also use encrypted backup storage as another
| layer of protection to help recover from potential disasters.
| Data can remain on these systems for up to 6 months.
| burkaman wrote:
| From the same page:
|
| > some data we retain for longer periods of time when
| necessary.
|
| > We keep some data for the life of your Google Account if
| it's useful for helping us understand how users interact
| with our features and how we can improve our services. For
| example, after you delete a specific Google search from My
| Activity, we might keep information about how often you
| search for things, but not what you searched for. When you
| delete your Google Account, the information about how often
| you search for things is also removed.
|
| Incredibly vague, there is no reason email purchases
| couldn't be included in this category.
|
| > Sometimes business and legal requirements oblige us to
| retain certain information, for specific purposes, for an
| extended period of time.
|
| Again, "business requirements" can mean anything at all.
| whimsicalism wrote:
| This does not say what you are implying above - this talks
| about a formal data deletion request, not just deleting the
| email.
| asdfasgasdgasdg wrote:
| I don't believe you are correct about this. The document
| is very clearly (to me) talking about ordinary deletion
| actions, not just formal deletion requests.
| kindle-dev wrote:
| Why is it "very unlikely?" Does Google have a good track record
| of removing information voluntarily?
| asdfasgasdgasdg wrote:
| Their terms of service and policies document this to be their
| process. Also, such handling would be required for GDPR
| compliance.
| treeman79 wrote:
| He's talking about how the system architecture would be
| sanely designed. He is correct on how it should work. Now how
| long the secondary system holds the data is a business
| decision. Maybe a month/year, maybe forever. Record retention
| laws may have impact on this.
|
| Now If Google decided to hold the records forever or far
| beyond any legal requirements then yeah that's getting evil.
| nostrademons wrote:
| It's a GDPR/CCPA requirement.
| Nextgrid wrote:
| Google's current consent flow violates the GDPR, so that's
| a bad example.
| lmkg wrote:
| Google has a poor record on GDPR requirements. And in fact,
| common themes among the issues that they have are
| undisclosed secondary uses and unreasonable data retention.
| asdfasgasdgasdg wrote:
| Is that true? From what I can find the total amount of
| their fines is not more than $100M, which is less than I
| would expect given their size if they were conducting
| willful ongoing violations. And neither of the two
| biggest cases involved willful data retention like this:
| one was about cookie consent and one was about right to
| be forgotten.
| lmkg wrote:
| Fine amount is a poor measure of compliance, for a few
| reasons. First, European regulators prefer nudges and
| strong words before fines. Second, Google is incorporated
| in Ireland and the Irish regulator is clearly and
| blatantly sandbagging enforcement against US companies.
| The fact that they get fined _at all_ is actually pretty
| damning: France had to twist and wiggle to be able to
| fine them without involving Ireland, and part of that was
| limiting the scope of the violations to things touched on
| by related laws, which is why the fine only covers cookie
| consent (governed by ePD).
|
| However, several DPAs and local governments have reviewed
| Google software for _their own_ GDPR compliance. Several
| of those findings are available online. These findings
| don 't result in fines, because it's not technically an
| investigation of Google. But it does involve a thorough
| investigation of the legal issues of using Google's
| services, and the results are illuminating.
|
| For example, below is a link to a report the Dutch DPA
| complied on whether Dutch government agencies can use
| Google Workspace (formerly GSuite). The conclusion is
| that Google's privacy protection are catastrophically
| terribad (for a paid product!). It requires linking to a
| personal account, purposes of processing are not defined,
| there's definitely processing going on that's not covered
| by the contract, etc. Google's linking to personal data
| in a way that cannot be disabled by administrators means
| they are a Joint Controller instead of a Processor, and
| it's _not possible_ for them to comply with various
| obligations because they 're too vague about the purposes
| of processing.
|
| https://www.rijksoverheid.nl/binaries/rijksoverheid/docum
| ent...
|
| Again, doesn't result in a fine, because they're not be
| investigated for violations. Someone is just asking "can
| we use a Google product?" But the results of that
| research indicate some deep structural problems.
|
| Also that fine that France issued, where they somehow
| avoided invoking GDPR directly? Still the third-largest
| GPDR fine on record. So your expectations for fine
| amounts are a bit off.
|
| https://www.enforcementtracker.com
| sorokod wrote:
| What would be the business case for this elaborate system?
| thrashh wrote:
| Having it transactionally linked would be more elaborate imo.
| Here they're just detecting an order and storing it.
|
| They might be using this order to show what you've ordered
| recently on results or use it as suggestions on Google
| Shopping.
| whimsicalism wrote:
| > use it as suggestions on Google Shopping.
|
| "Consumer Gmail content will not be used or scanned for any
| ads personalization after this change"
|
| No longer in effect?
|
| https://qz.com/1014816/google-will-no-longer-mine-your-
| email...
| asdfasgasdgasdg wrote:
| I don't see any evidence that the purchase history
| discussed in the article is used for ads personalization.
| eevilspock wrote:
| Is this a guess, wishful/hopeful thinking, or do you have
| receipts?
| asdfasgasdgasdg wrote:
| Another comment helpfully quoted Google's data retention
| policy.
|
| https://news.ycombinator.com/item?id=28631833
| gumby wrote:
| Well, read their data retention policy closely. They may
| discard the raw data after some time but the learning model
| they trained with it (a model all about _you_ ) they keep and
| continue to use.
| afandian wrote:
| Not if you leave Google. You can do it.
| jsnell wrote:
| Isn't this controlled by the "Gmail smart features" setting,
| which they explicitly had a modal dialog for last year, to make
| everyone explicitly decide to enable or disable?
|
| https://blog.google/products/gmail/new-settings-smart-featur...
|
| Seems a bit odd for the poster to enable it, and then complain.
| The text seems fairly clear.
|
| Oh, wait... The screenshot shows the Takeout as being from 2019.
| Why post about it now?
| throwdecro wrote:
| > Isn't this controlled by the "Gmail smart features"
| setting...
|
| I just went through the Google's "Privacy Checkup" and it
| wasn't clear to me where this setting is.
|
| Also is the Takeout from 2019, or are there purchases from 2019
| in a current Takeout? What specifically are you looking at in
| the screenshot?
| jsnell wrote:
| The name of the directory, shown in the top right, is google-
| takeout-20190313*. That's the time when the Takeout was
| exported.
| morsch wrote:
| I assume they did that because they had to (GDPR, the blog post
| is tagged as Google in Europe, even if they did it worldwide).
| I think I opted in.
