Google’s New Privacy Features Put the Responsibility on Users
It’s Google’s big privacy pivot, according to Google.
On Tuesday, The New York Times ran an op-ed about privacy written by Google CEO Sundar Pichai, in which he argued that privacy is not a luxury good, and that Google intends to give people “clear, meaningful choices” around their data. On the same day Pichai’s op-ed ran, Google held its annual developer conference, I/O, where it announced that Android Q, its latest mobile operating system, would ship with something like 50 privacy and security features.
Some of these features are new, such as more granular controls around location tracking—a particularly sensitive topic for Google, since it was sued last summer for storing location data even after users had turned off location history settings. Others were previously announced, or are expansions of what Google was already offering in its apps, like passwordless logins in Chrome or “incognito” mode.
But as Google increases the number of privacy features—part of an attempt to scrub its reputation clean of data-tracking dirt—the setup of the settings, toggles, and dashboards within its apps seems to put more responsibility on the individual user rather than the platform. As Pichai himself said, Google aims to give people “choices.” So it’s your choice if you want to take the time to adjust, monitor, take out, or toggle something off. Just like it’s Google’s choice to not change its fundamental approach to gathering data to help better target advertising and thus make heaps of money.
Still, executives made privacy a focal point during Tuesday’s keynotes at I/O. They demonstrated how the newest mobile operating system will remind people that apps are using their location even when they’re not using the app. Users can adjust privacy settings in three granular ways—though Activity Controls, Location History, and Ad Settings. And, independently of Android Q, Google users can now set time limits for how long Google retains certain type of information, although by default Google will indefinitely hold on to your web and activity data.
Otherwise, features were moved to mildly more convenient places. “In [Android] Q, we brought Privacy to the top level in Settings,” Stephanie Cuthbertson, senior director for Android, said during the keynote yesterday. This is a tweak from the current mobile design, which involves going to Google Services & Preferences; although “top level” still doesn’t mean the page is immediately visible. In the future, if you’re using Google Search on mobile and you tap on your account image, “Your data in search” will appear as an option in the drop-down menu. Right now if you tap on your account image, you have to first tap on “Manage your Google Account” to get to “Personal info & privacy.”
Jen King, the director of privacy for the Center for Internet and Society, says she believes that most people tend to find privacy settings very confusing. Facebook, which regularly revamps its privacy settings and takes users through an extremely detailed set of options, comes to mind most often. But Google is not immune to this either. In King’s own dissertation research, which included a small sample of subjects, she found that half of the people she surveyed knew how to clear their Google search history and far fewer had taken the initiative to go through their search history and clear it.
“It’s going to be a small minority who take the initiative,” King says. “It’s not that people don’t care; it’s just A) not their top priority, and B) it’s often hard for people to understand this stuff.”
When WIRED asked Google for information on how exactly people are using Google’s existing privacy tools on mobile and the web, the company initially shared the same statement it wrote in a 2018 blog post: “Billions of people have now visited their Google Account and over 20 million people do so every day.” When pressed, the company said that over the past 28 days, 160 million signed-in users “made use of” Google’s account-level privacy tools, which exist under the Data and Personalization section of My Account. It declined to share how many people have used the “Privacy Checkup” tool, the step-by-step guide that’s most prominent when you go to your Google account.
This recent essay about privacy practices, written by former Googler Jessica Powell, was of course satirical, but it’s hard not to think about this line: “The reason we make it a bit hard to get to your settings is that people aren’t really that interested in messing with those things.”
Most people don’t read privacy policies, either, according to a recent survey of more than 4,000 U.S. adults conducted by Axios and SurveyMonkey. But Google has faith that you will. When Google hardware executive Rick Osterloh introduced the company’s new Nest-branded smart display Tuesday, he made sure to point out that the device’s camera and microphones could be mechanically toggled off and that there’s an indicator light for the camera. He also said the company was “publishing privacy commitments for our home products that clearly explain how they work, the data they’re storing, and how it’s used.”
All you have to do, according to my experience navigating this new privacy doctrine so far, is go to Google’s Help Center, then Your Privacy, then Data Security and Privacy on Google Home, and determine which of the 26 sample questions there best matches the question you have about Google Home products and your data. If you can find it, it should only take you a day or two to figure out what’s right for you!
There are other ways in which Google truly seems to be using its smarts to make our online and mobile experiences more private. During the I/O keynote Tuesday, Pichai spoke about Google’s work on something called federated learning, which allows researchers to build machine learning models off of disparate data sets and run AI functions locally on a device. In short, it allows devices running Google’s software to be smarter without sending users’ information to Google’s servers somewhere. This is similar to changes Google made to comply with GDPR, the EU’s data protection and privacy law that went into effect roughly a year ago.
It’s also easy to imagine Google, if it wanted to, using its prowess in AI to make privacy settings less onerous, or to make even make smarter suggestions around settings, the way it’s doing for location in Android Q. It could create an automated version of its Privacy Checkup. Researchers have already created applications like this around app permissions, those pop-up questions you have to cycle through when you first install an app to ensure the app maker isn’t being overly intrusive. A spokesperson for Google said the company had no similar feature like this to announce at this time, but that the company is “always looking for new ways to improve transparency and give users helpful control over their privacy.”
And then there’s the sometimes legitimate argument that disabling certain settings by default, such as turning off location services in a maps app, would break the functionality of the app. Having permissions requests pop up every time you use certain apps would likely be irritating; think of how many times you might open your Gmail app every day, or having to cycle through a series of data-tracking requests everytime you want driving directions. The truth is that many people may care about privacy well enough, but care about convenience more.
Tech companies have made it a choice between convenience and privacy, and convenience will always win. The more minor conveniences, like moving a privacy setting higher up in the hierarchy of an app, likely aren’t the answer.