I’ve renamed this post to not be Cryptee specific, if your goal is to have this standard applied across the site.
I’m not sure what the privacy impact is of a service using servers on Google Cloud, to be honest. Even if encrypted data is stored in Google Cloud Storage for example, what is the risk we’d want to avoid for any threat model?
Services commonly utilize a number of different backend server providers, and enumerating them all seems like an impossible task, as opposed to figuring out how those backend providers are utilized, i.e. does a service like Cryptee adequately encrypt information so that the backend server has no visibility into it whatsoever? As far as I can tell, yes they do in this case.
There is obviously a privacy risk when it comes to Firebase, but Firebase managed services are only used in Cryptee’s codebase for authentication, so the privacy risk is avoided by simply not signing in with Google. Whether or not you should use an SSO provider is something we already cover, so I’m not sure there’s value in adding a—what should be pretty self-explanatory—note on Cryptee’s listing telling people to avoid the sign in with Google option:
I don’t think he was asking for removal, but rather a label. I also think a label is a good idea, as many of us that have a clue about how Google makes it’s sausage would like to avoid that surveillance machine as much as possible.
Google sells data on an open market that is available for anyone to purchase that has the money and knowledge to navigate that Nexus, including the Iranian government, although the Chinese are probably the most eager foreign buyers. I’d imagine the US IC doesn’t need to pay since they literally created the company to spy for them and Google’s ex CEO now works for DARPA.
Alphabet INC makes money selling data, the other services offered by Google are always connected to that goal. Profits from Google cloud services and hardware sales serve the same purpose as “The Sopranos” sanitation business, a distraction from how surreptitious and dystopian their real business model is.
An app or website using Google services is going to transmit data from your device to Google routinely. Google’s hardware fingerprinting and geolocation tech is proprietary and almost certainly goes beyond what’s outlined in the privacy policy regarding the means and extent that user’s being tracked and data collected. Using Google for anything is always a privacy concern without exception, they’ve been caught violating their own privacy policy so many times that it’s just a cost of doing business. Here’s a recent example.
I’m not suggesting that anyone privacy conscious should degoogle completely, but using any application relying on Google services is a balancing act of privacy and convenience. Being exposed to less harvesting from Google equals more privacy in every case, but much less convenient. That balance for the individual to weigh.
As Jonah said above detailing all the service providers a service might use is an impossible task. It also doesn’t really yield anything useful anyway, for example using GCP or AWS doesn’t necessarily mean a product is “bad for privacy”, if the data is encrypted E2EE within the app. This would apply to any app hosting on any server that you don’t own.
Google has many privacy policies for many of its products. It is misinformation to assume that every product sold by Google is harvested for advertising. There are products that they sell, particularly GCP and Workspace which are billed to the customer and are certainly not “free” in any way whatsoever. It is important to understand that these commericial products differ quite significantly from “consumer” products like YouTube, Google Search etc.
An application using GCP (such as Cryptee) doesn’t necessarily mean that the data is being “harvested”. GCP is a general service and they are quite clear about that point 2, 4.
As for the other links in your post:
The US government having some interest in Google Search in the 90s doesn’t really have any relevance to company today. Nor does it pertain to individual threat models regarding services that are already E2EE. I read the article and it seems present some nebulous opinions as fact and draw conclusions between them that still seem controversial.
The second one about AI doesn’t have relevance (and I couldn’t even read it because the site has some SSL misconfiguration).
The quarterly income statement simply proves that their profit comes from areas of business. It doesn’t infer that all of those things are governed under the same agreement or privacy policy or rules.
The last one was related to location tracking in some consumer products like Maps, where they felt it wasn’t “obvious enough” that location is tracked when you ask it where you are. The article is ambiguous and doesn’t really give any specifics, although this one does - one of the key points it makes is that laws can differ significantly within the US and in minor ways a company might simply not recognize.
It seems as if we’re falling into the common conundrum of painting an individual’s quest to achieve better privacy in absolutes.
My point was that Google is not a privacy respecting company and it seems rational to request a label for apps that are “known” to use Google services.
Google does have different privacy policies for nearly each service, but in my opinion, that’s done by design to obfuscate their activities.
When someone experiences an event or discovers something that causes them to consider a more privacy centric digital life, abandoning Google services is typically one of the first things people in the privacy community recommend.
The claim that I’m providing misinformation is inconsistent with following word “assume” in the response. I’m not claiming to know that Google is data harvesting every piece of information that it has access to, I’m using empirical data and anecdotal information to “assume” that they are.
A fundamental grasp of OPSEC and some insight into how the OSINT world works would lead any reasonable individual to question whether Google is a company that can be trusted to respect their privacy.
The article I linked was more about my opinion of the company and their reputation regarding privacy than a definitive explanation of their privacy practices.
Given the company’s history of sucking up Wi-Fi data from it’s street view cars, numerous COPPA violations and countless other illegal infringements upon the privacy of citizens. It’s safe for me to personally “assume” that avoiding Google services is reasonable method of enhancing privacy.
