This is probably an unusual opinion, but for me privacy is similar to freedom. Freedom is usually defined as a negative: people are free of oppression, have freedom of speech (freedom from speech being constrained), freedom of movement (not forced to stay in one place), religious freedom (freedom to believe what one will and not be limited in practice or assembly), etc.
Privacy is the freedom from being watched, from having one's movements and actions and consumption and words observed, tabulated and stored. I hope that one day whether by laws or technological solutions, privacy will again be the norm in our lives.
I think it's important to note the definition of privacy you use is important.
For me, in my daily life, all of this is completely "private". Google having my data in mass and an identity profile on me that no human will ever specifically look at is just as good as private to me. The fact that computers will be handing this data, not other humans, is an important distinction for me. No human will ever see my individual data in all likelihood.
I don't think the lack of privacy is a problem, but rather the centralized power. It's really tough right now with so much power in information, but the only real information power coming in volume.
Privacy and freedom are very intricately related, but rather than saying privacy is a "type" of freedom, I would say that privacy is a requirement for freedom. Perhaps our most basic freedom (more than travel or speech), is the freedom to think. This is possible solely because our thoughts are private.
Remember that Roosevelt's famous "four freedoms" included two "freedom of" and two "freedom from".
The "freedom from" elements have been de-emphasised lately as they're extremely unpopular with the right-wing:
"The third is freedom from want—which, translated into world terms, means economic understandings which will secure to every nation a healthy peacetime life for its inhabitants—everywhere in the world.
The fourth is freedom from fear—which, translated into world terms, means a world-wide reduction of armaments to such a point and in such a thorough fashion that no nation will be in a position to commit an act of physical aggression against any neighbor—anywhere in the world."
A Googler gave a talk at Real World Crypto in January describing a system that might back this. The relevant part of the talk starts around the 10 minute mark: https://www.youtube.com/watch?v=ee7oRsDnNNc&t=10m1s
In short, they're able to compute the intersection of the set of users who have viewed an ad with the set of people who purchased a product in a store, without either party disclosing their side of the set.
After studying the slides, it looks like they do a Diffie Hellman-like exchange of user identifiers.
g_i = Google's identifier for customer i.
s_j = Merchant identifer for customer j.
If g_i == s_j then customer i == j. These identifiers might be phone numbers or email addresses or other identifiers that both parties have.
Neither party wants the other to learn any identifiers it doesn't already known about.
So Google picks a random secret value G and sends g_i^G to the Merchant. The Merchant picks random secret value T and sends g_i^(G* T) back to Google. Additionally the merchant sends s_j^T to Google.
Then Google calculates s_j^(T* G). If s_j^(T* G) == g_i^(G* T) then s_j == g_i and i == j. So know Google knows the exact set of their users who purchased something at the Merchant.
Additionally, for each s_j^(T), the Merchant sends a homomorphically encrypted value for the amount they spent. Then Google can perform a homomorphic addition on these encrypted values of only the intersection it calculated. The Merchant can then decrypt it to get the total sum and share it back to Google.
So in the scheme I described
1) Google still learns who is purchasing at which merchant.
2) Google does not learn individual amounts.
3) Merchants can't perform the same calculation to learn which users saw their ads unless Google sends s_j^(T* G) back to them (not pictured in the slides).
I've read the Wikipedia summary, and it appears to me, that GDPR only requires encryption, not anonymisation, of personal data! Or did I miss something?
MasterCard and Visa not only make money from each credit card transaction but to add insult to injury, they make money selling that transaction data as well! That's what I call a ludicrous business.
So the only way to break the circle is to purchase with cash... And now fewer and fewer people buy with cash, to the point some Nordics plan on doing away with cash as much as possible.
I'm actually surprised that retailers haven't started surcharging people paying in cash by now in order to drive all of individuals' transaction data into the panopticon.
This may be a case where the savings (i.e. money from selling data in return for a big pile of cash) are actually passed on to the customer - e.g. transaction costs are lower for Visa/Mastercard for merchants, which is why they sometimes don't accept Amex and Discover.