|
| In typical Google fashion, you had either the choice to enable
| everything or nothing. I want the tabbed inbox, I don't want
| smart compose, or assistant integration or... anything else
| from that post, really.
|
| They also lock all kinds of basic features of Google Maps (like
| manually set and store my home address) behind the permission
| to record, store and processes indefinitely my location
| history.
| heywherelogingo wrote:
| I love how people are surprised/shocked by this. It's perfectly
| in line with Google's character, yet every time another example
| of that character is highlighted people are still surprised.
| Perpetual surprise. Oh, this fire burnt my finger... oh, that
| fire burnt my finger... oh, yet another fire that burnt my
| finger... At what point do realise you're not going to find a
| cold fire?
| osigurdson wrote:
| Google should offer a paid gmail service with a detailed privacy
| contract. Presumably they are not spying on businesses that pay
| for G Suite. Perhaps this already exists.
| jeffbee wrote:
| Google has been offering that for years. It attracts the
| opposite complaint: a lot of the features you get with a
| gmail.com account don't work with the fancier accounts.
| paxys wrote:
| You are describing Google Workspace
| osigurdson wrote:
| Isn't that just the new name for G Suite? What I am
| describing is a very simple workflow like the following:
|
| 1. Log in to gmail 2. Navigate to account settings 3. Select
| an "enhanced privacy" option 4. Enter a credit card number
|
| The user now owns all of their own content - no sharing
| without the user's permission.
| leephillips wrote:
| Google reads your Gmail. They admit it. They've never hidden it,
| as far as I know. If you choose to use Gmail, you've chosen to
| let Google's computers read, analyse, and store information about
| the contents of your email.
| passivate wrote:
| >If you choose to use Gmail,
|
| Google also does that if I don't use Gmail but send email to
| someone with a Gmail account, or send email to an address that
| forwards to a gmail account, etc.
| leephillips wrote:
| Good point. I guess all we can do is try to educate people.
| jvolkman wrote:
| All email providers that want customers analyze and store
| information about the content of emails so they can provide
| features such as spam filtering and search.
| leephillips wrote:
| Another reason for me to be glad that I don't use an email
| provider. But is this true? Does Protonmail do this?
| Chloepeterson wrote:
| I was facing eviction and had a very bad credit then and couldn't
| get a Loan , Repairing my credit was another big problem for me
| until Webowlhack5 at gmail dot com helped me out by getting rid
| of the bad reviews that was a barrier to me getting a Loan and
| fixed my credit as well .. I owe him a Lot and this is the very
| least i could do , writing a review about him to help people out
| there that has been Looking forward to get their credit fixed and
| work with a reliable credit repair specialist .. you can text him
| +1 201 549 3937
| sneak wrote:
| Of course they do. Gmail's logs of essentially your entire
| economic activity (travel, flights, driving directions, online
| orders, food delivery, etc), tied to your identity, is the most
| valuable thing Google has as an advertiser. (They even buy
| purchase logs from retailers, tied to phone numbers; recall that
| you can't get a Google Account without a phone number.) This is
| why Amazon started somewhat redacting the transactional emails
| they send out when you buy stuff.
|
| Only a fool would use Gmail.
| shapefrog wrote:
| Google knows fuck all compared to what Amex has on me.
| kreeben wrote:
| Excellent rebuttal. I mean, who gives a fuck what Google does,
| when we 'av Amex's despicable conducture to worry 'bout, ey
| mate?
| kyrra wrote:
| Googler, opinions are my own.
|
| Google has been doing this for a while, as can be seen when the
| reporters wrote about it 2 years ago:
| https://www.theverge.com/2019/5/17/18629789/google-purchase-....
| HN discussed it at the time:
| https://news.ycombinator.com/item?id=19942219
|
| You can see the information it has already collected if you use
| Google, by visiting: https://myaccount.google.com/purchases
|
| Though oddly my list is empty. I wonder if I disabled this
| feature at some point?
|
| The help docs:
| https://support.google.com/accounts?p=orders&hl=en, explain how
| you can delete this data if you want to.
| Eighth wrote:
| I think it's more talking about gmail purchase records, which
| can be viewed here:
| https://mail.google.com/mail/u/0/#search/category%3Apurchase...
| floatingatoll wrote:
| Thanks for the link. Unfortunately, there is no UI for
| removing this category when it's incorrect or when I wish to
| opt out.
|
| Ironically, since the only purchases my Gmail contains
| receipts for are for someone who isn't me but apparently
| decided to use my email address, whatever database these are
| feeding that Google thinks is "about me" is steadily being
| corrupted to death by a complete stranger.
|
| Oh well :)
| kevin_thibedeau wrote:
| > Oh well :)
|
| Not going to be so great when they engage in criminal
| activity that points back to you. I do a password reset on
| their account whenever I find someone using my email. Then
| you can change the email to a throwaway or delete the
| account. It's unsafe to let it be.
| floatingatoll wrote:
| There is a long paper trail full of evidence of my
| attempting to contact people to get them to stop sending
| me someone else's email. If some idiotic prosecutor can't
| tell the difference between some jerk in Missouri and me,
| they deserve the judge's derision when the confusion is
| uncovered.
|
| Gmail does not allow changing email addresses, and if I
| delete the account, I lose access to a recovery email
| that I'm executing a multi-year migration away from.
| That's simply not an acceptable step to take to mitigate
| the unlikely risk you describe.
|
| There's also some jerk at AOL who forwarded their email
| to me mistakenly over a decade ago, and I've tried to
| contact AOL, which of course they won't consider since
| I'm not the person who set the broken forward.
|
| While I appreciate your concern, I've already taken it
| into consideration as best as permitted by the tools
| available. If you are aware of a way to change a gmail
| address without creating a new Google Account, then of
| course I would love to hear about it.
| OldHand2018 wrote:
| It's a lost cause. I'm over a decade into the transition
| you are undertaking and I've basically just accepted that
| it will always be an account I can't get rid of - so I
| use it as a "you need my email address but I don't trust
| you" account. Nobody ever has any concern if you give
| them a gmail account.
|
| Over 50% of the email this account receives is for other
| people and frequently the "To:" field isn't even an exact
| match for my address!
|
| If you do start getting stuff that looks like it might
| cause you problems: be proactive. Do not wait around to
| embarrass some prosecutor. By that time, you've already
| spent thousands of dollars and had your reputation
| dragged through the mud. I once started getting legal
| threats meant for someone else. I had a lawyer call up
| that lawyer and it was cleared up in less than 10
| minutes. Another time I started getting emails from/to a
| person with the same name as me at the State Department
| that definitely should not have been sent through a non-
| government server. I talked to someone I knew at the US
| Attorneys Office about it and those emails stopped
| immediately (doubt that guy still works there, LOL).