I apologize if the tone and content of my responses about Google appear emotionally influenced. After fighting a losing battle with the school system in my state to have my child educated without being registered in Google’s database with a Google account and mandatory Chromebook issued, I’m convinced that they are not an ethical business, but rather a monopolistic nuisance proliferating a dystopian future strong arming us into using their services instead of providing innovation and value that people willingly choose.
That’s simply not true at all, it depends on where revenue comes from. So called “free” services which monetize selling data will always infringe on privacy. Products that are being paid for with a monthly account bill don’t need to “sell your data”. It’s not surprising that products would have a different privacy policy depending on the circumstances in which you pay for the product. Google is actually one of the companies with very clear privacy policies for their products. Its just that people are too lazy to read them and want to generalize with anti-google FUD.
A label which points out that a service uses GCP for example is of no value whatsoever. Would you have labels for Amazon? (They do advertising too). Or some other company without a well known name that also offers the same services? It would be pointless. As Jonah said, it would never be accurate either, because you can’t know anything about non-externally facing services anyway. Where do you draw the line? What about if you buy a product from a company, and you want to email their support and that company uses Google Workspace for their company email? Is that also bad?
That is generally people repeat things without really digging into it and asking why or actually reading the privacy policy. As a result there are a lot of things that Google gets accused of that they simply don’t do.
Plenty of companies have violations and end up paying a price for it. Not all of these things are on malicious or on purpose and can sometimes be minor parts of the law in various states (the US can have significant changes across states) where certain assumptions are made.
I’ve always thought COPPA was a pretty poorly thought out law to begin with. Why should a child’s data be any more important than an adults? The argument is that children don’t know what they are sharing, but realistically that is the same for adults as well.
Also Google isn’t the only company have a geolocation DB. You can opt out of it by adding _nomap to your SSID, or using Hidden SSIDs. Remember it was also Google that added randomized MAC addresses to Android which improves privacy in that regard for users.
There are really only two (Google and Microsoft) vendors that can provide enterprise services at the scale that schools need, particularly when they want to manage those laptops in a fleet. I would argue that Google has a better educational product than Microsoft in that regard - Microsoft has always been more “business” orientated.
Chromebooks are particularly secure and are aimed at providing inexpensive laptops which work quite well for a large number of students. Schools want to be able to give kids computers so they can have them for educational purposes. It’s also not surprising that schools want to standardize on hardware so that they can provide support quickly, and not have it become a hindrance or problem to a child’s learning. You can bet if that was the case, parents would complain about that.
As with any security there nearly always is a login I assume that’s what you mean by “registered in a database”. I don’t think there is anything particularly alarming about that. Any kind of device that is secure will have a login of some kind.
The product they use is Google Workspace, and is actually pretty decent in regard to compliance and privacy particularly in an education setting. In case of revenue stream, school districts pay Google for that support. They are also pretty clear on how that data is used (it’s only used for providing services). They’re very clear about how “workspace” differs from “consumer services”. When you’re using Workspace email and you go visit YouTube it warns you.
So one might ask what they can do in regard to privacy here? Well rather than picking on Google specifically, encourage your child to only use their “school device” for “school related work”.
If they have an interest in computing, then perhaps a personal device may be required in addition that is not managed by the school. This is the same approach adults should when using a device managed by their employer.
So if I pay for YouTube premium Google no longer collects my data for targeting advertising?
Too lazy to read Google’s privacy policy? It’s 60,000 pages if one includes the referenced content. Have you read it?
Tosdr.org does a reasonable job of simplifying privacy policies for the average person. Let’s see what Googles policy looks like translated from legalese?
If you believe Google is an upstanding and trustworthy corporate citizen I respectfully disagree. Have you also read the DoJ complaint?
So Google lobbies state legislators to buy school contracts for altruistic reasons, not to force children into their proprietary ecosystem while they’re too young to understand the privacy implications?
Going with that logic it’s also plausible that Ronald McDonald was introduced by McDonalnds with the intention of enhancing childhood nutrition, not to hook kids while they’re young.
Why do so many people that are privacy aware use GrapheneOS and not stock Android? Why does MicroG exist? If Google is the purveyor of good privacy practices and a pro-consumer business model as you suggest in your well crafted defense of the tech giant why are these FOSS projects so popular?
YouTube is a consumer product. YouTube Premium has the same privacy policy as regular YouTube. Products like GCP, are aimed at businesses, and enterprises and certainly do have their own privacy policies.
One of the fundamental differences is that the customer owns the data Google retains no intellectual property rights over what is on GCP or Workspace. GCP has similar policies to AWS and Azure.
TOSDR is contributed by users, and has a lot of inaccurate information, which is why we don’t list it anymore. We found for some smaller products with less attention given have incorrect information there. Meanwhile entries like the one you linked to “Google”, relate to what exactly? Which Google product?
There are no ads in any of the Google Workspace core services, and Google does not collect or use K-12 student data for advertising purposes or to create advertising profiles. K-12 students do not see ads while searching on Google when signed in to their Google Workspace for Education accounts. To learn more watch this video.