It would be interesting to see if Visa and Mastercard have some clause which prevents Google from buying data from AMEX and Discover (competitive advantage for them because then Amex and Discover's transaction costs aren't subsidized) in return for agreeing to part with their data. Said another way, what's preventing Google from also getting data from Amex or Discover? Its not as if Google is going to say no.
I was under the impression that Google already did this.
A Googler already described this to me years ago as "closing the loop", where Google's ad network already exposed a customer to a brand/product, but Google only gets credit for the conversion if it happens in the same browser session online. By tying together stats between impression and conversion (purchase, even in-store), the ad network becomes more valuable -- or less, if there was already an assumption of this effect with previously overestimated results.
You are correct, this is not new at all. I worked as a partner with Google on implementing this 2 years ago. By then there was already public documentation on the internet.
This sounds like some bullshit to me. Not that Google claims to be able to close the loop, but that a Google ad actually influenced me in any way, let alone a physical purchase in a brick-and-mortar.
PPC Ad-words perhaps influences me if I'm researching a product or service, but that's mostly a function of search results placement rather than . Usually I scan down below the first few search results because those are people trying to tell me they're what I'm looking for and they usually aren't.
I will readily admit that I have to consider that I am a freakish outlier, though.
I'm interested to read about where people believe this progression of technology will take us in the near and far future. Are there thought out considerations of what type of world we are heading towards? Has Google revealed their vision of advertising for 2032? I don't mean this rhetorically, I genuinely want to know what vision there is for advertising in the future because I believe it's something we really ought to be thinking about and judging so we can make informed decision about what's best for us.
I love this question too. I think we're heading for a full blown "société de contrôle" (see Wikipedia). So the locus of power is changing. Before it was repression, now it is control. It's not inhernetly good or bad. But my gut feelings says that we're transtionning to that society. And while we're transitionning, the first movers, the fastest movers (Google, FaceBook, etc) have an advantage and therefore may look dangerous to us. So in complement to your question I'd like to hear about what are the forces that are here to balance the powers.
Now I will have to seriously consider getting off the Google ecosystem now. Deactivating facebook was okay, but Google might be tricky considering many of website accounts use Google authentication.
Okay, this is a small rant that is not directly aimed at you, so nothing personal. This is aimed generally more at people in the privacy at all costs camp and the like. If there's some viewpoint I'm missing here I'd also love to hear it, so it's not really a mean-spirited rant either.
Google owns the internet at this point. For general use purposes, they ARE the internet. So avoiding them should really have at least SOME effect before it's even seriously considered.
What does getting off Google do?
It doesn't hurt them, as there's no way a significant number of people will take action, at least in the near future.
So, then it must be done for you. By not being in these services and having all this data collected on you, what do you actually gain? Likely, nothing at all. You won't be able to be tracked down as easily if Google turns evil, sure. If their data is breached in a meaningful way, sure again. But, for both of these, emphasis on "as easily". At this point, if you're looking to maliciously track down just about anyone, it's not hard at all. You'd have to go fully off the grid to get this. And in that scenario, what do you gain again? We follow down the same road of "I only gain something in very unlikely scenarios" again.
So to me, the only way this type of perspective makes sense is if you believe those very unlikely scenarios (from my view) are much more likely. And if they are, we're all fucked already, and being one of the few to be off the grid probably won't matter in the end.
Basically, at this point, you've already given yourself to Google. Rather than decide whether or not to trust them, I think putting more effort into trying to influence them towards "not being evil", as they say, is much more of a realistic move for someone with concerns over data, privacy, power/security of all this, etc.
Am I missing something?
PS: I understand Facebook - for some, there are no significant benefits you give up. For most, you're going to give up a lot more with Google.
There are anonymized credit card services, including pre-paid and other solutions. The following is based on notes at least a year old, and I haven't tried them:
I didn't downvote, but some of those only help so much. Your name is still in the track data, and for credit you generally have to input a zip code. For online purchases, you're entering an address as well.
> The new tracking system was created in consultation with “incredibly smart people” to ensure it's not invasive. He described the program as “secure and privacy safe.”