| floatingatoll wrote:
| Yes, none of it was ever a lawyer.
| potatoman22 wrote:
| It's pretty deceptive that they don't disclose these are
| categorized and stored for advertising purposes. That's
| unethical IMO.
| eth0up wrote:
| On the About Gmail page, in large bold text is stated:
|
| "We never use your Gmail content for _any_ ads purposes "
| emphasis mine.
|
| That might qualify as deceptive.
| jsnell wrote:
| Why do you think that this is being used for advertising
| purposes? Because HN user potatoman22 asserted that with
| no evidence?
| eth0up wrote:
| Yes, because whimsical potato, I am true, fearless
| believer and desciple, hater of evidence, prophet of
| assumption, protector of anonymous tubers.
|
| Not because google is in the business of data and
| advertising or has the ability to cleverly manipulate
| language to their advantage or would ever consider being
| evil. I'm quite confident google wouldn't use such data
| in ways that could be connected to advertising. All your
| google data are belong to privacy.
| nindalf wrote:
| > Be kind. Don't be snarky. Have curious conversation;
| don't cross-examine. Please don't fulminate. Please don't
| sneer, including at the rest of the community.
|
| https://news.ycombinator.com/newsguidelines.html
| eth0up wrote:
| Bear in mind that while I can't refute you, the parent
| question was pretty snarky in its implication.
| potatoman22 wrote:
| HAIL THEE, MAN OF POTATO
| potatoman22 wrote:
| I don't have any evidence, I just assumed it was being
| used for that from other discussion on this post.
| jsnell wrote:
| Right, and in the absence of evidence making assumptions
| is a very natural human thing to do. But eth0up went
| through the trouble of finding pretty compelling evidence
| that the data was not being used for advertising
| purposes, quoted it, and still chose to believe the
| opposite.
| sorokod wrote:
| Compare and contrast with "We will never use...'
| comeonseriously wrote:
| Interesting.
|
| So, my gmail is fname.i.lname@gmail.com. I see SOMEONE else's
| purchase in my history. That persons name is shown as fname
| lname@gmail.com. Same as mine except .i. is _three spaces_.
|
| WTF? Does Google have a bug here? Is there an actual real
| life human I could send this to?
|
| Edit: the only purchase I see of mine are for Apps I bought
| from the play store. These don't show up in the link that the
| Googler posted above.
| eldaisfish wrote:
| i think this is a case of gmail ignoring periods in your
| email address and applying the same rule elsewhere.
|
| As an example name.lastname, na.melastname and
| namelast.name are all the same email address.
| comeonseriously wrote:
| Would fname.i.lname be the same as fnamelname?
| hrpnk wrote:
| fname.i.lname@ == fnameilname@
| Spooky23 wrote:
| It's not a security issue. It's a user confusion and poor
| validation issue.
|
| I was an early GMail user and have a common-ish name. I
| probably get 30-50 emails a month from confused people
| ranging from contracts to receipts to racy photos.
| ahzhou wrote:
| Sounds like a security flaw. I'd submit it to a big bounty
| program.
| usmannk wrote:
| The other person probably just entered OP's email
| address. I don't really get what OP is saying but make
| sure to note that periods are normalized out.
| pempem wrote:
| they are saying us.middlename.mannk@gmail is seeing
| receipts for us.mannk@gmail.com
|
| The dots don't matter.
| wil421 wrote:
| It's empty for me as well. I guess I opted out of a lot of
| things.
| comeonseriously wrote:
| Mine is empty as well, so I must have found the toggle
| someplace. Also, I fwd then delete all my gmail to my "real"
| email account but presumably Google could have already "read"
| my mail.
| atotic wrote:
| Mine is empty as well. I think this article is misleading.
| The takout list does not come from gmail, but are "purchases
| made directly within Google Search, Maps, or Assistant".
|
| I do wish gmail would keep track of all my purchases. Keeping
| a folder named "shopping" is ok, but it could be so much
| more.
|
| Next to each purchase I'd love to see: - link to a manual,
| youtube videos about this product. - remainders when stock is
| low (for things I might reorder).
| r_klancer wrote:
| I'm also a Googler these days (via Fitbit). The assumption
| being made in this entire discussion is that the purchases are
| mined from Gmail, but that doesn't appear to be correct.
|
| From the screenshot, the items are part of the "Purchases and
| Reservations" activity category that the parent points to.
| According to to the help documentation of the category, it
| specifically refers to purchases made _directly_ within Google
| Search, Maps, or Assistant. I personally have precious few (4)
| items in this category, particularly when compared to the large
| number of purchase confirmation emails sitting in my Gmail
| account. And there is a UI for deleting the purchase records
| from my history.
|
| Meta-comment, I find discussions of this type tend to elide the
| distinction between _data used for personalization_ with _data
| used for advertising_. Say what you will about the very fact
| that the same organization has both, but I do think the
| distinction is both important, and communicated well neither by
| Google nor by anyone else writing on the topic.
| kreeben wrote:
| >>the distinction between data used for personalization with
| data used for advertising
|
| Personalization of what, exactly, if not ads? What's the
| proper distinction, in your view?
| antattack wrote:
| Although not what OP intended to say, personalization will
| eventually mean targeted pricing.
| ssss11 wrote:
| Exactly. The more data, the more control over
| interactions the other party has to extract maximum
| value. I'm always surprised when people don't understand
| this. They get it if you talk about the real world, but
| don't if suddenly the information is exchanged over
| computers.
| nindalf wrote:
| For example, data on which videos on YouTube I watch are
| used to personalise my recommendations. My feed becomes
| subjectively more interesting to me. The ads aren't
| personalised because I don't see any ads. So my data is
| being used, just for my benefit. Does that make sense?
| petre wrote:
| I see ads on my Apple TV but they're not personalized,
| just random food delivery, lots if ads for chips, shampoo
| and meds, or the usual junk that you see on cable TV. I
| fail to see how this brings me any benefit.
| kreeben wrote:
| >> The ads aren't personalised because I don't see any
| ads.
|
| If you're watching YT and think you are not seeing ads,
| then you're being foiled.
|
| >> So my data is being used, just for my benefit.
|
| Apart from the word "just", I agree.
| judge2020 wrote:
| > If you're watching YT and think you are not seeing ads,
| then you're being foiled.
