[HN Gopher] You can now ask Google to remove your phone number, ...
___________________________________________________________________
You can now ask Google to remove your phone number, email or
address from search
Author : todsacerdoti
Score : 212 points
Date : 2022-04-29 19:32 UTC (3 hours ago)
(HTM) web link (krebsonsecurity.com)
(TXT) w3m dump (krebsonsecurity.com)
| beyondd wrote:
| This is great, but removing the info from Google does nothing to
| remove it from the source. People search data brokers are one of
| the most common sources of unwanted posting of home address,
| phone number and email. If that's the info you want to remove,
| you can use Google as a tool for discovery to figure out who is
| posting the info, and then opt out at the source to have it
| removed. For more coverage you can use Optery's free crawl /
| scrape / scan of the people search data broker sites for you, and
| use that to have the listings removed from the source. Wherever
| possible, removing the info from the source is much better than
| just removing it from Google.
| tyrfing wrote:
| Those sites are low quality and it's often easy to get much
| better free data. SF recorder's publicly posted property
| records, searchable by name, for example. There are also
| numerous private databases with high quality data which
| certainly don't want to be indexed. Your info being on those
| public sites (which isn't very meaningful due to how many
| errors they have) is mostly a symptom of how easily available
| it is, rather than a source to be plugged. Suppressing it may
| make it slightly harder for an uncommitted nutcase to track you
| down, but won't make much of a difference overall. Going from a
| name to much more info is very easy in the general case, and if
| it isn't, there won't be valid info on those sites.
| paul7986 wrote:
| Personally its always been out there these people search sites
| just make it easy to figure it out who your dealing with
| especially when it comes to dating.
|
| Was just with someone for the past few months who said all
| their relatives passed due to a horrific car accident and they
| would talk a lot about saying how much they missed them and are
| alone; have no one. Ummm they are all alive and well.. there
| was no horrific accident and she is just a crazy manipulator...
| gain sympathy to get whatever she wanted (toxic ... gross.. go
| away) ... Amber Heard type.
|
| thanks SearchPeopleFree.com for letting me learn and move on
| quickly!
| rotexo wrote:
| So you would recommend Optery? Some of the paid opt-out
| services seem to me to be essentially extortion schemes, want
| to make sure any service I use wouldn't be like that.
| beyondd wrote:
| Extensive analysis of Optery and the topic of removing your
| personal info from the web on HN here:
|
| https://news.ycombinator.com/item?id=30605010
| rotexo wrote:
| Thanks, will have to read up on it.
| KarlKemp wrote:
| Meh... If some data about me is listed on a website nobody ever
| sees, I don't care what sound a tree falling in the wood makes.
|
| This isn't a binary issue. Removing data from Google will
| usually have 90 % of the effect of removing it everywhere.
| willis936 wrote:
| Data brokers aren't "websites no one uses".
| bobbygoodlatte wrote:
| That all changes if you have a stalker / bad actor going
| after you online. Once your address hits one of these sites,
| it's on every one of them. And you'll be playing a constant
| game of whac-a-mole if you want them removed.
|
| The amount of hoops you need to jump through to protect your
| privacy / shield your address in the US is quite incredible.
| And if you don't do it correctly from the start (use an
| anonymous land trust, etc), you're hosed.
|
| Privacy should be the default. People's home addresses
| shouldn't be public info
| JumpCrisscross wrote:
| > _hoops you need to jump through to protect your privacy /
| shield your address in the US is quite incredible_
|
| The U.S. has a decentralized land registration system. The
| downside is it usually cannot provide indefeasible title
| [1]. The upside is it's tremendously robust. That
| robustness comes, in part, from publicly-verifiable
| records.
|
| > _People 's home addresses shouldn't be public info_
|
| Confidential property ownership has its own issues.
|
| It's less stable. In the event of a dispute you only have
| the registrar's and disputing owners' records to consult.
| It's also associated with embezzlement, money laundering
| and tax fraud. (The set of societies where a public home
| address puts one at risk and the set that have problems
| with embezzlement and laundering overlap in their
| institutional weakness.)
|
| (For tenants, on the other hand, there are fewer compelling
| reasons to publish residence.)
