> There are no ads in these Core Services, and student data in these services is not used for advertising purposes.
This isn't in the original EFF complaint, EFF specifically says (at least in the press release [1]) that Google doesn't advertise:
EFF:
>This allows Google to track, store on its servers, and data mine for non-advertising purposes
Google then says:
>In addition, our systems compile data aggregated from millions of users of Chrome Sync and, after completely removing information about individual users, we use this data to holistically improve the services we provide. For example if data shows that millions of people are visiting a webpage that is broken, that site would be moved lower in the search results. This is not connected to any specific person nor is it used to analyze student behaviors.
Which is exactly what the EFF's complaint is about!
EFF:
>Google’s practices fly in the face of commitments made when it signed the Student Privacy Pledge, a legally enforceable document whereby companies promise to refrain from collecting, using, or sharing students’ personal information except when needed for legitimate educational purposes or if parents provide permission.
I agree with you. I get the impression that data aggregation&analysis is so deeply ingrained in Google company culture that it's entirely possible the responsible people truly believes nothing went wrong here.
From PBS Frontline's "United States Of Secrets" (part 2):
LIZ FIGUEROA, (D) State Senator, CA, 1998-06: We walk into this room, and it’s myself
and two of my staff— my chief of staff and one of my attorneys. And across from us
was Larry, Sergey, and their attorney.
All of a sudden, Sergey started talking to me. He said, “Senator, how would you feel
if a robot went into your home and read your diary and read your financial records,
read your love letters, read everything, but before leaving the house, it imploded?”
And he said, “That’s not violating privacy.”
I immediately said, “Of course it is. Yes, it is.” And he said, “No, it isn’t.
Nothing’s kept. Nobody knows about it.” I said, “That robot has read everything.
Does that robot know if I’m sad or if I’m feeling fear, or what’s happening?”
And he looked at me and he said, “Oh, no. That robot knows a lot more than that.”
Of course, what that ridiculous robot analogy leaves out is that to be useful, something has to be reported back to Google; if the "implosion" prevented all of the data from returning to Google, there would be no point in sending the robot.
> Nobody knows about it.
This idea that no person knows about it is suspiciously similar to the word games the NSA plays with their claims of only needing a warrant once a human searches for something they already captured and stored.
Senator, if i was spending billions on robots to go to people homes and read their diaries and then explode before leaving, would you think there was some ulterior motive on me building those robots?
Or even more reasonably, if I were spending billions on such robots and they became a pervasive part of society, such that every family had such a robot regularly visiting their house and their daily routine was dependant on such robots...
Coupled with the fact that the function of said robots could be changed with a code push...
Doesn't that create an incredible opportunity for monetization and therefore risk for future abuse?
Just because we could provide a perfect search result to any query if we knew everything about a person (including their current thoughts) doesn't make enacting that a reasonable or good idea.
From everything I understand about Google culture from current and former Googlers I talk to, Google employees categorically believe data aggregation has no bearing on privacy concerns at all, and that there's fundamentally nothing even bordering on questionable in anything they do with it.
At the very least, Googlers :believe: they're 'doing the right thing', so they :believe: their marketing and their mottos, at least.
>a legally enforceable document whereby companies promise to refrain from collecting, using, or sharing students’ personal information
>This is not connected to any specific person
How can data not connected to any specific person be considered personal information? I mean what's bad here, the fact they collect it and then scrap the personal information? Or the fear they probably don't?
So you think that if law enforcement (from any country) knocks on Google's door, they will say "sorry, we can't provide that individual's data, because we collected it in aggregate"?
Of course not. Google still has that individual's data and can personally identify him. It's just their policy not to use that data when using machine learning and whatnot to get a result out of it.
Also, such "anonymized data" is never really anonymous, until Google starts using something like homomorphic enryption or client-side encrypted databases:
De Montjoye and colleagues examined three months of credit card transactions for 1.1 million people, all of which had been scrubbed of any PII. Still, 90% of the time he managed to identify individuals in the dataset using the date and location of just four of their transactions. By adding knowledge of the price of the transactions, he increased “reidentification” (the academic term for spotting an individual in anonymized data) to 94%. Additionally, women were easier to reidentify than men, and reidentification ability increased with income of the consumer.