|
| Actually running an ad blocker/paying for Premium means
| you aren't seeing ads, pushed by Google. Any creator
| might be showing you sponsorships/product placements of
| course, and Google has no say in that.
| kreeben wrote:
| When I say "you're being foiled" I'm not talking about
| product placements. I'm talking about how Google designs
| its sorting algorithm for me, on my personalized YT front
| page and how that assortment challenges me to become
| involved, enticed even, to view/buy certain things.
| shapefrog wrote:
| So you think google is guiding you, based on your profile
| based on all the data they have collected on you, to (for
| example) specific tech product reviews in order to entice
| you to consume goods at retailer
| walmart/dell/apple/samsung etc?
| kreeben wrote:
| >> So you think google is
|
| Yes
|
| >> guiding you
|
| Yes
|
| >> based on your profile
|
| Yes
|
| >> based on all the data they have collected on you
|
| Yes
|
| >> in order to entice you to consume goods
|
| Yes
| shapefrog wrote:
| So is that a _No_ to all the relevant bits then?
| kreeben wrote:
| What relevant bits of of Google's conduct did I fail to
| address?
| ssss11 wrote:
| I wonder how many people (excluding those benefitting
| from the adtech industry) hold the view that they enjoy
| seeing personalised ads.
|
| My guess is very very few.
| r_klancer wrote:
| If I send an email to someone appearing to expect a reply,
| and I don't get a reply within X days (I think X=5), Gmail
| surfaces the email with a chip saying "Sent 5 days ago.
| Follow up?"
|
| If I receive a travel reservation confirmation email, I
| receive a calendar reminder on my phone a few days before
| the trip.
|
| This is personalization. But years ago Google made a
| commitment not to use Gmail data to customize ads (after
| initially doing so). So there's a real difference between
| personalization data and ads data.
|
| Closer to home for me, we are legally barred from using
| Fitbit data for ads or allowing any system (or person!) in
| the Ads organization to access it in any way. But nobody
| said we can't personalize your Fitbit experience based on
| data derived from, say, your Fitbit exercise history.
| kreeben wrote:
| >> This is personalization. But years ago Google made a
| commitment not to use Gmail data to customize ads (after
| initially doing so).
|
| Oh! Well, I actually did not know this. You are saying
| they realized they shouldn't use my Gmail to customize
| what ads they show me; how can I verify you are right to
| say so?
|
| >> So there's a real difference between personalization
| data and ads data.
|
| I still don't see the distinction.
| judge2020 wrote:
| If Google personalizes your data, but doesn't pipe it
| into ads.google.com, then it's not ads data.
|
| > how can I verify you are right to say so?
|
| I mean, you could say "how can I verify Google isn't
| using my Google password to decrypt my Chrome data and
| pipe it into Google Ads", but you'd have no way of
| verifying that, besides taking their word for it.
| https://variety.com/2017/digital/news/google-gmail-ads-
| email...
| ssss11 wrote:
| That's the crux with tech these days. Many companies took
| advantage of people's data when they shouldn't have. If
| they want to walk that back and behave in a good way, how
| can anyone prove it.. taking their word for it isn't good
| enough.
| mattzito wrote:
| Googler here, who worked on Workspace (which gmail is a
| part of). Anyone who works in workspace could confirm
| that, it's something that is taken very seriously. On the
| personalization side - smart compose in gmail, where
| there's typing recommendations, that's personalization,
| where a machine learning model looks at your email and
| generated a specific model for you that suggests text.
| The data never leaves gmail, and it's not used for any
| other purpose, and no one has access to it. That's
| different than, "let's use your email to generally learn
| about you and recommend ads or content to you".
|
| But, it's something we've also said legally:
|
| https://support.google.com/googlecloud/answer/6056650#zip
| py=...
|
| Is Google using my data? What for?
|
| Google processes your data to fulfill our contractual
| obligation to deliver our services. Google's customers
| own their data, not Google. The data that companies,
| schools, and students put into our systems is theirs.
| Google does not sell your data to third parties. Google
| offers our customers a detailed Data Processing Amendment
| that describes our commitment to protecting your data.EY,
| an independent auditor, has verified that our privacy
| practices and contractual commitments for Google
| Workspace and Google Workspace for Education comply with
| ISO/IEC 27018:2014. For example:
|
| We do not use your data for advertising
|
| The data that you entrust with us remains yours
|
| We provide you with tools to delete and export your data
|
| We are transparent about where your data is stored
|
| You can get even more detailed in the DPA:
|
| Customer instructs Google to process Customer Personal
| Data only in accordance with applicable law: (a) to
| provide the Services and TSS; (b) as further specified
| via Customer's and End Users' use of the Services
| (including the Admin Console and other functionality of
| the Services) and TSS; (c) as documented in the form of
| the applicable Agreement, including this Data Processing
| Amendment; and (d) as further documented in any other
| written instructions given by Customer and acknowledged
| by Google as constituting instructions for purposes of
| this Data Processing Amendment.
| waynesonfire wrote:
| > Google processes your data to fulfill our contractual
| obligation to deliver our services.
|
| very well articulated, curious if you need a kool-aid
| refill?
| mattzito wrote:
| It's a cut and paste from the linked support article,
| hardly my preferred mode of communication. Elsewhere in
| the thread I cut and paste from other content that's a
| little bit more plainspoken.
| sneak wrote:
| > _The data never leaves gmail, and it 's not used for
| any other purpose, and no one has access to it._
|
| The FBI, NSA, CIA, and DoD have access to it, without a
| warrant (thanks to FISA 702), along with the entirety of
| the email corpus that produced it.
| mattzito wrote:
| My comment was directly in reference to this thread's
| topic, which is the use of gmail data for ads vs. the use
| of gmail data for the personalization of gmail. Your
| comment isn't germane to that topic.
| sneak wrote:
| True, but the "no one has access to it" part is an
| unequivocal statement that happens to be false. We should
| keep in mind at all times who has access to all of
| Google's data whenever they wish.
|
| You can't do threat modeling if you don't accurately
| model the various threats. Everyone at Google could be
| completely trustworthy but there's still huge insider
| risk thanks to US spying.
| mattzito wrote:
| Again, my comment about "no one" was in the context of
| ads personalization, as in "no other part of google that
| might want to consume the model for broader use".
|
| If we are going to do "threat modeling", we should also
| talk about the risk of nation state actors penetrating
| Google, or compromising your browser and getting access
| to your gmail that way. Or an accidental bug that changes
| everyone's password to be 12345. Yes, or the federal
| government could subpoena it.