|
| [1] https://en.wikipedia.org/wiki/Torrens_title#Indefeasibi
| lity_...
| WaitWaitWha wrote:
| It took me about 10 minutes to figure out that the link provided
| from the Google article really just leads to a workflow where i
| have to answer just the right questions to get to the actual form
| (https://support.google.com/legal/troubleshooter/1114905?rd=1...)
| . And, then go through a second workflow, which puts you to...
| the first workflow.
|
| I have yet to reach a page where I can submit the URLs to be
| removed. I consider myself a neophyte technologist, since I just
| started a few decades ago with punch cards. I doubt most of the
| general public will figure out how to perform this process.
|
| I will give some grace, and come back in a month.
| mikepechadotcom wrote:
| Sounds great, however I am scared that when I do this, Google
| will flag my account, and if I need to use their other services,
| like Google Ads, Gmail, YouTube etc. my account is suddenly
| blocked because of [insert arbitrary ToS violation]
| Teandw wrote:
| That's a random thing to be worried of. That's not going to
| happen.
| voakbasda wrote:
| I have asked Google (repeatedly) to remove roads on my private
| property from their Maps. Those roads still appear there, so I
| find it hard to believe they will honor these types requests
| either.
| Teandw wrote:
| From previous experience they will virtually never 'remove' a
| road as the road is there and it should appear for 'accuracy'
| purpose, so if you're trying to get them to do that, that will
| be the reason why it's staying up.
|
| Instead you have to submit an edit and state in there that it's
| a private road and on private property so should not be used
| for navigation purposes. It will then be removed from
| navigation etc.
| texasbigdata wrote:
| Do your roads appear on any government maps? I believe the
| mapping agency for road is called...shucks I forget. They're
| sometimes ahead or behind Google maps.
| dylan604 wrote:
| If it is a private road on private property, I don't care if
| it is on a gov't map or not. It should not be listed as a
| route on any publicly available map service. In fact, it
| should be required to be explicitly labeled as private
| property "violaters will be prosecuted" type of thing.
| dylan604 wrote:
| Several years back Google started naming the alley ways in my
| neighborhood as if they were streets. Either all of the car
| services use Google maps, or other map services made the same
| decision. This is obvious as drivers are constantly being
| routed through alleys in my neighborhood for
| rideshares/deliveries/etc. As a side benefit to this, you can
| tell if you're driver is clueless by watching them go through
| the alleys to find you or make the obvious decision to not go
| down an alley.
|
| Several attempts at reporting this to Gmaps has gone ignored.
| kube-system wrote:
| There are plenty of reasons to map roads on private property,
| and presumably it is visible in satellite imagery, so I don't
| see that as a compelling argument by itself. If we're not
| counting oceans, most of what is on a map is private property.
| sumthinprofound wrote:
| once a month I google my PII and then either opt out through the
| hosting website or go through the google removal request process.
|
| After I saw this news article about phone # removal I went to
| look for the search results that I had previously found on Google
| but apparently Google had already delisted them. Good stuff.
| fibers wrote:
| Isn't this good? What's the downside?
| Teandw wrote:
| The possible downside is that it could allow
| scammers/fraudsters to get their details removed.
| rosndo wrote:
| Krebs's doxing posts will get removed from Google?
| rotexo wrote:
| This is really good, imho. The downside is that the information
| is of course all still out there for a sufficiently motivated
| person to find.
| _jal wrote:
| > What's the downside?
|
| I did reconnect with someone I lost track of a long time ago
| via google-stalking, found their email address. I'm pretty sure
| they agree that it was nice to reconnect, we talk regularly
| again.
|
| (Neither of us are FB users, so no, it doesn't substitute.)
| notafraudster wrote:
| For this to be a downside, you have to believe that the
| person expressly wants to remove their email address from
| your view, but nevertheless wants to reconnect with you.
| That's possible, but I don't think a sane thing to build
| around.
| lupire wrote:
| It's a downside, not a "build around".
| [deleted]
| andrewgioia wrote:
| > Google says a removal request will be considered if the search
| result in question includes the presence of "explicit or implicit
| threats" or "explicit or implicit calls to action for others to
| harm or harass."
