A very good feature of gmail’s extensive “email intelligence” that grew out of Inbox. How did you think the Purchases label worked? How did you think Google Now alerts you on your mobile when your packages are delivered?
If this surprises you you’re going to be flabbergasted by how the Trips label works.
Oh yeah also Gmail and Now work together to bring you those reminders to pay your bills.
Also when you browse Google maps you can see reservation dates on hotels and other venues. I thought the fact that Google scrapes emails to power other services was obvious by now.
Because... Google's business model. Your ability to see your purchase history on a Google page is neat, but it seems a safe bet that the real reason they want your purchase history is because their profile about you as a set of eyeballs becomes more valuable allowing them to charge higher rates on ads. Notice that they only claimed to have stopped scraping gmail for ad targeting purposes, not that they stopped scraping period.
Sure, but why does it have to be my data? Can't they do it on data they already have, or maybe as their employees to run it (who presumably have much more control over how the data is actually used)?
It's very unlikely that Google employees are going to be representative of Google's users as a whole (just look at the startups building niche products for Bay Area techies). Ditto if you only looked at data of users that opted in (maybe they're highly unrepresentative).
That means the heuristics/models that get built would be a worse fit for you, as a user, although it sounds like that's a tradeoff that you'd like.
Exactly. Google is saying they "need the cloud" to make the prediction/action. They also require as grist for their mill: my data.
I would much prefer some basic heuristics executed on-device using my data in a secured processing state. The hueristic-building could be in the cloud, but on datasets other than mine, and let me tweak those dials!
I've always assumed they do this since they've recognized and surfaced flight and event information for years.
I thought about switching my email to iCloud but I'm afraid Apple's going to change the domain yet again. And gmail is hella reliable.
Google of old might have done something cool with this info and annotated the purchases with something like "14,391 people bought this for an average of $1.08 less" or "you pay $7.44 per month more than the average Comcast customer in your area" etc.
To counter on the point of "Google of old might have done something cool with this info"
This is very, VERY subjective. Even if Google did something like "you pay $7.44 per month more than the average Comcast customer in your area" there will be very similar posts detailing how 'Google reads your monthly payment data'.
Sure, but they're already reading your monthly payment data.
My point was just that Google gets and (probably) analyzes aggregate payment information but the user only gets what they already know. If Google is sucking up all of that data, they could at least give some insights to users too.
Now I'm curious to know if they're using this info to analyze competitor marketshare and/or set prices for competing services.
> Now I'm curious to know if they're using this info to analyze competitor marketshare and/or set prices for competing services.
We already know they do... They'll even milk companies for money, bet against them, etc. It's clearly they should have their company broken up IMO (and I'm typically a libertarian)
Completely agree about fastmail. Been a happy customer for a few years now. Easy to migrate from gmail too. Enjoying it all the more since the "upgrade" of gmail's web-ui.
Fastmail isn't free, but I think the old adage "if you're given a really cool product for free, then the product us you" applies here. If you're ok with that, that's cool. But if you're not, there are some great options out there.
> "14,391 people bought this for an average of $1.08 less" or "you pay $7.44 per month more than the average Comcast customer in your area" etc.
This is not how it works. More like "we see you desperately need something because of your circumstances and we offer you only the premium price". Not explicitly of course.
Google is in the business of advertising. They do not stand to profit from giving you that information, unless they had an affiliate link from an advertiser that offered similar services for a lower price who'd be willing to pay X to acquire a new customer.
While this level of ad targeting is not available, based on the gmails they read, they have it on your profile.
Also, you can always buy your own domain name for a few dollars and take it with you anywhere, hosting with reliable email providers.
I wonder if they could build a service to help people switch to the cheapest options, through affiliates obviously. I've heard that's the long term business model of challenger banks which see your bills, but Google have that data too if you get bills emailed and are probably better positioned to build it if they wanted to.
what would be really cool is if they could add an annotation to an email job offer... something like "This offer appears to be 15% lower than what other candidates have been offered for a similar position".
Your agreement with Google allows them to use your data on your behalf. The feature you suggested uses your data to benefit other people, or other people’s data to benefit you. Even when aggregated that violates the agreement.
If you used Inbox, it also categorizes flights, hotels, calendar entries, restaurant reservations, bills, newsletters, forums, social media updates, and a host of other useful functions, extracting out entities. The Finances, Purchases, and Trips bundles are extremely useful.
This information isn't solely surfaceable in Inbox or Gmail UI, go to any Google Search box and type "my purchases" or "my flights" or "my reservations".