|
| Lots of things could be true and possible, but none of
| them are relevant in a discussion that's about the
| _internally permitted use of data within google_.
| wizzwizz4 wrote:
| They _are_ relevant in a discussion that 's about the
| _data flow from when Google gets data_. As a Googler, the
| distinction between the two might feel very different,
| but as a user, I don 't care whose _fault_ it is, or what
| 's technically going on in the legal description of
| Google's corporate structure; I didn't even notice the
| distinction between the two conversations (and assumed
| you were having the one I mentioned) until you pointed it
| out.
| kreeben wrote:
| Hi Googler and thank you, sincerely, for engaging in this
| discussion.
|
| First line in your legal statement:
|
| >> We do everything in our power to protect businesses,
| schools, and government organizations from attempts to
| compromise their data.
|
| Where is the "me" in this equation?
| mattzito wrote:
| I just grabbed that from the support article because it
| was first in my search history - that's the support
| article related to @domain.com workspace users, so it's
| framed in that context. For the purely consumer use case
| (it's the same):
|
| https://policies.google.com/privacy#infocollect
|
| "We don't show you personalized ads based on your content
| from Drive, Gmail, or Photos."
|
| and
|
| https://support.google.com/mail/answer/6603
|
| > When you open Gmail, you'll see ads that were selected
| to show you the most useful and relevant ads. The process
| of selecting and showing personalized ads in Gmail is
| fully automated. These ads are shown to you based on your
| online activity while you're signed into Google. We will
| not scan or read your Gmail messages to show you ads.
| jacquesm wrote:
| This is how it _should_ work. But there is no way to
| verify if that is also how it _actually_ works. So it
| amounts to a pinky promise and from any large company
| that to me is not enough, so while I appreciate your
| candor and your belief in that your employer is abiding
| by this I hope you will forgive me from having a lot of
| lingering skepticism.
| prlambert wrote:
| Yes, since 2017 no Gmail data is used for any Ad
| targeting, across any part of Google. Here's a NYT
| article:
| https://www.nytimes.com/2017/06/23/technology/gmail-
| ads.html
|
| Unfortunately this goes against people's default (and
| incorrect) mental model of how Google operates, so it's
| been a very hard message to land.
|
| Disclosure: Current Googler and I was a PM on Gmail at
| the time.
| jacquesm wrote:
| Trust once broken is next to impossible to restore.
| Besides that there is no way to verify this for
| outsiders, so you may as well assume that it is done
| because there is money in it. Google lost the moral high
| ground in these discussions long ago.
| pelorat wrote:
| That's good because my mailbox is filled with mail from
| other people. I signed up to gmail on day one using the
| x.lastname(at)gmail.com address format. Before dot meant
| "alias".
|
| However I now get email from various people around the
| world with xlastname(at)gmail.com addresses. Apparently
| your email is not unique in the world, but only in your
| region, kind of (?!).
|
| I get important emails (hotel bookings, insurance mails,
| trip reservations, orders, lawyer documents) from people
| which use xlastname(at)gmail.com in the USA, Canada,
| Australia, and Europe. All with similar names to me,
| obviously the surname is the same, but first name is
| different, just the same initial.
|
| I've confirmed (by contacting some of them) that they are
| not missing out on any important documents. For some
| reason Google's system is duplicating emails meant for
| other people into my mailbox.
|
| Only mails using x.lastname reaches MY inbox. If I tell
| someone I know to send a mail to xlastname I wont receive
| it, making the statement here...
|
| https://support.google.com/mail/answer/10313
|
| ...false (for me).
|
| I guess I'm God over all the non dotted versions of my
| email address. Thanks Google!
|
| (However sometimes I wonder if other people see my emails
| as well)
| ssss11 wrote:
| Maybe it goes against their mental model because Gmail
| did it for over 10 years and already broke the trust
| regular people placed in them.
| JohnFen wrote:
| The message doesn't really land with me because it's so
| specific. Not using collected data for "ad targeting"
| leaves a LOT of room for uses of the data that I object
| to, including marketing purposes that don't happen to be
| ad targeting.
| petre wrote:
| I was spooked enough yesterday by newsweek offering to
| take my money and showing my gmail user details! Why do
| third party sites have access to my full name? I'm
| running an adblocker, a DNS block list, disabled third
| party cookies etc. Anyway I think my gmail account's days
| are numbered. Maybe I am willing to trust Google or at
| least compromise but not newsweek.
| smolder wrote:
| Stop using chrome if you don't like that feature (where
| the browser offers to sign up with your credentials).
| jsnell wrote:
| Is it a Chrome feature? I'd always assumed it was just an
| iframe, and would work the same on any browser.
| mjg59 wrote:
| My recollection is that they don't - the content that
| includes your gmail data is served to you by Google, not
| by Newsweek.
| [deleted]
| jldugger wrote:
| > You can see the information it has already collected if you
| use Google, by visiting: https://myaccount.google.com/purchases
|
| The weird thing is that page doesn't even list the purchases
| I've made from google itself. Does it even work?
| jeffbee wrote:
| Did you mean purchases from Google Voice, Google Fi, Google
| One, YouTube, Google Cloud, or Nest? Or purchases with Google
| Pay, Android Pay, or perhaps "send money with Gmail"?
|
| Recently discovered these all seem to be unlinked, after I
| has to change my payment instrument in a dozen different
| places.
| luckydata wrote:
| yeah Google has a pretty serious case of shipping the
| orgchart.
| CobrastanJorji wrote:
| Are you accusing Google, the company that released a
| Spotify competitor named "Google Play Music All-Access,"
| of shipping its org chart?
| cryptoz wrote:
| Related, Google Pay and GPay are totally different apps by
| Google on my phone. So confusing.
| Dma54rhs wrote:
| But Google follows and track you without actually using their
| products as well, and they do it at massive scale. When the
| pervert is taking pictures of your daughter at the beach
| promising to fade out the face you don't take go to other beach
| as an answer. Your company tracks everyone everywhere, not only
| on their properties.
|
| Zero respect for Google or Googlers just like I have 0 for
| perverts.
| 28619242 wrote:
| So how long does a company have to do something unethical and
| get away with it so that we're not allowed to complain? Your
| response is disingenuous as fuck.
|
| This was wrong on day 1, and it's wrong today. You know goddamn
| well that users don't know the implication of Google tracking
| their purchases.
| runjake wrote:
| From Google's viewpoint, it's in the EULA and you voluntarily
| agreed to it.
|
| This is how they keep Gmail free.