The problem is that Google gets that data in the first place and stores it - indefinitely. If someone hacks Google it could also get that data. And what's worse, instead of making it a company priority to "fix" this, it doesn't seem to care very much, even when the solutions could be within reach with a little more R&D:
Lloyd made his pitch, proposing a quantum version of Google’s search engine whereby users could make queries and receive results without Google knowing which questions were asked. The men were intrigued. But after conferring with their business manager the next day, Brin and Page informed Lloyd that his scheme went against their business plan. “They want to know everything about everybody who uses their products and services,” he joked.
That's pretty accurate. Google seems to have a huge fascination with collecting data, refuses to let us opt out of most of that data collection (without opting out of those services entirely), and then just expects us to 'trust them' that they aren't using it inappropriately.
summary of the summary: Google tracks students the same as they track you, regular users. To the fully extent the law allows and then some on the gray line.
When Google starts to state that the Future of Privacy Forum (FPF) agrees with their policies, you know that something's amiss. Looking at fpf.org, they present themselves as a Thinktank, but it's probably more honest to describe them as industry lobbyists.
(i) Pages like https://fpf.org/issues/ad-tracking/ don't present a critical and balanced view on ad tracking but put forward the view of ad companies.
(ii) A random quote from the page on big data: "In Big Data: Catalyst for a Privacy Change, Joseph Jerome discusses the rise of big data and the role of privacy in both the Fourth Amendment and consumer contexts, and argues that the future of privacy will have the be built upon a foundation of trust." The future of privacy needs to be built on a foundation of trust? Well, you can state that, but it indicates that you're not an independent thinktank but try to advance policies that are beneficial to your supporters
Their "About Us and "Mission" pages are identical, and are full of glowing talk about convening a discussion that "seeks to advance responsible data practices", and doesn't say anything about privacy. This smells strongly of a corporate/lobbyist PR front.
Besides not addressing the points that EFF raised, one of my serious problems with Google Apps (as a user) is data leakage across services and accounts.
Some examples:
- Google Hangouts is one of the covered apps. But to be actually useful (e.g. if you want to share images), you had to turn on Google+. Images end up in Google+ photo albums, which are not covered by the Google Apps agreement and the data can be mined for advertising purposes.
- Google Drive is also covered, which means that data on Drive is not mined for ads. However, in a realistic work environment, you have to share files outside your organisation. If you share a file and someone ends up opening it on a non-Apps Google account, your document has been leaked to an ad-mined Drive account.
- When Google Photos was introduced, suddenly all my Drive photos were there as well. Google Photos is not covered, which means that the photos can be mined for ads. Luckily, this problem seems to have been resolved.
- Google Mail is covered by the terms of apps. But if I go to Google Plus, people I communicated with via e-mail are suggested as circle additions. Since Google Plus is not covered by the Apps terms, why does data from e-mail end up there?
My impression is that (perhaps driven by the consumer apps) data isolation is a real problem within Google and there is a certain amount of data shared between apps that are covered by the Google Apps terms and those that aren't. This seriously undermines my trust in Google Apps and its suitability for business/education.
Of course, I could switch off every Google service in Apps outside what is covered. But then you need two Google accounts, which is really inconvenient.
I am one of the suckers that try to live with two google accounts.
It is maddening.
For example, if you do not agree to g+ on your main account and by mistake you select that account on the dropdown from hangouts or the play store* then you get the EULA agreement and there is no way to go back to the app and select another account if you don't agree. Because as soon as you decline you exit the app, and opening the app again will how the aggrement for the last selected account, if you having another account already green lighted. The workaround? remove one account. clear data on that app, and redo everything.