You can't think up a single reason why you might not want every purchase you've made in your entire life to be logged in a centralized database completely outside of your control and view which will be kept forever and shared with an unknowable amount of unknown powerful entities that do not care about your well-being?
Some people are going to have a very rough time when reality finally strikes them with all of its might. Perhaps it won't be you, but it will happen.
>Google does not reveal my identity to partners; What you're spreading is fake news.
We know for a fact data was at least shared with the NSA in the past. We also know Google complies with legal requests, could have a partial data breach in the future, could change terms or undergo some type of merger or acquisition which would include your data, etc.
The point here is that it is completely outside of your control. If you want to give all of the control in your life to Google because they have treated you (mostly) well (so far), that's up to you. But as for myself and others, we will refrain because we can think up many reasons why it might not be a smart choice in the long run.
Yeah, but now you're changing the argument from selling data for profit to simply complying with the law.
If Google complying with the law is something someone feels at-risk for, then I understand not choosing to use them. But that's really a lesson that goes for any centralized service.
I haven't claimed that Google sells your data for a profit. Other centralized services carry risks as well, but some of them have profit models that are focused on something other than scooping up every bit of data possible, with some even having profit models specifically focused on the opposite.
I suggest avoiding this phrase if you are trying to have a serious debate. It's overused to the point of obnoxiousness, and doesn't even apply here. (The person you replied to posed a question. Questions are not "news", nor can be described as "fake".)
The question was based on an assumption that the data is shared. It was that assumption that I was calling out, an assumption that is very much in the news, and which is untrue, but also known to be untrue by some and still promoted, making it fake.
Retailers and Credit Card companies have been trading your purchasing data for decades. Acxiom has made billions doing exactly that since the 90s. "Database marketing" companies are just ad networks based on consumer purchasing behavior they buy from retailers and CC companies.
The difference is that those data brokers are just terrible at actually delivering products and value from the data they are getting. At least Google can make their "free" services better as a result.
It could, but an email leak can be much more than it sounds. We have already had data breaches that have resulted in multiple deaths[1].
Just wait until we have one many times worse than this. Data breaches of the future will cause more than just a few suicides. Some may eventually cause war.
If all they're doing is presenting your data in a better way then it's great.
However, it's very likely that they're also selling adverts based on that data, and possibly selling the data itself. Do you really want your health insurance provider to be able to buy a list of restaurant bookings you've made? Or how about the airline you're about to book with knowing what you paid a competitor last time so they don't need to discount their prices for you to buy?
Would you be happy paying more for things because you use Gmail?
I think this comment is a great example of why I think most of the privacy concerns, especially around Google these days, are mostly overblown.
I am not afraid of that example happening because that is not how Google operates.
Google makes money by connecting ads to search queries. An advertiser makes an ad, says "make it appear for the term 'xbox'", and it shows up on Google for searches of Xbox.
The advertiser has absolutely no idea who I am, and google never "sold my data".
Who would even by such data in any volume meaningful enough for Google to consider it as a source of revenue compared to ads, especially given the privacy concerns?
I don't know for sure, but I suspect that Google's own terms even explicitly prevent them from revealing my identity in such a way.
To be Frank, I have a suspicion that HN has been bamboozled by a continuous Apple smear campaign. When Android started becoming more of a threat, and they pretty obviously couldn't take on things like Maps, they defaulted to an argument that they sort of have by default, by virtue of the fact that they sell hardware, not software: Privacy.
And they're not even that good at it. Remember the mac root mistake not too long ago? Google actually has to maintain strict data privacy to survive. Apple, not so much. It's an easy argument for them to promote, and people are lapping it up.
Google had a "data extraction team" (I forget what it was actually called), before it was even cool. It was a team internally years ago that was like, "people have a right to view, export, and remove their own data, so we're going to build that into Google products." And they were allowed to do that. Like, years ago. A long time before this recent wave of skepticism started. I always appreciated that. You heard stories of that kind of thing from Google, then. Hardly ever competitors.
No. Google makes money off connecting ads to profiles.
The vast majority of ads you see are not on search result pages. They’re on arbitrary non-google related pages, so to make that work google has basically moved to a “track everything this person does online so we can build and sell a profile of them”.
Your argument about data privacy is a nonsense - what matters is data security - Their business depends on them being able to read the information they have accumulated and then indirectly selling it. That is fundamentally opposed to data privacy - which would mean only you could read that information.
You say apple doesn’t have the same “privacy” requirements, but what you mean is the Apple isn’t dependent on their users data for income. Even then Apple encrypts ever increasing amounts of user data so that even if they are compromised the data isn’t useful to anyone.