|
| Presumably, you've known that Google uses all the data it
| keeps about you for marketing purposes? Heck, even my
| grandmother knows this.
|
| If you want to (supposedly) bypass this surveillance, look at
| purchasing a local GSuite for your use. Or look for something
| non-Google entirely.
| gwright wrote:
| I read that as just more information not any sort of
| justification. I reacted more negatively to your response
| than to the parent.
| throwawayswede wrote:
| Not defending Google or dude above, but at this point I
| really can't blame neither Google nor people working there.
| Almost everyone in a position to affect change is well aware
| of this and everything morally reprehensible either Google,
| Facebook, Apple, Reddit, TikTok, Twitter, Snap, Medium (add
| like 20 more) does.
|
| Complaining about companies will change nothing as long as
| there are people using them. Whenever the privacy topic comes
| up a few people come back with I have nothing to hide, or
| it's too difficult to figure out which is good, or my life is
| busy and I can't focus on that, or it's all fucked might as
| well just install cameras in my shower. All this means is
| that: a lot of people don't care or are too nihilistic to
| want to change, and neither of these groups deserves
| sympathy.
|
| If you still use Gmail, you don't get to complain that they
| scan your email, or use it to sell you stuff, etc... If you
| use Alexa you don't get to complaint that they might be using
| other trigger words to register interest, or that your parrot
| ordered something by mistake. These companies have been
| making their position on all of this extremely well
| understood over the last freaking decade.
|
| If you're in a position to let someone who's genuinely not
| aware of this and still uses Google, you can maybe consider
| telling them, if they change then that's a net positive on
| the side of humanity, if they don't then it's on them.
| 28619242 wrote:
| >These companies have been making their position on all of
| this extremely well understood over the last freaking
| decade
|
| I don't think that's fair. These systems are extremely
| complex. I work in the user privacy space for a company
| you've heard of, and I can't say that people don't care. I
| think they don't understand. They don't understand that
| these companies have PhD educated ML data scientist getting
| paid outrageous salaries mine your behavior and influence
| it. I will never, ever blame the user for being exploited.
| I will always blame the people who continue to work on
| these systems, because these systems are evil.
| throwawayswede wrote:
| > They don't understand that these companies have PhD
| educated ML data scientist getting paid outrageous
| salaries mine your behavior and influence it
|
| What I think is a fallacy is that _any_ of us even
| understands exactly what that means. The data science
| crap is (from what I hear from people in the industry) is
| mostly hype.
|
| > I will never, ever blame the user for being exploited.
|
| It's not exactly exploitation if the user is aware of
| what's happening and change causes them only
| inconvenience. People don't even turn off GPS on their
| phone even though they only actively use positioning like
| once a week just to avoid the inconvenience of having to
| go to privacy settings and turn it on/off, basically
| they'd rather be tracked the whole time just to save 3
| seconds. If you do this you're not being exploited,
| you're willingly accepting this transaction. It's their
| loss.
|
| The thing that every single person can see is that these
| companies don't have the customer's interest primarily in
| mind. Google is not giving free stuff because they're
| generous (and they shouldn't be, people should understand
| that companies exist to make money by "supposedly"
| providing value). Their standard position is
| hypocritical. Amazon argues for higher min wage not
| because they care about welfare, but because they want to
| prevent competition from even a 1% chance of gaining a
| tiny share in some market, as long as min wage can only
| be paid by Amazon and not some random small business,
| they're winning.
|
| Our problem is not that companies are doing any of this.
| It's that when EA did that whole gambling/surprise-box
| crap, people complained and complained for months, but a
| lot of those same people STILL played the same stuff and
| bought stuff from the company. This leads to the
| conclusion that people don't want anything to be
| different, but they like to complain and have moral high
| standing.
| a5aAqU wrote:
| > The thing that every single person can see is that
| these companies don't have the customer's interest
| primarily in mind.
|
| I've tried to talk about privacy with many people, but
| very few people think about things like that. They don't
| even know what things like "server" mean. Even if they
| have a vague awareness that companies are conspiring
| against them, they give up because they have been told
| that "'They' already have all my data so there is nothing
| I can do."
| throwawayswede wrote:
| I understand the difficulty in explaining the technical
| stuff. Partly i think it's also on people to learn a
| little. Not in a few months and not to become tech savvy,
| but ust the basics about what the heck internet is and
| what's the difference between that and the web for
| example. Technically this is a 50 year old invention, if
| you absolutely understand nothing about the internet
| you're almost actively trying not to learn or read, with
| that being said I think we should have more basic
| technical education specifically designed for non-tech
| people.
|
| > Even if they have a vague awareness that companies are
| conspiring against them, they give up because they have
| been told that "'They' already have all my data so there
| is nothing I can do."
|
| Yeah like I said, it's a nihilistic attitude. For example
| saying that more countries should have nuclear weapons
| just because around 9 have it already is cannot be an
| argument. 10 countries having them is more dangerous than
| 9.
|
| And by the same rational, if Google already owns you, it
| doesn't mean that you it's ok to sign your soul away to
| TikTok now!
| ehnto wrote:
| That is not at all a fair take. These companies go out of
| their way to make their onboarding funnels as seamless as
| possible, and then jam all the negative side-effects of
| signing up into an impenetrable wall of text. Not everyone
| has been in tech for a decade, new users fresh to the
| internet and life in general sign up every day and these
| companies rely on their naivety and exploit that.
|
| The consequences are clear to US but we know what to care
| about, there are teenagers on Facebook, Instagram, anbd
| Google services. Do you really think they understood the
| implications of lifelong digital surveillance? Not to
| mention the thousands of smaller tracking and advertising
| companies that bottom-feed in the background without so
| much as a peep. Your behavior lives in the databases of
| companies you've never heard of before, and they sell it
| for pennies such is their value of your privacy.
|
| You probably consented to Facebook having access to your
| photographs in order to do the business you expected them
| to do with it, such as show it to others in your friends
| group. Did you anticipate them using your face in
| advertisements? Did you expect them to run ML algorithms on
| them in order to suck out advertising interests, did you
| anticipate the use of your data to form cohorts that allow
| you to be advertised at by companies you've never heard of?
|
| Depending on when you signed up, you couldn't have, because
| half of these things didn't even exist when many of us gave
| them consent. Now think of the billions of users these
| companies have that don't even know what the word cohort
| means, and your position is essentially that well they
| don't know they should be mad, so it's fine to exploit
| them.
