If you don’t collect the data in the first place, there’s nothing to mismanage.
Rather than users having to prove that Google is mismanaging OUR data, Google should prove it has a need to collect, aggregate, and sell access to that data beyond surveillance capitalism.
The default option should be that only fully anonymized data that is essential to device functions should be collected, and this should be validated through an independent audit. Everything else should be opt-in.
But they aren’t even showing collection of data in the article. For the data to be collected, it needs to leave the phone, not just be touched by Play Services.
Play Services does collect data it shouldn’t collect, by sending it back to Google. But the difference between “I am collecting your data” and “I wrote software you are running” is important and needs defending, because obscuring it is one way that independent developers are prevented from publishing and marketing actually-privacy-preserving software. If I am deemed to have “collected” your personal data every time you type it into a text editor I wrote, I can no longer distinguish my local-only encrypted text editor from Google’s one that stores all your data unencrypted on their cloud. We both have to say we “collect” your data, and nobody non-technical can tell the difference.
Play Services does collect data it shouldn’t collect, by sending it back to Google.
Right. And my argument is that this shouldn’t happen without users opting in.
But the difference between “I am collecting your data” and “I wrote software you are running” is important and needs defending,
I don’t disagree. Not am I arguing the content of the article. I just disagree with your notion that we have to prove negligence or malfeasance to deserve privacy.
Your original post placed the burden on users to prove that Google mismanages the data they collect. That’s not how this should work. I should own that data, just as I own the text I write with a text editor. I shouldn’t have to prove that Google is mismanaging it in order to keep that data private. I shouldn’t need any other reason than “it’s my data and I don’t want to share it beyond what is necessary for this technology to operate.”
I don’t think the burden should be on users, but I do think some of the burden should be on the press. If the press just assumes Google is up to no good and never does the investigative reporting needed to show it, we will miss out on having very politically useful evidence.
Yeah, journalistic integrity is important, and they shouldn’t slander Google, due diligence and what not.
But there wouldn’t even be a need for an article or any investigation if Google and other tech companies weren’t treating user data as something they have a god given right to.
That’s my point. It doesn’t matter what Google does or doesn’t do with the data. They shouldn’t collect it unless I tell them they can. It’s MY data. It’s MY right to keep it private or destroy it as I please. That’s the baseline all tech companies should adhere to.
If you don’t collect the data in the first place, there’s nothing to mismanage.
Rather than users having to prove that Google is mismanaging OUR data, Google should prove it has a need to collect, aggregate, and sell access to that data beyond surveillance capitalism.
The default option should be that only fully anonymized data that is essential to device functions should be collected, and this should be validated through an independent audit. Everything else should be opt-in.
But they aren’t even showing collection of data in the article. For the data to be collected, it needs to leave the phone, not just be touched by Play Services.
Play Services does collect data it shouldn’t collect, by sending it back to Google. But the difference between “I am collecting your data” and “I wrote software you are running” is important and needs defending, because obscuring it is one way that independent developers are prevented from publishing and marketing actually-privacy-preserving software. If I am deemed to have “collected” your personal data every time you type it into a text editor I wrote, I can no longer distinguish my local-only encrypted text editor from Google’s one that stores all your data unencrypted on their cloud. We both have to say we “collect” your data, and nobody non-technical can tell the difference.
Right. And my argument is that this shouldn’t happen without users opting in.
I don’t disagree. Not am I arguing the content of the article. I just disagree with your notion that we have to prove negligence or malfeasance to deserve privacy.
Your original post placed the burden on users to prove that Google mismanages the data they collect. That’s not how this should work. I should own that data, just as I own the text I write with a text editor. I shouldn’t have to prove that Google is mismanaging it in order to keep that data private. I shouldn’t need any other reason than “it’s my data and I don’t want to share it beyond what is necessary for this technology to operate.”
I don’t think the burden should be on users, but I do think some of the burden should be on the press. If the press just assumes Google is up to no good and never does the investigative reporting needed to show it, we will miss out on having very politically useful evidence.
Yeah, journalistic integrity is important, and they shouldn’t slander Google, due diligence and what not.
But there wouldn’t even be a need for an article or any investigation if Google and other tech companies weren’t treating user data as something they have a god given right to.
That’s my point. It doesn’t matter what Google does or doesn’t do with the data. They shouldn’t collect it unless I tell them they can. It’s MY data. It’s MY right to keep it private or destroy it as I please. That’s the baseline all tech companies should adhere to.