* there is no way to NOT show the main (undesired) account on the drop down, and you have to use the dropdown a lot on hangouts as SMS is another account! so every time i move from sms to wifi calls, i have 1 in 2 chances of screwing everything, even more so as my profile pic on my main account is not shown because i never agreed to some policy that would allow it
I find that using Chrome with the multiple accounts feature helps a great deal. You can theme the different Chrome accounts differently to provide a visual hint when you're in the wrong window. And if you consistently log into only one web account from each Chrome account, you never get the multiple-login selector.
And why exactly are you supprised that services designed to be integrated
deeply with one another are integrated with one another? Integration pretty
much guarantees that data will leak between them.
This is one of the main reasons why I don't use Google services, except for
their search engine.
It's been my home page for years. Originally i would still often go directly to google for better results, but each year the amount of times I'd do that decreased. Now I'm actually really happy with DDG results, and when I do perform the same search on Google, it ends up being less accurate. I think this is because Google has such a huge belief that personalization yields accuracy, but it doesn't. Past trends don't always predict future patterns. Google gimped their search engine in my totally honest opinion. It's completely useless until I filter for "Verbatim Search", because they keep guessing at synonyms for my search terms and randomly leaving out terms their algorithm thinks aren't important to me. Google.com is such a downright horrible experience for me, a once wonderful gateway that is now just a necessary evil at best.
I just started trying DDG after using Bing for a while. DuckDuckGo is pretty solid, and I find the fact that anyone can submit new 'instant answers' type features to the search engine to be intriguing and novel. Google and Bing only get smarter if Googlers and Microsoft employees write it, but anyone can make DuckDuckGo better. (Though it's not fully open source.)
I do use it on handhelds (my browser of choice happened to change its default
search engine to Bing, which I dislike and distrust, and used to crash on
Google). It feels a little too off in its search results for my usual desktop
work.
- Google is violating the student privacy pledge by logging non-educational material a student user sees, by having sync turned on by default, and by allowing administrators to turn on sync if it is off
- Student Privacy Pledge is enforcable by the FTC due to previous precedent
- EFF wants FTC to open an investigation into Google's practices, and, if found in violation, to stop the offending practices and delete already-collected personal data.
I am an American high school senior and can say confidently that most American students are screwed over pretty extensively when it comes to the software they are forced to use.
I have several classes that require the use of proprietary software such as Google classroom, Microsoft silver light, and Adobe flash. On top of that I cannot even remember the last time I was given a document that wasn't a .docx.
It would be one thing if these tools were optional, but they are strictly required and students' grades do suffer if they choose to opt out of using them. In previous years I simply followed along in my windows VM, but after getting accepted to the university of my choice I've had enough. I have alerted all of my teachers I will not be using Google classroom, or complete any assignment that requires the use of flash, silver light, or any other proprietary software. Has my grade suffered? Sure, but now that I am securely in the school of my choice I could not care less.
My two sons are in middle school. The school has been transitioning to Google (from self-hosted Windows/Office). They presented a computer/network use and privacy policy for parents to sign. After reading it I sat my kids down and told them to under no circumstances do anything with the school's computers or WiFi network other than activity strictly related to their school assignments. No personal email, no casual web browsing, nothing. They know to use their smart phones for anything non-school related, and to never connect those devices to the school's network.
Well, I did have to endure some major eye-rolling from their mother while I held up the line at student enrollment for 20 minutes while I parsed the agreement ;)
This is more evidence that there should be a minimum-reading-time requirement for contracts to be considered valid.
We now have the capability to algorithmically generate an estimate of how long it should take an average person to read any given text. Take something like 3/4 of that time (this value is tunable), and if a person wasn't given at least that much time to read a contract, then there patently cannot be a "meeting of the minds"[1] and the contract was never established.
This removes much of the social pressure against holding up the line, and discourages extra-long contracts. Every contract should be read and understood completely.
I tend to read everything so I usually make light of the delay involved by saying something like "I'm sending this to my attorney for review now" (at which point I put on my glasses, head down and page through the doc for while..).
While I don't agree with it, I can at least sympathize with the point of view that you should be entitled to abstain from providing data about yourself or your behavior to a third party like Google.
