You can already use your Google Account to access simple on/off controls for Location History and Web & App Activity, and if you choose—to delete all or part of that data manually. In addition to these options, we’re announcing auto-delete controls that make it even easier to manage your data.
Choose a time limit for how long you want your activity data to be saved—3 or 18 months—and any data older than that will be automatically deleted from your account on an ongoing basis. These controls are coming first to Location History and Web & App Activity and will roll out in the coming weeks.
And now we have to assume that they will actually delete said data. Do we really have any way to check? Or due to a complete lack of oversight into the kind of data these companies store, can we only believe them on their blue eyes?
Well we have the google account overview where you can see what they have on you. You could also make an official request for everything they have on you in print.
No, we don’t really have any way to check but instead of assuming the worst we can analyze probabilities:
1) Did they have to implement this change? No. So the fact that they did makes it likely that this data is really being deleted
2) GDPR? This data is clearly personal so if you explicitly indicate that you want everything older than 3 months removed and they don’t that would be a gross violation that would result in billions in fines. All it would require is 1 whistleblower inside the company.
So yes, I am going to trust that they are really going to delete this data.
avgalen,
Having trust is different than fact, go ask any religion, haha. I don’t have any evidence for google’s actions one way or the other, however there is precedence for deception.
Do you remember the AOL search data leak, where the company claimed it had scrubbed all personally identifiable information?
https://en.wikipedia.org/wiki/AOL_search_data_leak
Well obviously publishing private search terms was a bad move, but that’s not the point. Even if it had not been published, the point is that inside the company, employees weren’t fully aware of residual data traces even though they thought they thought they had scrubbed all personally identifiable information.
The other thing, even though I have no particular reason to suggest that google is lying, is that companies lie all the time. Apple’s lied about the security of it’s crypto products, google’s been caught exploiting bugs in safari to track users, etc. Sometimes they’re caught and other times they’re not, but having faith that everything they say is true just because there’s a risk of getting caught does NOT imply that it’s true, unfortunately.
I was quite upset when it was revealed that google was tracking user location events even when users like me had explicitly turned it off.
https://www.wired.com/story/google-privacy-data/
You say all it would require is 1 whistleblower inside the company, but the corollary is that all it would require is 1 employee inside the company to copy your data. Anyone who works in IT understands that there’s always a level of trust implied because IT staff can have greater level access into corporate systems than their own bosses. We can encrypt and decrypt data based on WHO is supposed to have access to some extend, but it’s impossible to encrypt and decrypt data based on their INTENT. Intent is unknowable, and IT staff employed to use the data in one way may technically use it in different ways. In terms of operational security, the need to “trust” is usually a bad thing, we want to limit it as much as possible.
https://thenextweb.com/us/2010/09/16/the-legal-implications-of-data-abuse-by-google-employees/
This isn’t really a criticism of google specifically, it’s more to do with the limits of information security in general. It wouldn’t be terribly difficult for nation-states or NSA spies to infiltrate private companies and collect personal data of targeted individuals in violation of google’s official policies.
It’s interesting to think about all the aspects of this discussion. In terms of what you said, maybe you can trust their intentions, but realistically there are many ways they could still fall short.
What about the data that isn’t specifically connected to a Google account, but collected based on one’s IP address?
tomchr,
I’m also curious about this since it also applies to me.
Ironically having an account and being able to delete all logs could be more private than having no account and not having control over it. In theory “do not track” is supposed to tell servers not to store databases of personally identifiable information in the first place, but we really have to trust that companies take it seriously…when it comes to internet advertising and related companies, that’s not a wise assumption.