| throwawayswede wrote:
| I didn't say people should be blamed for signing up, but
| for continuing to use these companies and services after
| seeing many people burn or because they prefer the
| convenience. If you:
|
| - want the convenience - are not willing to pay for it -
| and have gone out of your way to avoid doing your
| research on how this thing works
|
| == it's on you
|
| but i'm not saying this to blame people really, i want
| people who are in this position to take responsibility
| for themselves and look up wtf is (for example) google
| doing and how is it free, then choose if they're ok with
| that (and stop complaining) or are not (and quit it).
| Enough people leaving Gmail will absolutely make a dent
| in how Google thinks. I'm optimistic about this. More
| people are waking up to the technological-slavery we're
| living in.
| Dylan16807 wrote:
| > how is it free
|
| Because it's subsidized by their massive advertising
| business? They don't need to be this invasive to keep
| that up.
|
| And they track paying customers too.
| barbazoo wrote:
| > Googler, opinions are my own.
|
| Honest question here, why do people put this in their response?
| I don't think there is any chance that one might thing "kyrra"
| is speaking on behalf of Google.
| thethethethe wrote:
| Google requires this disclaimer when you talk about the
| company publicly, probably for legal reasons
|
| Source: I work at Google
|
| Disclaimer: Googler, opinions are my own.
| shapefrog wrote:
| Perfectly sensible policy and I for one appreciate insiders
| clarifying misinformation especially on such issues, while
| still notifiying their potential conflicts.
|
| Disclaimer: I am not a googler, opinions are what google
| tells me to think.
| deckard1 wrote:
| wonder how well this really works.
|
| Some comments I see (not speaking of this thread per se,
| but in general on HN) are _really_ close to conveying
| internal company information. Which is beyond mere opinion
| and only available to someone inside the company. Some
| people clearly use the disclaimer to elevate their
| "opinion" to the level of authority.
| jamie_ca wrote:
| It's less a disclaimer of being an official response, I
| think, and more a case of pointing out a potential bias.
| JohnFen wrote:
| I like it when people disclose that they have a deeper
| connection to a company being discussed than most people.
| It's fair disclosure, especially because it indicates where
| their biases may lie (and we all have biases).
|
| But once someone says "I work for X", they must also say that
| they're not representing the company. Companies get a bit
| upset if their employees appear to be representing company
| positions without authorization, even if no reasonable person
| would thing they were.
| lgats wrote:
| My list seems to stop in May 2021- maybe something to do with
| being Gsuite user?
| throwdecro wrote:
| It looks like there is a section called "Smart features and
| personalization" in the GMail settings (not the general
| Google account settings; specifically the GMail settings)
| under the General tab.
|
| It indicates that "Gmail, Chat, and Meet may use my email,
| chat, and video content to personalize my experience and
| provide smart features. If I opt out, such features will be
| turned off."
|
| It's strange that this major privacy setting is buried
| specifically in the GMail section and not mentioned in the
| main Google account Privacy Checkup. I never knew it existed.
| tehbeard wrote:
| Not to give undue credit to Google.... but I do recall a
| popup in gmail about personalization not too long ago
| (either this year or last) with the option to opt-out.
|
| Might have just been to the EU/UK users though?
| spookthesunset wrote:
| The only item I see is a food delivery I ordered through google
| maps "order now". Otherwise, nothing.
| hamburglar wrote:
| Why on earth would anyone think deleting an email would make
| google remove the info they've gathered on you?
| jeffbee wrote:
| So forgive me for just being a slave to the downvotes, but this
| is the daily reminder to think critically. What I'd like to know
| from this user to clarify what's happening here is whether they
| are a Google Pay user, and if they have "Show bills & receipts
| from Gmail" enabled in Google Pay. It defaults to off, for what
| it's worth, but if you enable the feature it might have the
| effect of pinning this data even if the source emails are
| deleted.
| stavros wrote:
| If you own your email domain, it takes all of fifteen minutes to
| move to something like Fastmail. You just switch the MX records,
| run a GMail import, and you're done. Plus, Fastmail's UI is
| _much_ faster than GMail 's.
| vadfa wrote:
| You forget the part where you have to pay, and not precisely a
| little.
| stavros wrote:
| Oh, true. Well, if $2/mo is a lot you can get data mined
| instead.
| aaaaaaaaaaab wrote:
| Yeah, and GMail might lose a few hundred users!
| stavros wrote:
| If you don't own your domain, email is probably not very
| important to you, so just set up an autoresponder to tell
| people to update to your new address and forward the mail to
| your new provider.
| decrypt wrote:
| Very much this. I am a happy Migadu user today. Works on any
| IMAP-compatible app. I have a domain for myself, and one for my
| parents. I want to move my extended family to a custom domain.
| It's even possible for them to create a new Google account with
| that custom domain for all Google things besides Gmail, yet I
| imagine a lot of push back to this idea.
| tW4r wrote:
| Additionally, if you're in the Apple ecosystem, they introduced
| custom email domains for iCloud this month with iOS 15 with
| their cheapest iCloud+ plan for 0.99
| ziml77 wrote:
| I've been using my own domain for a bunch of years and I'm not
| totally convinced it's worth it.
|
| People are not used to email addresses with personal domains.
| I've had people get confused by my email address when I speak
| it to them. I've switched to just giving out my gmail address
| if I ever have to speak it instead of being able to write it
| down.
|
| And developers don't account for custom domains when obscuring
| your email address. me@myfullname.tld is usually obscured as
| m**@myfullname.tld. That's pretty bad on password reset forms
| since it lets someone easily turn my username into my real
| name. If I had registered with myfullname@gmail.com, they'd get
| nothing interesting.
| [deleted]
| cube00 wrote:
| Given the way any provider can lock you out at any time using
| your own domain is absolutely worth it.
|
| I've found if you use something like firstname@lastname.tld
| people generally get it if they've dealt with any other
| business email addresses (in some cases it actually makes you
| appear more professional). They usually have your first and
| last names before you get onto email addresses so they can
| piece it together and validate it.
|
| If you're really worried about password resets showing your
| domain get a second domain and only use that for online
| transactions, it can then be as obscure as you like. Sure
| there's an extra cost to that but it's a trade off of cost vs
| the level of privacy you want.
| passivate wrote:
| They will still mine your emails when you send them to other
| users who use Gmail.
| stavros wrote:
| Perfect is the enemy of the good.
| passivate wrote:
| That may be, but us nerds have been giving Google free
| promotion and goodwill for years and treating them as the
| "Good" guys. That perception is gradually changing, but its
| too late. I think the only real solution is that we need a
| 2021-appropriate privacy framework to handle these issues
| at the federal level. Opt-in by default should not be the
| norm for private data.