However, your objection to the use of proprietary software seems completely misguided to me and reeks of overzealous naivety. The software you describe are tools for educating and conveying information. Why don't you object to your being forced to use other proprietary, non-software tools? Your teachers "force" you to use the textbook they select for the course because if every student used a different textbook, the teachers' jobs would become impossible. Why do you accept the "forced" textbook but not the forced software tool?
Your teachers force you to use a particular software tool because education would be hopelessly inefficient if every student were using different tools.
I do not necessarily have an issue with using proprietary software; I have an issue with being forced to use proprietary software. I do not think a valid comparison can be drawn to being forced into using a specific textbook. There is nothing "active" about a textbook unlike software. There is nothing hidden away from me that I am unable to see in the textbooks. Any biases or malicious activity will be visible and avoidable. In proprietary software this is not the case.
I disagree that "There is nothing hidden away from me that I am unable to see in the textbooks". Biases are often difficult to detect by non-experts.
Textbooks commonly reflect the biases of their authors. These biases range from benign (Sedgewick doesn't like parent pointers, so he rants against them in his book) to malevolent (See any social studies text in Texas).
Without sufficient knowledge of the subject, a reader may be unaware of the author's biases and will shape his view of the subject based on biased information. Most high school students (and people in general) do not have sufficient knowledge of history to carefully analyze the biases of their author, nor do they have enough time to read enough books to access a balanced view.
We accept the negative effects of this bias when the effects are minor, as is the case with most high school textbooks. The benefits of forcing everybody to use the same textbook generally outweigh harm caused by bias.
You honestly can not see the difference between a text book and being required to use software tools that are continually collecting data about you outside of your control...
Society is living with compromises. If you want everyone to switch to open source software make it better than the alternatives, they won't switch because of any other reason.
My university was interesting; you could get a computer degree with the Engineering department or with the Math/CS department, and their IT policies were polar opposites. Engineering was 99% Windows/MATLAB/Visual Studio/you name it. CS was 99% Linux/GCC/CUPS/etc.
If you were on the wrong platform you had a hell of a time submitting assignments. (CS students on Windows found their C programs would run fine on their laptops but would crash in the CS environment because of compiler and C std lib differences. Engineering students on Linux found that they couldn't open the .docx files to submit lab reports without destroying the mandatory formatting in the tables.)
They[0] should be saving the documents in a free format, despite the closed source software. Office supports .odf files or some other free format, does it not?
[0] By "they" I mean the persons who created the documents, not the ones who try to edit them using Gnu/Linux...
It is already is better..... Proprietary tools sustain because of better marketing, and legacy costs (retaining staff to do things in a different way)
Often when people talk about open source "not being as good" what they really mean is "not being the exact same" if a button is in a different spot or something is named differently that is perceived as being "worse" because for the most part people hate change.
Well, Google Classroom and GAFE is new, so no legacy costs. So what's the equivalent open source solution that's as good and easy to set up?
GAFE requires a dns change, and optionally syncing your directory with them, and has a modern interface for the admin user. So to be easier I'd probably want a debian package, or a virtual machine image.
If someone would package a virtual machine image that interfaced with common directories, provided web office tools, and a version of Classroom (which doesn't have many features), for free, it would probably have some traction, not needing to rely on the internet connection at school to be stable.
GAFE requires a dns change, and optionally syncing your directory with them, and has a modern interface for the admin user. So to be easier I'd probably want a debian package, or a virtual machine image.
I think it wouldn't be hard to provide a virtual machine image that provides similar functionality to Google Apps (at least e-mail, storage, calendaring, and address books). Educational institutes switch to GAFE because it cuts away a lot of sysadmin salaries. You do not have to worry about getting your SMTP server whitelisted when a student/employee falls for phishing, ensure redundancy, scale up the architecture as users have more data, replace malfunctioning servers, etc.
Of course, Google's competition to an open source solution is not really fair. First of all, Google can benefit the economy of scale. Secondly, Google is large enough to assume the cost in trade for future income (get them hooked or locked in). Thirdly, Google can to use the data indefinitely to some extend for their own use (e.g. training models).
