Earlier this month, Google announced a new collection of auto-delete settings for your personal information that allows you balance some of the conveniences of data-collection (for example, remembering recent locations in Maps so that they can be intelligently autocompleted when you type on a tiny, crappy mobile device keyboard) with the risks of long-term retention, like a future revelation that you visited an HIV clinic, or a political meeting, or were present at the same time and place as someone the police have decided to investigate by means of a sweeping “reverse warrant.”
Writing in Fast Company, Jared Newman suggests that the new features are just window-dressing,, “practically worthless for privacy.” Newman’s argument is that after three months — the minimum duration for the self-deleting feature — “Google has already extracted nearly all the potential value from users’ data, and from an advertising standpoint, data becomes practically worthless when it’s more than a few months old.”
This is true! But that doesn’t make it useless.
First, the privacy threat model isn’t that you’ll be targeted for ads. This can be obnoxious or even distressing, but despite all Big Tech’s self-serving boasts to the contrary, there’s not much evidence that ad-targeting is a form of mind-control (instead, it’s that ad-targeting allows disinformation pushers to find people whose trauma makes them vulnerable to conspiracy theories).
The privacy threat is that the data that Big Tech collects on you could be used to harm you: weaponized by identity thieves or stalkers, or by repressive states or petty martinets who fancy themselves the president’s Praetorian Guard, or by insurers or other price-gougers who use that data to gouge you, or by elite colleges’ corrupt admissions committees.
Windowing data-retention assuredly does offer partial defense against these threats. Your youthful indiscretions, fatfingered clicks on toxic links, and other long-ago missteps are some of the most useful materiel for would-be privacy violators.
Equally important in Newman’s correct assertion that data is useless to advertisers after a mere 90 days is that it implies that Google — and other Big Tech surveillers — have a much smaller commercial advantage against new market entrants than they ahve in the popular imagination.
Whenever anyone moots breaking up Big Tech or putting other strictures on them — say, allowing new market entrants to compete with them by creating interoperable products and services — the inevitable rejoinder is that Big Tech has “natural monopolies” because once they collect all this data, no one can hope to compete with them. The implication is that Google’s competitive advantage is in its decades’ worth of nonconsensually compiled electronic dossiers on billions of users. But if that advantage is really just in some data on a couple months’ worth of data, well, that’s a lot easier to imagine a competitor matching and improving upon.
Still, it’s unusual for advertisers to target users based on their activity from months earlier, Dweck says. There are exceptions—for example, he cites a TV network targeting baseball fans for playoff ads if they were active on Twitter in past seasons—but they’re rare.“I feel like them auto-scrubbing data every three months is really lip service,” Dweck says. “It’s not some massive change, because the reality is that no one was really buying that data.”
Besides, Dweck says, deleting data from Google doesn’t stop advertisers from tracking you on their own. If you search for shoes on Google, and in the process click through to a shoe brand’s website, you’re now being tracked by that brand regardless of whether Google purges its own data. That tracking would likely be associated with whatever device you use, so it’ll stick until you buy a new phone or computer.
“Once you’ve taken an action on an advertiser’s website, for us that 90-day window doesn’t matter,” Dweck says.
Google’s auto-delete tools are practically worthless for privacy [Jared Newman/Fast Company]
(via /.)