How do you know Google does the same thing? What can you get out of Google by writing an app?
Off the top of my head, I don't think Google even has most people's friends lists (outside Orkut back in the day, and Google+, which isn't so popular). They do have contact lists in Gmail, which is a bit different.
There is address book spamming via mobile apps, but again, there are permissions. How good are they?
It seems like it's "the same thing" only if you ignore all technical detail. We should be able to do better than that!
You are implying friends list is the main factor here. Let's assume you are right. Still, Google may have a database for people you might know, you just don't know its existence yet. They don't have to let you input your contacts voluntarily to find out about your relationships. For example, have you used Google Maps? You search a place, Google tells you popular time of that place, how did they get the data? If they are able to do things like that, they might also be able to know who (or which Google account) you spend time with and where, they just don't have reasons to tell you they have the data or they have deep learned the data for various purposes.
We just don't have a whistleblower to testify that they sell the data yet, possibly because they have strict internal confidentiality policies.[1]
Disclaimer, about that Google Maps example, it's just my assumption, I don't know how it actually works.
If you have Google Maps running on your phone with data and GPS on, the app will explicitly ask you about your experience in whatever place you're visiting at that moment. I have friends who enthusiastically respond to those notifications every time, arguing that the information will help other users. More people than you think are happy to share more than passive metadata.
> More people than you think are happy to share more than passive metadata.
I'm aware of that. I used to be like your friends because I love technology. Though I didn't know it's an opt-in since I haven't seen those notifications. Maybe I missed it?
Even so, how do I make sure the data is not going to be misused? I practically not be able to do anything that I think I can to prevent data misuse. They collect my data even after I said no.[1]
Plus, those so-called passive metadata are more objective and valuable than the data you actively submit to them, don't you think? I can hardly fake these kinds of data, just like you don't ask what lab rats think, you run tests on them and then just observe how they are gonna react.
Giving away those data with good intentions doesn't necessarily mean it won't harm others in some other way. I have things to hide, especially with data companies thriving.
Edit: In fact, believe it or not, I hate to point the Popular Time issue out. I was afraid of Google supporters' hostile attitudes against me or Google might consider this feature could heat up privacy concerns then kill it. (Very unlikely, because I'm nobody. :D) I find this feature is thoughtful and useful, I'm too selfish to watch it die. Besides, killing it doesn't do any good to the public, on the contrary, it will become less transparent how they are going to use user's data. I brought up this issue only because, with this whole FB scandal thing happening, I feel the public is playing favorites.
"To determine popular times, wait times, and visit duration, Google uses aggregated and anonymized data from users who have opted in to Google Location History." [1]
"Location History and Location Reporting data may be used by any Google app or service." [2]
It looks like you can turn it on or off, and delete your location history. I don't see a way to use Location History without having it also be anonymously used for traffic and other stuff. [3]
I've turned it off on my phone to see what happens. Occasionally I'll run across a permission dialog to turn it on.
Thanks for the links, although deleting data from Google doesn't sound like a relief/solution to me because they keep all the data.[1][2] From my experience, after you deleted your gmail account, you are not allowed to register with the same address anymore. They claim it's due to security reasons. Such claim sounds reasonable and I believe them. Anyway, they have the ability to keep the data you think you deleted for whatever reasons, which is enough for me to have doubts. I have no methods to prove that other kinds of data are kept or deleted, i.e. I don't know how to check if they deleted my location history completely, or just archived it for future use. Even the data has been anonymized, it still can be used for statistic purposes, which possibly could be used to influence elections.
I wonder if most of users would read through ToS and support articles before they started using those features. It's just much easier to click on "I agree." I won't call it a trap, but it's pretty close. As a result, users are signing contracts they don't even bother reading. And eventually, users are the ones who get blamed by the company for not paying attention.
And again, we are not sure about how they are actually using our data. Before this FB scandal, some people might still believe FB wouldn't do things like this.
So you're saying they have lots of personal data (nobody is disputing this). If they have the data, and they let someone else have access to it, it could leak. Which, sure, makes sense.
But that's not the same as "know[ing] Google does the same thing" unless you define either "know" or "the same thing" very loosely.
Google has contact lists, call logs, real-time location and possibly texts from most used smartphone OS. Google has communication graphs and contact lists from the most used email platform. Google has the search logs from your internet searches. Google has web logs from the most used web analytics platform.
Google absolutely harvests all info they can get. They scan gmails, they monitorig everything on all Android phones, even when you disable something [1].
It's just that Google maybe be a bit hesitant to sell data to 3rd parties, since they abuse them themselves :)
> It's just that Google maybe be a bit hesitant to sell data to 3rd parties
Which is the entire point. I know Google is taking data when I use Google products. The problem arises when Google freely gives my data to a random third party company I neither know nor trust, without my knowledge.
Because at least then you know who has your data. If I agree to Google having some of my data because I trust them with it to some extent that does not mean I want to give any third party access to that data. And I'm not saying there's any reason to trust Google with your data, but at least you'll know who really has access to that data.
The exact quote is "Consumer Gmail content will not be used or scanned for any ads personalization after this change." I know they still scan my emails, because airbnb reservations will magically pop up on my calendar.
Information about events, flights, parcel tracking, etc. are explicitly provided by email senders for things like automatic calendar integration by the email client. https://github.com/schemaorg/schemaorg
Nope, using Facebook credentials. That's definitely a possibility.
Maybe I'm cynical, but whenever I see qualifiers around a verb I get suspicious. Something like "hey, we're not lying when we said we stopped scanning emails for ad purposes, but we are still scanning to improve other Google ecosystems tools like Calendar".
I was looking at Google Plus again last week and there's a lot of interesting things about it. I kind of wish they would spin it off into its own company.
Off the top of my head, I don't think Google even has most people's friends lists (outside Orkut back in the day, and Google+, which isn't so popular). They do have contact lists in Gmail, which is a bit different.
There is address book spamming via mobile apps, but again, there are permissions. How good are they?
It seems like it's "the same thing" only if you ignore all technical detail. We should be able to do better than that!