| stavros wrote:
| That's why I love the GDPR.
| passivate wrote:
| Fair point!
| dreyfan wrote:
| Edison [1] (who was acquired [2] today by a company that sells
| your data to hedge funds) does precisely this too, except they
| sell all your data to third parties. Google at least keeps it in-
| house I guess?
|
| Privacy is such an illusion.
|
| [1] https://mail.edison.tech/
|
| [2] https://www.edison.tech/blog/edison-acquired-by-yipit
| Eighth wrote:
| 'sell all your data to third parties' is an interesting claim
| for Edison as their marketing is very privacy conscious. Do you
| have sources for it?
|
| edit: ignore, I just read their privacy policy. God damn it.
| Can't trust anyone.
| dreyfan wrote:
| They've been doing it for years yeah. A decent source is
| https://www.vice.com/en/article/pkekmb/free-email-apps-
| spyin...
| LudvigVanHassen wrote:
| The edit is the correct response.
|
| Technology is awesome, but it's fallen into the hands of a
| bunch of god damn authoritarians. Trust absolutely no one.
| Paranoid should be your default behavior towards any files
| you have a device that accesses the Internet. There's 10,000
| tentacles seeking that data.
| rapnie wrote:
| There was a Tegenlicht [0] documentary on Dutch TV some weeks
| ago, on how pervasive data collection is 'revolutionising' how
| the stock exchanges and entire financial world operates. This
| data really is the new oil, and its analysis gives a headstart,
| advanced prior knowledge for traders that have early access.
|
| [0]
| https://www.vpro.nl/programmas/tegenlicht/kijk/afleveringen/...
|
| Translated from Dutch: _" The stock market should be a level
| playing field: everyone has the same information. But
| unnoticed, terabytes of data have entered the stock market.
| Smart companies dive into the mountain of data that is
| collected about us, in order to be able to see Apple's sales or
| the number of Netflix subscribers before the rest of the market
| does. VPRO Tegenlicht delves into the world of 'alternative
| data' to see who will win on the stock market, and who will
| not."_
|
| Translated with www.DeepL.com/Translator (free version)
| [deleted]
| JohnFen wrote:
| This sort of nonsense is primarily why I avoid using Google
| products.
| Rompect wrote:
| Water is wet
| goohle wrote:
| Sky is blue.
| [deleted]
| function_seven wrote:
| Amazon's order status emails ("Shipped", "Out for Delivery",
| etc.) used to show the items in the order and how much I paid for
| them. They stopped doing that[0] last year presumably because of
| evil behavior like this.
|
| [0] https://mjtsai.com/blog/2020/06/01/unhelpful-amazon-order-
| co...
| aren55555 wrote:
| As an ex-Googler I believe they also use the data collection to
| "improve" products such as the Pixel phones. For example, they
| can compare the # of iPhones purchase receipts (emails
| accumulated from Apple, Amazon, Best Buy, etc) to the # of
| Pixel purchases. They compare this kind of stuff YoY and to
| Google's equivalent products and can build a pretty accurate
| picture of market adoption.
| minsc__and__boo wrote:
| I can almost guarantee Amazon dropped the item details from
| their emails in order to get you to click back into the store.
| jazzyjackson wrote:
| yea i like this take better. facebook used to include message
| or comment content in notification emails. it was nice to get
| updates without having to log on to their horrible GUI. but
| of course they cant make ad impressions if i never log on...
| their emails no longer contain content of comments.
| homerunnerhome wrote:
| I work for another retail where we discussed this same topic,
| and during that discussion I talked to some of my friends at
| Amazon and I would bet a lot of money that your guarantee is
| wrong. From what they told me, the decision to remove info
| from the emails was a company-wide campaign that was
| specifically created as a result of this [0] NYTimes article,
| which specifically calls out Google snooping on Amazon
| shopper data.
|
| I'm sure the advertising PMs were happy to support this
| decision because it got them more page clicks, but my
| understanding is that the underlying motive was privacy.
|
| 0: https://www.nytimes.com/2019/06/04/opinion/google-
| purchases....
| stronglikedan wrote:
| I would think that too, if there were any ads on the order
| detail page. Since there aren't (above the fold anyway),
| wouldn't that just drive up bandwidth costs with no real
| benefit to Amazon?
| jimmaswell wrote:
| Evil is a huge exaggeration. I wouldn't even call this kind of
| thing bad - it's why we even get Google services for free at
| all, and I don't see how it hurts anyone.
| AnssiH wrote:
| FWIW, Amazon.de switched back to the full detail emails in June
| this year.
| reilly3000 wrote:
| I assume this is so they can stop retargeting you for stuff
| you've already purchased. Maybe also for general conversion
| tracking and market insights.
| qualudeheart wrote:
| One of these days some simple soul is going to pick up purchase
| data for the rich and powerful and read it. Then the rich and
| powerful will be embarassed.
| reacharavindh wrote:
| I wish there was an online service that would let users poison
| their own data. Like allowing me to intentionally get emails
| about random stuff, shopping receipts etc from absurd entities
| just to throw the profilers off our scent. Would be fun.
|
| Same with something I can run Google Maps with my account logged
| in so that Google thinks I am one heck of a super traveler, and
| shopper of things.
|
| Something that watches random YouTube videos for me, and randomly
| clicks on ads for me.. :-)
|
| Uploads random photos into a Google Photos account for me :-)
|
| That's be heck of a lot fun!
| decrypt wrote:
| For search, I use TrackMeNot, a browser extension that makes
| random searches every few seconds:
|
| https://trackmenot.io/
| shultays wrote:
| Semi related xkcd: https://imgs.xkcd.com/comics/packages.png
| dmitryminkovsky wrote:
| This is very cool but I wonder how effective it is. I suspect
| Google can trivially discard the activity it generates?
| drdeadringer wrote:
| What I'm hearing is that it's gotten so bad that people are now
| wanting email spam in order to combat data tracking, if not
| wanting email spam to combat email spam.
| kin wrote:
| Great, then it should stop advertising to me what it knows I just
| bought.
| Demoneeri wrote:
| I'd expect nothing less, if I ask Google assistant about my last
| purchases, I expect it's going to show me the data. It's bad
| enough that Amazon doesn't include what you are purchasing in the
| email and that you have to open the site to see...
| wly_cdgr wrote:
| It looks bad, but they need this info to optimize the spam filter
| kobieyc wrote:
| This is an example of why I moved off Gmail to ProtonMail
___________________________________________________________________
(page generated 2021-09-23 23:00 UTC)