Google is the opposite of privacy. They maliciously collect data from you in the following ways:
The Sources for this article can be found here.
You will get a lot out of subscribing for free to our new content by email, by Session messenger, RSS feed, or Nostr.
1) Saving all your Google searches, tied to your identity across devices [1] [2] [30]
2) Reading all your emails. Even if you don’t use Gmail directly, but you’re sending email to someone who does. [5] [6]
3) Saving all your web traffic if the website uses Google Ads, Captchas, or Analytics (and over 85% of all websites use some of their services). Even if you aren’t signed in to a Google account, and you’re using a VPN, they can still use past cookies and browser fingerprinting to identify you. [35] [1] [25] [26]
Google’s reCaptcha fingerprinting includes mouse movements, response time, timezone, screen dimensions, IP address, and any cookies. ReCAPTCHA uses the google.com domain instead of one specific to ReCAPTCHA, which allows Google to receive any cookies you have directly, instead of the website you’re visiting. [35] This concentrates the vast majority of all traffic data in the hands of a single company, which can then be used to de-anonymize users.
4) Everything you do in Google’s Chrome Browser is recorded, including even how long you are idle on a page. [7] [8]
5) Tracking and Saving your physical location, via Android’s GPS and Wifi triangulation. [12] [13]
Even if you turn location features off or set the phone to airplane mode, it still saves your location via Wifi triangulation, which is the process of pinging nearby Wifi hotspots to identify where you are. [9] [10] [11] Wifi triangulation can figure out your real location, even if you have a fake IP address from a VPN. [14]
As intelligence expert and ex-law enforcement Michael Bazzell says, Google is one of the first places law enforcement goes to for information because Androids track everyone’s location so accurately. Bazzell points out that even if you’re not directly involved in something, just owning an Android that was near it, can get you involved in answering police questions. Bazzell’s experience serving in law enforcement and intelligence motivated him to completely cut Google out of his life even though he’s doing “nothing wrong”. [11]
6) Keeping track of who you know to identify new phones or email accounts as you.
Privacy expert and phone operating system designer Rob Braxman points out that, by synching everyone’s phones’ contact lists and who they are physically standing near, Google (and therefore governments) can identify unknown devices or email accounts as you. [30] [31] [32a] Braxman further points to publicly available websites made by Google’s Jigsaw division and their partner Moonshot CVE, which openly sells services to governments to track and manipulate search results for targeted users. These users targeted by Jigsaw & Moonshot CVE’s government clients have their search history, location, and identifying fingerprint stored in a database. [32b]
7) Recording and saving audio of your private conversations [16] [17] [18]
Google’s Android has the microphone constantly recording and saving your intimate personal conversations against your wishes for their profit and power. As an extensive academic study of tech patents by Consumer Watch Dog points out, Google will claim this is only to find out if you said the words “Google Assistant,” but yet they have publicly filed patents to scan audio conversations and any available visuals on a variety of home smart devices to identify who is speaking, what you’re interested in, and what you’re doing for the purpose of targeted advertising. [15]
Tracking what you say, what you like, when you sleep, and even when you go the bathroom, goes well beyond Google Assistant helping you do a quick search and would instead be considered an all-inclusive surveillance. [15]
In addition, they’ll allow 3rd party apps to record you without your knowledge because of poor permissions control. As University of California Santa Barbara cybersecurity researchers presented at a BlackHat European conference, 3rd party apps like Silverpush can play high frequency audio, which is invisible to the human ear, on another device like a television ad or mall kiosk. Then your phone’s mic picks up the frequency, to rat out your real identity or location. [34]
Silverpush’s advertising system is embedded into many “free” apps on the Google Play Store. These doctoral researchers warned of the dangers this presents by being connected to wide-spread platforms like Google Ads. To demonstrate this, they played video of their lab experiment, which de-anonymatized a laptop through Tor Browser, because of an Android’s mic next to the laptop’s speakers, which was signed in to a Google account. [34]
Is the Data Sold?
Google has marketing propaganda which claims that they are merely selling advertising space on your devices and not selling the data itself. However, this claim is misleading in a number of ways.