|
| Apparently they've always had a process for bank account info and
| other related things, but I can't get some of the newly included
| items, like login credentials, removed unless I can show actual
| or implicit threats of harm?
| vlunkr wrote:
| I'm implicitly threatened by a multi-billion dollar corporation
| making my personal information available publicly and refusing
| to remove it unless I have evidence of explicit or implicit
| threats.
| throwaway0220 wrote:
| > " _...unless I have evidence of explicit or implicit
| threats._ "
|
| It seems you're misreading the policy. See my comment above
| [1].
|
| [1] https://news.ycombinator.com/item?id=31210455
| Teandw wrote:
| Technically they haven't made your personal information
| available publicly. It was already public if Google managed
| to get their hands on it. They've just made it easier to
| find.
| reaperducer wrote:
| Google buys 90% of credit card transactions. That's not
| public information.
|
| And the only way to opt out of it is to not use credit
| cards.
| lupire wrote:
| It is not _free_ as in gratis, but it is publivally
| available, just as tomatoes are publicly available at
| stores.
| KennyBlanken wrote:
| > Google buys 90% of credit card transactions.
|
| Source, please.
| lupire wrote:
| Bloomberg reported (paywall) and the web plagiarized:
|
| https://www.google.com/search?q=Google%20buys%2090%25%20o
| f%2...
|
| The "90%" might not be easily sourced, but also not the
| crux.
| DaltonCoffee wrote:
| Do they publicly index this information tho?
| reaperducer wrote:
| Does it matter?
|
| Is it somehow OK for someone to build a dossier on
| another person as long as they use that information for
| their own purposes?
| Teandw wrote:
| Well, yes. Because you're talking about a different
| scenario than what is going on here.
| alar44 wrote:
| Yes? Are you telling me I can't know things about people?
| kevin_thibedeau wrote:
| You won't get your mitts on their video rental records.
| We need another embarrassing data breach to get more
| protections.
| dylan604 wrote:
| Is this still true? Nobody goes to Blockbuster to rent
| videos. Videos are streamed to you on a plethora of
| devices. Does the video rental regulations apply to
| YouTube sharing your video selections? PornHub? Netflix?
| munk-a wrote:
| There isn't a material difference between those two things.
| What precisely is private information - outside of
| information stored solely inside your head. Even medical
| records can be made public through certain actions so
| pretty much everything is potentially public information.
|
| Making things easier to find can be a threat - it's why
| there's a lot of compelling discussion around websites that
| take rosters of arrest records and post them on big scary
| websites along with pictures and lurid descriptions of the
| person's crime - offering to remove the information for a
| fee.
| KennyBlanken wrote:
| Fascinating, isn't it, that linking to a movie or cracked
| software is something they have to stop linking to upon
| request no questions asked _by law_ , but if your
| personal information or financial information or login
| credentials are posted somewhere, you gotta prove you'd
| be harassed...
|
| The US needs a GDPR-equivalent law.
| Teandw wrote:
| Making things easier to find can be a threat, yes. I
| guess that's why they're moving towards allowing things
| like this to be removed.
| no-dr-onboard wrote:
| I wonder what the standards are to verify this. Can I just
| sockpuppet a twitter account calling for my harassment and then
| use that as proof of targeting?
|
| IMO there should be as few barriers to entry as possible with
| something like this.
| stult wrote:
| Cool new business model, harassment as a service. We'll get
| your info off google for the low low price of $1.99 per fake
| death threat
| reaperducer wrote:
| I hear ads on the radio for "reputation management"
| companies that, in part, use similar methods.
| rhexs wrote:
| Here's a direct link to the removal process:
| https://support.google.com/websearch/answer/9673730
|
| Really neat.
| distrohopper wrote:
| if your email, phone number or address shows up in Google search
| you are doing it wrong
| ge96 wrote:
| Ha the other day I found this site truepeoplesearch has all my
| addresses/phone numbers, relatives... like cool
|
| It probably came from resumes or something but still
| belter wrote:
| Do you mind if I send your application to a few jobs? :-)
| ge96 wrote:
| The data that they have is crazy, goes back at least 2
| decades (places I lived in life).