If google did care about privacy then when your email came in they would filter spam, encrypt, and then discard the plaintext. That’s the best you can do because email security is laughable by design. They’d still have huge amounts of information, but at the very least they wouldn’t be able to retroactively crawl your mail box.
I don't know that your post argues anything meaningful to me.
Connecting ads to profiles over ads to search - okay. That doesn't seem super different. The point is the advertiser doesn't know who I am. That's mostly what I care about.
If google couldn't read my email, they couldn't give me features like when my flight is departing. That's a feature I appreciate.
The point I was trying to make is that people seem to believe that Google reveals your identity and personal details to advertisers for profit, which is false.
Google makes money by connecting ads to search queries. An advertiser makes an ad, says "make it appear for the term 'xbox'", and it shows up on Google for searches of Xbox.
This implies that two people who search "xbox" will see the same advert. That is absolutely not the case. Advertisers can target specific groups. Just log in to AdSense and you can easily see the options. They're not a secret.
When I first read this was I was troubled, and I am certainly a Google critic, but it seems to specifically say this is for your usage only. It's not being used for their ad network or for them to see behavior. It's used in the same manner as tracking packages, etc. If or when they start using this for their own internal usage to see use purchasing behavior, and telling adwords customers what purchase/products were popular so they could convert, that's when I'd have a major problem with this. As it stands now, I don't see it as a major problem.
If a frog is put suddenly into boiling water, it will jump out, but if the frog is put in tepid water which is then brought to a boil slowly, it will not perceive the danger and will be cooked to death. So today you don't see a major problem. Even though every single purchase you made in your entire life is being logged in a central database that's out of your control. OK. You are slowly being brought to a boil, and you're not perceiving the danger.
The legend of the frog being boiled slowly is actually completely false (https://en.wikipedia.org/wiki/Boiling_frog). The frog will simply jump out when it notices that it gets too hot. Likewise, it's pretty easy to see the distinction between Google using information to help people vs. using information for profit.
It's also likely that Google buys a copy of your credit card purchase history.
>Google has been able to track your location using Google Maps for a long time. Since 2014, it has used that information to provide advertisers with information on how often people visit their stores. But store visits aren’t purchases, so, as Google said in a blog post on its new service for marketers, it has partnered with “third parties” that give them access to 70 percent of all credit and debit card purchases.
Google reads all Gmail messages, presumably for targeted advertising. In this case it looks like they're giving folks a UI to look at (some of) what they're gathering.
Am I overreacting by seriously considering starting the process of migrating from gmail? It's not this singular incident of course, but just the continued pattern of behavior from Google for the last couple years. I really have lost all faith in them respecting their users.
Apparently we're late to migrate, but I recently started the move to RainLoop:
https://www.rainloop.net/ is actually much better software in my opinion, and is self-hosted unlike FastMail.
Rainloop satisfies the need for polished, smooth, elegant, yet simple "feeling" interfaces like Gmail finally became.
Handles multiple identities, multiple accounts, and contacts well; but no calendar.
Way better than Zimbra webmail, though that does have Calendars. On my local machine, I still use RainLoop rather than a traditional email client, it's that good.
ProtonMail, also mentioned, doesn't seem far off, but seems to lack the extra polish. It's in the neighborhood of RainLoop though, it would appear.
I dropped Gmail years ago, but mostly because my only real reason for still having a google account at all was reader. By that point gmail had just become my spam bin
These days I host my own anyway, and have a blargh@host mail account I use to sign up for things (typically blargh+thewebstie@host so I can track who is selling email addresses)
I did, and I found out it's actually not as hard as you would think. I think I even prefer FastMail's web client. Register your own domain, own the address, and then future migrations are way easier.
Move to Fastmail if that's what your after. You are using a free service, because you are the product. That's not about respect, it's about your (lack) of understanding of the business relationship you entered. If you aren't comfortable with that, you're going to have to pay actual money.
What assurances do you have that those paid services are actually respecting your privacy? It wasn’t that long ago that we found out that telecom companies were selling fine location data of all their paying customers.
The reality is that irresponsibility and disrespect for users are rampant in the tech world. That’s entirely companies’ doing.
> What assurances do you have that those paid services are actually respecting your privacy?
If you use a free service, you basically have assurances that they're not respecting your privacy. The probability of a paid service respecting your privacy is greater than zero, at least.
Also, not all paid services are created equal. You still have to do more due diligence past just throwing money at someone who'll take it.
It's probably safe to assume Google reads all your emails and can probably target advertising off it one way or another. We can probably thank GDPR for forcing companies to disclose what they know about you.
No assumption needed, it's right in the terms of use. I'm surprised to see how surprised people are about this. The fact that they scrape email, for targeted ads and features has been known since 2004.