It's not "incredibly smart people" you need; it's "highly ethical people".
Very important point. In my workplace, often the smartest engineers are so focused on doing smart things, they forget that the data they're dealing with belongs to, or identifies, people.
Got to make those yearly objectives/appraisals count though.
Sooner or later people will start to revolt and either go back to use semi-anonymous cash or truly anonymous payment systems like bitcoin. Google and advertising will then be in the dark.
What does that mean?
The point behind that quote is that they're very aware of the privacy implications and took some of their best engineers to make sure things are well implemented and secure.
The product in itself is clearly described here. It's not up to individual employees to be "trusted" with this type of data, as it must be encrypted at rest and all accesses audited etc.
Why would it have to be secret if it's supposed to make people trust Google's AI more? And what are they hiding? Is President Duterte or a Saudi prince on that ethics panel? (serious question - we just don't know right now)
Are there concrete recommendations for being able to use a credit card (i.e. for an airline purchase where cash is tough) and maintain maximum privacy? I know Apple Pay helps vis-a-vis the merchant since the CC number is hidden. Are Visa, AMEX, MC different at all? Are there banks that have better privacy policies or does it not matter since the bank is just handling the final money transfer?
"The kinds of data that Google is collecting also could become an inviting target for hackers, said Miro Copic, a marketing professor at San Diego State University"
It's worth seeing the information from the source. The talk[0] and the blog post[1]. Plus, as Engadget called out[2] in an update, you can opt-out by contacting your credit card company, and there are more details at the FTC[3].
Not Google specific, but some good reading on this topic came out in January - The Aisles Have Eyes: How Retailers Track Your Shopping, Strip Your Privacy, and Define Your Power [0]
I think everyone remembers the first ad to follow them around multiple websites. For me it was an ASPCA campaign.
The next version of that experience will be researching a purchase and where to get it, then seeing ads on the way that are customized to (a) the product you're buying and (b) your preferences.
If you're 55 you'll get michael jordan advising you to buy nikes. If you're 35 it will be Noel Gallagher (air noels?), and if you're 10 it will be the ninja turtles.
The good news is at a certain point the competition for eyeballs will become so fierce that the ads become honest & informative.
There are certain products that people are more likely to buy in-store than online (clothing etc) but may be exposed to/advertised to online. I've always wondered how retailers track offline conversions effectively...
[+] [-] gub09|8 years ago|reply
Privacy is the freedom from being watched, from having one's movements and actions and consumption and words observed, tabulated and stored. I hope that one day whether by laws or technological solutions, privacy will again be the norm in our lives.
[+] [-] adjkant|8 years ago|reply
For me, in my daily life, all of this is completely "private". Google having my data in mass and an identity profile on me that no human will ever specifically look at is just as good as private to me. The fact that computers will be handing this data, not other humans, is an important distinction for me. No human will ever see my individual data in all likelihood.
I don't think the lack of privacy is a problem, but rather the centralized power. It's really tough right now with so much power in information, but the only real information power coming in volume.
[+] [-] speedplane|8 years ago|reply
[+] [-] AdamN|8 years ago|reply
[+] [-] pjc50|8 years ago|reply
The "freedom from" elements have been de-emphasised lately as they're extremely unpopular with the right-wing:
"The third is freedom from want—which, translated into world terms, means economic understandings which will secure to every nation a healthy peacetime life for its inhabitants—everywhere in the world.
The fourth is freedom from fear—which, translated into world terms, means a world-wide reduction of armaments to such a point and in such a thorough fashion that no nation will be in a position to commit an act of physical aggression against any neighbor—anywhere in the world."
[+] [-] russell_h|8 years ago|reply
In short, they're able to compute the intersection of the set of users who have viewed an ad with the set of people who purchased a product in a store, without either party disclosing their side of the set.
[+] [-] singron|8 years ago|reply
g_i = Google's identifier for customer i. s_j = Merchant identifer for customer j.
If g_i == s_j then customer i == j. These identifiers might be phone numbers or email addresses or other identifiers that both parties have.
Neither party wants the other to learn any identifiers it doesn't already known about.