None of the things mentioned in that inquiry relate to GCP or Workspace. This relates to Google Ads used in Google consumer products, Search etc. I have never said that every Google product is privacy respecting, that is the nature of any products driven by advertising.
There is no conspiracy, they have a product, and schools now have inexpensive laptops for all students. There is a part of that model that benefits from kids using the same product throughout schooling as they might use elsewhere, that I do agree. However, there isn’t really a product out there that competes with it with the same cost and support. That isn’t Google’s fault. Most schools here where I live, do give kids the option of supplying their own laptop, but if you do that the school won’t support it. It is on the parent to make sure that it is working. Parents typically expect the school to do everything though, so they have to use a standardized product.
In an environment where training to use a product is a part of education, it’s not surprising that a school would want to converge on a single product, (that a teacher also knows) and not have every student doing their own thing instead of learning.
GrapheneOS has various security enhancements which we talk about on our page. Typically people using Google products on personal devices are using “free” gmail accounts, and not ones managed by an organization.
MicroG is an open source and incomplete re-implementation of Google Services, and it still connects to a Google Account if you login. It is there to provide app compatibility and it doesn’t implement any of the stuff required to manage devices in an enterprise or a school environment, so it’s not even worth suggesting as an alternative. We do think that Sandboxed Play Services are a better approach as it causes Google Services to run as a user app.
They are not popular, in the grand scale of things and are used by a very small minority. As for something usable of a large scale such as a whole school district, they lack enterprise management features to even make that a viable option. The number one, thing being a support contract providing a SLA. Schools and enterprises want to know if there’s a problem they can call someone and tell them about it. In the case of Workspace:
Now that it bundles AdMob, Google Ads, Crashlytics, etc., and is developed by a team composed of more marketers than engineers, Firebase is the equivalent of Google Analytics but for mobile apps rather than websites.
The terms of service of SaaS APIs are quite different from PaaS, which are also different from generic Cloud Compute APIs and very much different from ToS of VPS, or, at the other extreme, rented hardware. They can all be spied upon, the difference being that in SaaS it comes baked in as default with justifications drowned in volatile fine-print legalese and if/when the provider gets caught spying they’ll blame the developer for not calling the API the right way (see the update at the end of this page with Google’s reaction), or not reading/understanding the ToS, or even “bugs” in their API. When you rent hardware you more or less know what you’re getting and if you catch the provider actively “stealing” data (as opposed to giving it to them when using a SaaS API) they can get into very deep… waters.
For those of us with decision-making power over how to include apps on the recommendation website, I would humbly suggest following something similar to what the F-Droid maintainers do: include a “This app has features you may not like” section detailing apparent ANTI-FEATURES.
This is an entirely unrelated discussion though. We already don’t recommend using Google’s services directly.
When a company chooses to build their product on top of Google’s platforms, they are the ones entering into an agreement with Google, and they can act as a buffer between you and Google, so that your personal privacy is not harmed. I don’t even know if Cryptee stores your data on GCP in the first place, but even if they did they are still acting as a privacy-protecting buffer by encrypting your data in such a way that whatever underlying cloud provider they use can’t access it.
This case—where a software company is built on Google services, but you only have to interface with that company’s software and not Google themselves—is what is being discussed in this topic, and like I previously said, the risk to your privacy in this case has not been demonstrated.
Talking about using other Google services yourself, like YouTube Premium, Chromebooks and Google Workspace for Education, etc. is not relevant to this topic.
But it doesn’t necessarily mean all those things are being used, as in the case of Bitwarden. We mention this in the Note admonition on this page. Likewise it’s entirely possible to do tracking server side and have “no trackers” in the application ie. Facebook.
Even websites like Exodus that simply look at the imports can’t relied upon.
I don’t mind my neighbor watching me take out the trash. Sometimes I put on a show myself. I would care if they started following me around, taking notes every time I do it, recording me and sharing that with their friends I don’t even know.
When I visit a website, I do not mind them taking some notes on what I do, to help me have a better experience interacting with it. I don’t expect them to make my device download many times more junk I did not request, that also runs on my device, behind my back and without my consent, to report things I do to unknown creeps who follow me on every other website I go to. I don’t like that much.
I don’t mind that my app has a button that I press and logs me in just like that. I love it, so simple! But if I realize that button is in all my other applications, and when I press it, it does much more than recognize me, unless I have to press millions of other obscure and ever-changing switches in the right order so that the creeps behind it pinky-swear they won’t follow me around… Well, that’s when I choose to look for alternatives.
Life’s short, time’s money, and having to try to tame the recidivist beast to restrain itself to just-the-tip isn’t worth it, in my humble opinion as a chronic lazy person. Maybe there are some in this community who share the sentiment and would benefit from my previous suggestion. Maybe not. In the end, we all have to do our own research anyway, I guess.
A black-and-white label that looks at app dependencies without context isn’t required, because if an app is actually dependent on privacy-invasive services, it just shouldn’t be listed in the first place.
I’m locking this topic, because it’s all over the place. The specific question the OP asked has been answered. There’s no need to voice random Google gripes here and keep this thread alive, unless somebody has a specific answer to this specific question (in which case, DM me):
