Google spying – but so do too many others (opinion)

It is a fact – Google spying. If you paddle in Google’s pool via Android, Search, Assistant, Home, Gmail, Calendar, Chrome, Docs, Groups, Maps, Flights, Hotel Finder, Flights, YouTube et al. … then Google knows all.

The Australian Competition and Consumer Commission (ACCC), is investigating claims by Oracle that Android devices send Google information that you pay for via data charges. This information includes searches, what you view, and location data, even if location services are turned off.

Oracle’s claim is both self-evident and self-serving. Self-evident – well ‘dur’ almost every device connected to the internet sends some form of telemetry back to the maker’s cloud, and we use data and pay for it.

And self-serving it that Oracle’s cloud does a similar thing. It offers Data as a Service (DaaS) that aggregates, and analyses consumer data across channels and devices to create cross-channel consumer understanding. In other words, to serve targeted advertising.

But this telemetry issue (a euphemism for spying) is far larger than you think

Every Android/iOS/other smartphone has a unique phone number and IMEI. That forms part of the universal key to tying together your profile.

Your Telco knows where you are all the time

Telcos use both the 3/4G network as well as broadband data to gather ‘telemetry’. At worst it triangulates your smartphone signal to cell towers. At best it accesses your GPS chip.

Under the guise of ‘call charge records’ (CCR) it knows every word you speak, every number you call, every search you make, every text you send … It keeps logs for two years that are accessible by law enforcement and others with a warrant.

But it can also aggregate data from other sources to build a better profile to ‘better serve you’. What this means is it can both buy and sell data to provide highly targeted advertisements.

There has been a lot of discussions to expand the scope of the CCR well beyond its original use of call billing. This includes co-tracking of in-store and shopping centre location beacons. Even enabling tracking of phone use in cars and by traffic and speed cameras.

But it gets worse. Every ‘two-bit’ MVNO (mobile virtual network operator – do you trust them?) has access to CCR as well. And all operators know your HLR (Home Location Register) and VLR (Visiting Location Register). We need to regulate Telcos and MVNOs.

Apple also track every iPhone with location, use and much more

Apple iPhone calls home every time you use the device or an app, text etc. It uses this for things like ‘find my phone’ as well as to develop highly targeted advertising. It can sell such data to third-parties.

Both Apple and Android share this data, intentionally or otherwise, with app developers too. Every approved app, should it wish to, can use Apple/Android APIs to identify the location, make/model of phone, phone/IMEI number and much more.

Let’s move to the desktop

Apple Mac/iPad and Microsoft Windows can identify any user connected to the internet (as for the most part they must log in). Also, these use a reverse IP Lookup to get the location (at least of the router) and machine details.

Later model laptops and tablets have location chips, and some have 4G LTE sims as well. If you use the companies cloud-based mail/calendar or productivity software, then your data is exposed to them.

Then there is the use of Safari and Siri or Bing and Cortana – more personal information magnets.

The key difference here is that it is still possible to use (at least) a Windows PC without logging in, turn off all spying and use a VPN and adblocker to anonymise web traffic.

Other spies

Comparison websites exist to sell you a product they make a commission on. In the guise of analysing your gas, power, telephone, insurance bills – a free servcie – they use your highly personal data to serve highly targeted offers to you.

Loyalty cards like Qantas Frequent Flyer, Virgin Velocity, Woolworths Rewards, Coles Flybuys and tens of thousands of store/chain cards spy on you. They know what you buy, how frequently you buy it and have enabled these cards to branch out into insurance, finance and other fields. All fuelled by your loyalty.

Voice assistants are generally an extension of Google (OK Google), Apple (Siri), Microsoft (Cortana), Samsung (Bing), LG (ThinQ) etc. By extension, they gather data, and the more convenient they become, the more they gather. By the way, you are paying for data to use these services.

Even more spies – althoug they deny it

Banks credit cards have grown into as major spying network. As we strive for a cashless society they can track every purchase (from a coffee to a car), when you made it, where etc. Don’t think for a minute this information is not used for targeted advertising.

Then use of government services such as Medicare, ATO, ASIC and more all gather data. Mostly it is for internal use but who watches the watchers?

And then a plethora of apps and associated smart home devices. Not picking on Dyson (that state they will never sell your data and only use it for product improvement) but why do its Hot/Cold Fans requires location and notification services. Its answer is to provide air pollution data and alerts. Fair enough and it does work with this disabled.

Short answer no cloud-based app is safe from spying.

GadgetGuy’s take – Is Google Spying a bad thing?

The short answer is a question. How much privacy are you willing to give up for the use of free services? If it’s free, the product is you!

Alphabet is Google’s parent company with a less trendy name. It is the world’s largest technology company. Its growth is mainly fuelled by its search engine roots gathering information to enable targeted advertisements to be served to you.

In previous broadsides about Facebook (which we consider far more invasive and insidious), we have made the points that

  • Few read the privacy statements and terms and conditions preferring to accept these as the price to pay for the use of a service. Even if you do object what can you do apart from not use the service?
  • And sometime soon we are going to have to ‘trust’ at least one company with our personally identifiable information if we are to achieve the nirvana of ‘Skynet’ and harness Artificial intelligence for the good of all humankind.

I am not declaring that I trust Google spying

As a company, it started in 2000 with the motto ‘Don’t be evil’. In 2015 it changed this to “Do the right thing”. Both mantras underpin the premise that staff, management, and the Board self-regulate. I think I could trust Google spying if there were strict global privacy regulation if only to legitimise what it does.

But as an honorary member of the tin-foil hat brigade, I take extensive steps to limit my digital footprint. It is onerous but not impossible to remove advertising tracks and block unwanted advertisements. Rule number one is not to have Facebook etc.

The bottom line is that the internet changed the world when introduced in 1990. It is a shame, no a crime, that privacy issues have reached a ludicrous point some 28 years later before outrage and action. Just like #Me Too #Delete Facebook is the tip of the iceberg.

We need strong regulation – a digital bill of rights with teeth to bring all the cowboys and pioneers into line. Once that line exists, we can move forward with some confidence that our personal information is ours to control.

Google Spying, Google Spying, Google Spying