An open source solution can only win over GAFE (or perhaps Office 365) when a principled choice is made to protect the privacy of students and employees.
That's a good point, but an issue I will have to face when that time comes. Being accepted into school isn't a solution to my problem with the public education system, but a temporary out.
Good for you! I did similar stuff in school -- although I think my situation was easier, because even in the late 2000s, tablets/laptops weren't ubiquitous, and the school had to accept paper-based submissions for things.
You think that's bad...I work in a university and a different segment of my department is responsible for implementing and managing ExamSoft SofTest on student computers.
For those that aren't aware, it's essentially a solution to the issue of BYOD. Students want to use their own laptops to take exams (and I'm sure it's also a lot more economical for the school since each student will already own a computer whereas building large computer labs and maintaining many machines just for computerized testing would be prohibitively expensive in our current facility).
The way it works is you essentially grant the software low level root/admin access to your machine so it can sandbox exam software and prevent you from running anything else during tests. This alone would drive me batshit insane if I was a student forced to use this setup but the worst part is that the actual software always seems out of date and doesn't support current OS versions.
We had so many problems this term when students arrived in the fall with new laptops running Windows 10 and OSX 10.11. Apparently, ExamSoft hadn't had enough time to make sure their software worked properly with these new releases so students were told a) if you haven't upgraded to the most recent OS version yet, don't do so. b) if you have recently upgraded to the most recent OS version, you should downgrade. c) if you just bought your computer with the latest OS version installed, um...we'll try to work something out.
I am so glad I am not in the group that handles this stuff because it seemed like a total shit show. The nature of the software prevents it from running in a VM so you can't just run an instance of Windows 8 or OSX 10.10. A lot of the exams aren't simple computerized versions of the old scantrons or paper tests and require the use of software run from inside SofTest. And the worst part is that people generally want to keep their OS fully updated and patched for security and support purposes (not to mention the money people spend on new computers only to find that the required software only runs on old OS versions).
From my end, dealing more with online course delivery, I've thankfully been able to move us away from Flash or Silverlight players for watching recorded content but there's still infrastructure that we need to work around since we can't simply replace it all if the frameworks in place still require some plugin or another for the time being. Not so much a privacy issue as one of keeping up with advances and standards when enterprise/education software can be slow to adapt.
This is exactly why public organizations should never be reliant on proprietary platforms. If those tools ran in Linux, the solution would be simple: burn some live CDs. Now anyone with a machine that has software more up to date than this SoftTest can handle just needs to reboot to a school-provided live CD. I don't think I'd have much of a problem doing that if I could prevent that bit of proprietary crap from mucking up my laptop. Sadly I don't think that option is readily available (or cost effective) for windows or mac.
Here is a strawman, because I want to challenge the other parallel universe.
Let's say this whole pledge thing didn't exist and the only thing that GAFE promise is no ads. Now let's supposed Google is collecting and anonymizing usage data, like most sofwares do, is that a big deal? Since 99% of the people won't read the ToS and most people assume some level of usage data will be collected, what would be people's stand on that?
I think, Google's stand on the current issue is that they disagree their intent violate the pledge. They would argue data collection is anonymized, and like most software out there (Chrome, FireFox, etc) these are telemetry (and all sorts) collected. For Google the collection is for regular development purpose. Perhaps they will argue that they did not do a good job at making a "disable me" option, and that they didn't make that clear to their customers. I supposed EFF just doesn't trust Google handling the data in the first place, since Google can lie about not logging the individual user name in some server's log file.
They don't collect anonymized data. They collect data, then anonymize it for aggregation by their machine learning systems. They still have data with user information in it.
I'd be surprised if it was just "for regular development purposes."
I'd wager that collected usage information in drives marketing and sales efforts, to enterprise customers at least but perhaps consumers as well. And while it's not directly used to target ads at the students on that platform, I'd be similarly surprised if it wasn't used to train their commercial-side profiles to make targeting "anonymous" 12-18 year-olds more effective.