| kube-system wrote:
| Assuming you're in the US, it is probably from financial data.
| The whole market for data brokering has deep roots in financial
| services like credit reporting.
| [deleted]
| recuter wrote:
| Do humans really review these requests manually? How would that
| scale?
| Teandw wrote:
| They do get reviewed manually. I would imagine in the grand
| scheme of things, not many people would ever submit it.
|
| Scaling it wouldn't be hard regardless, this would be very
| basic task based work, that they would hire out to India or via
| companies that handle this sort of work.
| recuter wrote:
| That's quite the contract. Could funnel the profits to
| another company that targets end users offering assistance in
| getting scrubbed from the internet.
| Teandw wrote:
| They tend to contract this sort of work to companies like
| Lionbridge who are very strict on rules etc.
| JadeNB wrote:
| > Do humans really review these requests manually? How would
| that scale?
|
| A slow and frustrating process to stop displaying your private
| information does Google no harm, so the answer from their side
| is likely "who cares?"
| unwind wrote:
| Meta: The title is truncated ("Search" at the end turned to
| "Searc") which doesn't look very nice.
|
| I would suggest maybe s/Remove/Drop/ or just s/from Searc//.
| KennyBlanken wrote:
| The headline is extremely misleading. They will only remove the
| information if you are being targeted by a doxxing campaign, and
| they make it incredibly onerous to remove the information - you
| have to provide screenshots, the URLs that generate the search
| results, and then, bizarrely, you must also separately provide
| the search terms.
|
| The whole thing feels like a /r/maliciouscompliance post.
| praveenhm wrote:
| Removing from google doesn't go far enough, the big culprit is
| the data broker. Displaying your age, is the biggest worry, among
| your friends circle. John oliver recently made a late night show
| on data brokers, threatening the congress members, must watch for
| anyone. https://www.youtube.com/watch?v=wqn3gR1WTcA
| deadbunny wrote:
| Why is this dependant on receiving threats? By that point people
| already have your info. Why can't I remove it without jumping
| through hoops?
| Barrin92 wrote:
| throwaway0220 wrote:
| > _Why is this dependant on receiving threats?_
|
| It is not.
|
| From the form [1]: " _...that has POTENTIAL to create
| significant risks of identity theft, financial fraud, harmful
| direct contact, or other specific harms..._ " (emphasis mine).
|
| The requirements section states that you may request removal
| due to the page having "personally identifiable info" OR
| doxxing content "used in implicit or explicit threats".
|
| Now, there's exceptions to this (e.g. public records,
| newsworthy content), but nowhere it says you have to receive
| threats first before requesting removal.
|
| disclaimer: Googler, but no relationship with the team, and
| have no other knowledge of this policy other reading the public
| blog post.
|
| [1] https://support.google.com/websearch/answer/9673730
| jjulius wrote:
| >It is not.
|
| >... nowhere it says you have to receive threats first before
| requesting removal.
|
| Oh come on now, this is taken directly from your link:
|
| >Requirements to remove doxxing content
|
| >For us to consider the content for removal, it must meet
| both of these requirements:
|
| >1. Your contact info is present.
|
| >2. There's the presence of:
|
| >- Explicit or implicit threats, or
|
| >- Explicit or implicit calls to action for others to harm or
| harass.
|
| So, yes. To remove doxxing content, you are required to show
| proof of explicit or implicit threats.
|
| If you think about it, the way the requirements are set up
| are pretty damn backwards. Are you just requesting your
| personal info to be removed just for the sake of having it
| removed? Sure, as long as it's your CC/bank
| account/SSN/whatever else on that list, they'll remove it.
| But if you tell them you're being doxxed? Well fuck you, they
| won't just up and remove the data like they would've before,
| now you have to prove you're being targeted, too. It's like
| it'd be easier to have the doxxing content removed if you
| _didn 't_ tell them you're being doxxed.
| lupire wrote:
| It's confusing. The policy document lists contact info
| twice, and to the form is missing the "other doxxing
| content" option.
|
| It looks like the form has design errors that don't match
| the policy.
