Google’s privacy campaign, and three ways in which Google gets your data

Google is campaigning to reassure us that its Chrome browser is, well, no worse at recording your every move on the web than any other browser.

Using Chrome doesn’t mean sharing more information with Google than using any other browser

says a spokesman in this video, part of a series on Google Chrome & Privacy.

image

What then follows is links to four other videos describing the various ways in which Google Chrome records your web activity.

If you subtract the spin, the conclusion is that Google retrieves a large amount of data from you, especially if you stick with the default settings. Further, it is not possible as far as I know to use the browser without sending any data to your default search provider, most likely Google. The reason is the Omnibox, the combined address and search box. Here’s what Google’s Brian Rakowski says in the video on Google Chrome & Privacy – Browsers search and suggestions

For combined search and web address to work, input in the Omnibox will need to be sent to your search provider to return suggestions. If you have chosen Google as your search provider, only around 2% of the search input is logged and used to improve Google’s suggestion service. Rest assured that this data is anonymised as soon as possible within 24 hours, and you always have the option of disabling the suggest feature at any time.

However, even if you disable suggestions, what you type in the box still gets sent to your search provider if it is not a valid web address, in other words anything that is not a complete URL (though Chrome will infer the http:// prefix).

It is also worth noting that Google does not only get your data via browser features. Most web pages today are not served from a single source. They include scripts that serve data from other locations, which means that your browser requests it, which means that these other locations know your IP number, browser version and so on. Two of the most common sources for such scripts are Google AdSense (for advertising) and Google Analytics (for analysing web traffic).

Even if you contrive not to tell Google in advance where you are going, it will probably find out when you get there.

It is important to distinguish what Google can do from what it does do. Note the language in Rakowski’s explanation above. When he says input is sent to your search provider, he is describing the technology. When he says that data is anonymized as soon as possible, he is asking us to trust Google.

Note also that if you ask to send in auditors to verify that Google is successfully anonymising your data, it is likely that your request will be refused.

There are ways round all these things, but most of us have to accept that Google is getting more than enough data from us to create a detailed profile. Therefore the secondary question, of how trustworthy the company is, matters more than the first one, about how it gets the data.

Page 1 of 2 | Next page

Related posts:

  1. Privacy and online data sharing is a journey into the unknown: report from QCon London
  2. Privacy, Google Now, Scroogled, and the connected world
  3. Google Health, Phorm, where next for your private data?
  4. Adobe’s campaign against Apple misses the target
  5. Want Google Earth in your browser? Don’t use Google Chrome.