So Google picks a random secret value G and sends g_i^G to the Merchant. The Merchant picks random secret value T and sends g_i^(G* T) back to Google. Additionally the merchant sends s_j^T to Google.
Then Google calculates s_j^(T* G). If s_j^(T* G) == g_i^(G* T) then s_j == g_i and i == j. So know Google knows the exact set of their users who purchased something at the Merchant.
Additionally, for each s_j^(T), the Merchant sends a homomorphically encrypted value for the amount they spent. Then Google can perform a homomorphic addition on these encrypted values of only the intersection it calculated. The Merchant can then decrypt it to get the total sum and share it back to Google.
So in the scheme I described
1) Google still learns who is purchasing at which merchant. 2) Google does not learn individual amounts. 3) Merchants can't perform the same calculation to learn which users saw their ads unless Google sends s_j^(T* G) back to them (not pictured in the slides).
[+] [-] vmarsy|8 years ago|reply
> The primary objectives of the GDPR are to give citizens and residents back control of their personal data
[1] https://en.m.wikipedia.org/wiki/General_Data_Protection_Regu...
[+] [-] hueving|8 years ago|reply
Whether that saying is derogatory or not obviously depends on your point of view, but this new regulation isn't contradictory to the saying.
[+] [-] akavel|8 years ago|reply
[+] [-] thinkling|8 years ago|reply
Wow.
[+] [-] AznHisoka|8 years ago|reply
[+] [-] mc32|8 years ago|reply
[+] [-] yborg|8 years ago|reply
[+] [-] thr0waway1239|8 years ago|reply
This may be a case where the savings (i.e. money from selling data in return for a big pile of cash) are actually passed on to the customer - e.g. transaction costs are lower for Visa/Mastercard for merchants, which is why they sometimes don't accept Amex and Discover.
It would be interesting to see if Visa and Mastercard have some clause which prevents Google from buying data from AMEX and Discover (competitive advantage for them because then Amex and Discover's transaction costs aren't subsidized) in return for agreeing to part with their data. Said another way, what's preventing Google from also getting data from Amex or Discover? Its not as if Google is going to say no.
[+] [-] spydum|8 years ago|reply
[+] [-] richjdsmith|8 years ago|reply
[+] [-] fictioncircle|8 years ago|reply
https://www.revolution-payments.com/requirements-for-level-3...
> Level 3 processing can benefit businesses who sell to other businesses or government by lowering your transaction cost by as much as 1.50%.
> Line Item Details:
Of course, if they are like one of the places I worked...they just turn it on for everyone and pass it along regardless.
[+] [-] Sophira|8 years ago|reply
[+] [-] chinathrow|8 years ago|reply
Google: You're already way too deep in our lives and now this. When will you ever stop? When you own us?
[+] [-] thephyber|8 years ago|reply
A Googler already described this to me years ago as "closing the loop", where Google's ad network already exposed a customer to a brand/product, but Google only gets credit for the conversion if it happens in the same browser session online. By tying together stats between impression and conversion (purchase, even in-store), the ad network becomes more valuable -- or less, if there was already an assumption of this effect with previously overestimated results.
[+] [-] Avalaxy|8 years ago|reply
[+] [-] jforman|8 years ago|reply
[+] [-] wavefunction|8 years ago|reply
PPC Ad-words perhaps influences me if I'm researching a product or service, but that's mostly a function of search results placement rather than . Usually I scan down below the first few search results because those are people trying to tell me they're what I'm looking for and they usually aren't.
I will readily admit that I have to consider that I am a freakish outlier, though.
[+] [-] tdeck|8 years ago|reply
[1]: https://techcrunch.com/2016/06/14/facebook-knows/
[+] [-] syphilis2|8 years ago|reply
[+] [-] wiz21c|8 years ago|reply
[+] [-] rsto|8 years ago|reply
Disclaimer: I haven't read it yet, so can't say if it meets your "thought out considerations" criteria.
[1] https://openlibrary.org/books/OL25424120M/Who_Owns_the_Futur...