| [deleted]
| KennyBlanken wrote:
| "Is your contact information being shared with malicious,
| threatening, or harassing intent, which is known as doxxing?
|
| - Yes, the contact info is being shared with doxxing intent -
| No, the contact info is not being shared with doxxing intent"
|
| The headline is extremely misleading.
| lupire wrote:
| The policy document is slightly inconsistent with itself
| and inconsistent with the form options.
|
| This was not well reviewed.
| dylan604 wrote:
| >Why can't I remove it without jumping through hoops?
|
| Because the biggest hoop is that the data is not located in
| just one place. It's the internet, so the data is
| shared/duplicated as fast as it becomes available. You have no
| idea how many places it lives because not all places are
| available for public browsing. Some one buys it, then resells
| it ad nauseam.
| Lapsa wrote:
| aka google collects your phone number, email and address
| qiskit wrote:
| Does this remove it from search results only or from google's
| databases? I'm assuming google keep all the data internally for
| themselves and just filters it out for the users.
| y-c-o-m-b wrote:
| Well I filled it out. Let's see what happens. A lot of these
| websites have no way to remove personal info or make it very
| difficult to do so, so this is a minor step in the right
| direction. For me it's a matter of safety. I used to have a best
| friend about 15 years ago that got busted for sex crimes with
| minors and he's due to be released next month. The first thing
| he's going to do is look me up and find where I live, I guarantee
| it. I have kids that are around the same age as the minors he
| violated, so it's a serious concern knowing he can so easily find
| where I live and potentially harass us or worse.
| pawelkobojek wrote:
| It's great but a related question: if Google processes phone
| numbers how is it GDPR compliant? They definitely don't ask every
| person in the EU whether they can process their personal data and
| yet it is possible to find EU citizens' phone numbers using their
| search engine.
| Teandw wrote:
| 'Technically' Google only lists websites in their search engine
| that a website owner has authorised them to scrape/crawl. Part
| of Google's TOS is that if you allow them to crawl your
| website, you're following all legal responsibilities in the
| countries you serve your website to.
|
| That in theory means that if your details are on a website,
| you've already given consent for it to be shared with Google.
|
| Does that happen in reality? Most of the time I doubt it. But
| it pushes the liability onto the website owner.
| digitallyfree wrote:
| Uh, you don't really "allow" them to visit your website. All
| you can do is disallow them from visiting by blocking them
| using robots.txt. If you don't have a robots.txt stating
| otherwise they will crawl and index your site.
|
| UPDATE: I suppose if you specifically allow the Googlebot via
| robots.txt, then in that case they could probably argue that
| you gave them permission to access the site.
| Teandw wrote:
| When you put a website live on the internet, you're giving
| everyone permission to access it, including Google, unless
| you state otherwise. (Or put processes in place to make it
| non-public.)
|
| So yes, you do allow them to visit your website.
| creato wrote:
| If you put a website on the internet, you are granting
| anyone or anything permission to look at it by default. The
| alternative seems obviously untenable.
| digitallyfree wrote:
| Exactly, and this is why the TOS mentioned in the comment
| is absurd. Basically that means that if the TOS is
| legally valid, then technically Google can force any
| arbitary terms on you if you simply put a website on the
| internet. This would be the same as saying that all
| citizens of America are subject to this agreement,
| whether if they've seen it or not.
|
| This is worse than shrinkwrap agreements and TOS banners
| at the bottom of a website, since for those you could at
| least argue that the person who opened the box/visited
| the site saw the agreement. But in this case, there is
| absolutely nothing to indicate that the person who
| created the website even knew that Google as an entity
| existed.
| wumpus wrote:
| Have you ever met a lawyer who thinks that kind of TOS is
| valid in any way?
| cnorthwood wrote:
| Consent isn't the only basis you can use for processing data
| under GDPR
| wumpus wrote:
| I have never seen a lawyer give an opinion about that. One way
| to read the GDPR is that it outlaws all search engines, for
| this reason. More likely it is a huge barrier to entry for new
| search engines.
___________________________________________________________________
(page generated 2022-04-29 23:00 UTC)