First, not only is advertising sold by demographics or interests, but in addition, Google also allows its advertising customers to target users by name, email, or device ID and reach them almost anywhere. [1] So advertisers can target you specifically and then serve you anything on your specific device by name.
Second, while it’s true that Google technically doesn’t sell your actual name to the advertiser, when your device interacts with an ad, the third party advertiser can easily use your IP address, cross-site cookies, and/or browser fingerprinting to identify you. For example, suppose an advertiser runs an ad for an ebook on how to get out of debt. The advertiser could collect the IP addresses of anyone who clicks it, and so they’d know whose indebted.
“I think the big problem is that we give much more data to Google than it needs,” said Guillaume Chaslot, former Google engineer who worked on YouTube’s recommendations algorithm. [4a] Chaslot’s first-hand experience with Google’s spyware and manipulation inspired him to create the non-group AlgoTransparency.org, which openly says in it’s manifesto, “algorithms don’t have your best interests at mind”. [4b]
Play Store and Chrome Extensions Leak Data
Third, the Google Play Store and their Chrome Browser Extension Store leak application and user data directly to the app’s developers. This is sensitive private information, and these third party app developers are NOT carefully vetted, as almost anyone can put an app in the Google Play or Chrome Extension Store with minimal screening. Examples: [21] [23] [24]
“Mental Outlaw” is a cybersecurity Youtube video influencer who is constantly having his videos about torrents flagged by Google as “dangerous content”. He points out how ridiculous this is because Google does so little to stop real dangerous content. One of the numerous examples he’s given is the Chrome webstore featuring extensions that are malicious hacking malware, which does URL injections to force online shoppers, without their knowledge, to use the malware creator’s affiliate links when they shop online. [22b] These 5 popular extensions got over 1.3 million downloads, which got the attention of McAfee Labs, the research department of the respected anti-virus company.
From McAfee Labs’ articulate research, this is huge security risk because not only is your personal data, like name and location, sent to malicious actors, but the attacker can forward the URL to any site they want. So you might think you’re going BestBuy.com, but it’s really the attacker’s bullshit site to get your credit card info. [22b]
Youtuber Mental Outlaw points out how ludicrous it is that not only did Google allow 1.3 million people to download these extensions, but they have featured status on the Google Chrome store. [22a] And not only does Mental Outlaw find similar malware in the Android Play Store, but Google has changed how apps disclose permissions to remove themselves of liability. Starting in mid-2022, Google has the app developers themselves disclose what permissions the app uses, so Google does not have to do any research. This is a conflict of interest, since app developers are self-reporting what information they get access to, and the end user may not properly be able to evaluate it. [19] [20a]
Sell it via Cookies
Google’s defense to these types of criticisms has always been that they don’t “sell your data” directly. But as laid out in research from the tech-savvy lawyers at the Electronic Frontier Foundation, Google allows advertisers to connect their cookies with Google’s in order to process data on the customer. This process is called “cookie matching” and essentially allows Google to sell the advertiser your information through a cookie. [1]
In the European Union, if Google were caught selling this data directly, it would be illegal. [27] [28] [29] So instead Google finds sneaky work-arounds such as the cookie matching, which allows them to appease the regulators and make statements like “we don’t sell data, we just use the data.” [1]
Conclusion
The more influence that Google has in our society, the more difficult it becomes to avoid their fingerprinting. If every website has a Google Captcha and everyone you talk to demands you talk to them on Gmail, then Google has become the gatekeeper for overseeing all human behavior. They can use this power to influence who sees your messages and what information you are able to find.
By using Gmail or Google Docs, you’re forcing and enabling Google to fingerprint your loved ones or friends. Even if you think you’re doing nothing illegal, you assume that Google will give you and those you care about an equal opportunity for your business to thrive. They can reduce Google’s search traffic to your website, or bounce your emails to potential employers or customers. They can buckle your business at the knees if they think it fits its agenda and by giving them so much information you’ve completely surrendered your freedom.
Well what is their agenda?
In our next article, we’ll discuss Google’s censorship ability to shape society and how affects you. You will get a lot out of subscribing for free to our new content by email, by Session messenger, RSS feed, or Nostr.
The Sources for this article can be found here.