[+] [-] paradite|8 years ago|reply
[+] [-] adjkant|8 years ago|reply
Google owns the internet at this point. For general use purposes, they ARE the internet. So avoiding them should really have at least SOME effect before it's even seriously considered.
What does getting off Google do?
It doesn't hurt them, as there's no way a significant number of people will take action, at least in the near future.
So, then it must be done for you. By not being in these services and having all this data collected on you, what do you actually gain? Likely, nothing at all. You won't be able to be tracked down as easily if Google turns evil, sure. If their data is breached in a meaningful way, sure again. But, for both of these, emphasis on "as easily". At this point, if you're looking to maliciously track down just about anyone, it's not hard at all. You'd have to go fully off the grid to get this. And in that scenario, what do you gain again? We follow down the same road of "I only gain something in very unlikely scenarios" again.
So to me, the only way this type of perspective makes sense is if you believe those very unlikely scenarios (from my view) are much more likely. And if they are, we're all fucked already, and being one of the few to be off the grid probably won't matter in the end.
Basically, at this point, you've already given yourself to Google. Rather than decide whether or not to trust them, I think putting more effort into trying to influence them towards "not being evil", as they say, is much more of a realistic move for someone with concerns over data, privacy, power/security of all this, etc.
Am I missing something?
PS: I understand Facebook - for some, there are no significant benefits you give up. For most, you're going to give up a lot more with Google.
[+] [-] hackuser|8 years ago|reply
* Abine
* Final https://getfinal.com/
* Privacy Inc. https://privacy.com/
Also, many pre-paid cards require the user to identify themselves before the card is activated
[+] [-] tyingq|8 years ago|reply
[+] [-] lowglow|8 years ago|reply
[+] [-] evolve2k|8 years ago|reply
It's not "incredibly smart people" you need; it's "highly ethical people".
[+] [-] iDemonix|8 years ago|reply
Got to make those yearly objectives/appraisals count though.
[+] [-] hagakure0c|8 years ago|reply
[+] [-] halflings|8 years ago|reply
[+] [-] mtgx|8 years ago|reply
https://www.theguardian.com/technology/2017/jan/26/google-de...
Why would it have to be secret if it's supposed to make people trust Google's AI more? And what are they hiding? Is President Duterte or a Saudi prince on that ethics panel? (serious question - we just don't know right now)
[+] [-] 659087|8 years ago|reply
[+] [-] AdamN|8 years ago|reply
[+] [-] azinman2|8 years ago|reply
As if Google wasn't already a target already?!
[+] [-] kyrra|8 years ago|reply
[0] https://www.youtube.com/watch?v=MmkRJqnQ2T8&19m05s
[1] https://adwords.googleblog.com/2017/05/powering-ads-and-anal...
[2] https://www.engadget.com/2017/05/23/google-track-shopping-tr...
[3] https://www.consumer.ftc.gov/articles/0222-privacy-choices-y...
[+] [-] JosephLark|8 years ago|reply
[0] https://www.amazon.com/Aisles-Have-Eyes-Retailers-Shopping/d...
[+] [-] talamown|8 years ago|reply
They started to recommend some items related with books I have never bought online, just after I got them at local bookstore by credit card.
[+] [-] awinter-py|8 years ago|reply
The next version of that experience will be researching a purchase and where to get it, then seeing ads on the way that are customized to (a) the product you're buying and (b) your preferences.
If you're 55 you'll get michael jordan advising you to buy nikes. If you're 35 it will be Noel Gallagher (air noels?), and if you're 10 it will be the ninja turtles.
The good news is at a certain point the competition for eyeballs will become so fierce that the ads become honest & informative.
[+] [-] skummetmaelk|8 years ago|reply
How exactly would that transition work? If anything, the trend has been going the other way for the past century.
[+] [-] birracerveza|8 years ago|reply
[+] [-] dredmorbius|8 years ago|reply
Report warns computers may threaten constitutional rights (1982)
https://news.ycombinator.com/item?id=14329877
[+] [-] yuhong|8 years ago|reply
[+] [-] synaesthesisx|8 years ago|reply