Maybe. Google doesn't specify how they are fitting their data in their training program. But to be clear, I didn't say they were just for development purpose. I was imagining that'd be their interpretation. They would see that as telemetry or diagnostic information.
But if they will provide an opt-out option, that will help resolve the issue. EFF isn't wrong, they are catching an implicit fineprint, and Google is interpreting that very differently (not being Google).
The university I go to makes a point of telling us almost every day that we have no rights because we signed them away when we accepted the application.
Man, how far Google as fallen. Reading that corporate press release made me feel embarrassed and uncomfortable for all the people who had (unwisely) trusted Google over the years.
Maybe they are not (currently) using the data in the very legalese-specific way that they have claimed. But, there's no doubt that they will build unrelated products using that data to make their owners gazillions. That's fine, you say - we're all here to make money, right? But, imagine that you're tracked, monitored, and experimented on 24/7 throughout your childhood. When you're 20, will you be surprised when Google's AI will understand every intention, desire of you and be able to recognize every nuance of your actions and behavior? To me, that's scary.
I want to be fare to Google but their response was not satisfying to me. There should be no leakage of students' data that will persist and have an effect on students' digital (and physical) lives later in life. I side with the EFF on this issue.
In the comments, a parent advises their kids to only use their Chromebooks for class activities and never for personal email and web browsing. Great advice, and should work fine for children with privacy respecting smartphones.
protip: install a full linux distro on your chromebook, and then use non-google end-to-end encrypted services such as firefox sync or owncloud for dealing with private data.
While this is great for personal purposes, the article is discussing Schools/Google Apps for Education (GAFE). Chromebooks are nifty for the low price they offer and the relatively low maintenance needed on them, but this solution for privacy on them simply doesn't scale once you get above a few machines due to the fact that you can't just stick a live disk in and install, you have to go through a few hoops on the Chromebooks/Chrome Machines I'm familiar with.
GAFE is really convenient in a lot of ways; the EFF is absolutely right to complain though that there are a lot of privacy issues baked into the whole thing by virtue of it being Google Services.
Outside of data collection, the issue is that GAFE admins are still at the mercy of Google changes. We may get advanced notices from Google about changes and certainly some are optional, but things like G+ integration, Photos, and so on are completely outside of our control.
My last workplace used GAFE for the University, and we had a lot of very basic privacy things that popped up as a result of GAFE and new gmail features pushed out. Our few privacy minded users (mostly older professors) would get really upset over how much data got sync'd between LDAP and G+ without our admin realizing it, students who had legitimate privacy concerns (harassment cases) were frustrated with the same issue, and so on.
I'd like to believe Google could just ease up the data collection from schools and businesses - it can't be that great compared to the public at large, and it would make GAFE absolutely perfect for schools. (Seriously, privacy aside, GAFE is otherwise perfect for a University set up. Unlimited space, great for student collaboration, and honestly many universities could do away with Office subscriptions at this point since the Google Office Suite is close enough for all intents and purposes.)
> There are no ads in these Core Services, and student data in these services is not used for advertising purposes.
This isn't in the original EFF complaint, EFF specifically says (at least in the press release [1]) that Google doesn't advertise:
EFF:
>This allows Google to track, store on its servers, and data mine for non-advertising purposes
Google then says:
>In addition, our systems compile data aggregated from millions of users of Chrome Sync and, after completely removing information about individual users, we use this data to holistically improve the services we provide. For example if data shows that millions of people are visiting a webpage that is broken, that site would be moved lower in the search results. This is not connected to any specific person nor is it used to analyze student behaviors.
Which is exactly what the EFF's complaint is about!
EFF:
>Google’s practices fly in the face of commitments made when it signed the Student Privacy Pledge, a legally enforceable document whereby companies promise to refrain from collecting, using, or sharing students’ personal information except when needed for legitimate educational purposes or if parents provide permission.
so imho Google just confirms what the EFF said
[1] https://www.eff.org/press/releases/google-deceptively-tracks...