And yet, in this case, it's probably enough for Google to disclose that they have your email, since the rest is data gathered from that which you don't really need to disclose under GDPR
There's something to be said about intent there. The distinction between "we are a dumb store for images" and "we process all of your images, extract facial recognition data, and match them to landmarks" is stark, but usually undefined. In general I'd argue that "you agreed to this" in regards to a TOS is utter nonsense, as they always contain language and descriptions of a product in such a way that nobody can really understand what's going on. I'd have to spend weeks per year reading the TOS I'd implicitly agreed to, supposedly.
Just one perspective: When it comes to scraping data and storing in single entity (Google servers), it's more about powering the ecosystem than a single client or the UI.
Google doesn't just live in a single client. As a user (by giving up my privacyto Google), I can ask my Google home how my day is while getting ready for work.
I can see the status of my flight tomorrow in my Google app (or Google home screen in Android) without a single search - just because it parsed my email with itinerary. Same way, I can see status for my FedEx package right there just because they violeted my privacy and scraped when I purchased something.
Imagine how much friction it'd require to setup such devices if everything was processed on client side or required explicit opt-in before accessing the info.
Of course as a side effect, I get advertisements of standing desk even a month after buying one, but probably the alternative would be to pay for all these AI and assist?
> Imagine how much friction it'd require to setup such devices if everything was processed on client side or required explicit opt-in before accessing the info.
Gmail's basically parsing emails, so I don't think it would be that hard to do client-side if there was a community effort to create and maintain the parsers. That's certainly doable, because ad-block lists have some of the same characteristics and are community maintained.
I appreciate knowing this and I don't fault Google for collecting it; I definitely can see the value in this, both for the customer and Google themselves.
I just wish there's the option to erase the items there, or even better disable the collection entirely.
Join Google for Work and it disables most of this. You'll still get things like location data and time to leave, but email features such as Inbox, etc were not scanned at all while I was using them.
If they’re not doing this for advertising alone, why can I only see my personal purchases and not company ones for G Suite logins? As a small business owner this kind of data would be a fantastic API resource and a significant value-add from Gmail... I suppose I could use the purchases label, but... it’s interesting they don’t aggregate and display it the same way... thus leading me to conclude that this page is purely to share data used for advertising purposes only, and G Suite accounts don’t have Gmail ads...
I use PrismCipher to protect sensitive messages. I can't stop Google from reading my email, but I sure can stop them from getting anything out of it. I don't want to switch to another provider because as fitzroy stated, it's "hella reliable."
Duh, they host your email and are easily the best functionality- and reliability-wise email provider. For free, yet the money has to come from somewhere. It's hard to find paying email provider matching the Gmail.
I really thought this was obvious by now. If the data wasn't being scraped and analysed somewhere how would the categorisation of 'Purchases' work as well as all those payment reminders?
You've done a good job of (inadvertently?) not providing Google with emails it knows how to scrape. Basically what they are doing is scraping common email layouts like Amazon order/delivery confirmations. If you don't have those well known confirmation formats arriving in your inbox, they have nothing to scrape.
Maybe you’ve never used Inbox? Or you’re using gmail for gsuite or .edu? There are lots of features that are only enabled for gmail.com accounts, and there are many features that got triggered by using Inbox even if you later changed back to gmail.
I was shocked when I stumbled on this. All of my purchases, have been scraped from my emails, including every line item, where I purchased these items from and so on. If they are scraping this from my emails without my permission, what else are they scraping? What else does Google know about me? If everything in my emails is scraped by Google it is possible that they know more about me than I do about myself. Very scary. How will this be misused in the future? Who will have access to this in the future?
> If they are scraping this from my emails without my permission, what else are they scraping?
YOU GAVE THEM YOUR PERMISSION.
Maybe, in the future, read the TOS and Privacy Policies rather than just pressing accept and acting offended when they do EXACTLY what they said they'd do.
Had you done that, you'd also know exactly who has access to that information and, if you read when they notify you of policy updates, who will have access in the future.
Why is this so hard to understand for people? Gmail is not free, you are paying with the information gleaned from it. If you aren't ok with that, start shelling out money.
MISTER PROSSER: But Mister Dent the plans have been available in the planning office for the last nine months!
ARTHUR DENT: Yes! I went round to find them yesterday afternoon. You’d hadn’t
exactly gone out of your way to pull much attention to them have you? I mean, like actually telling anybody or anything.
MISTER PROSSER: The plans were on display.
ARTHUR DENT: Ah! And how many members of the public are in the habit of casually dropping around the local planning office of an evening?
MISTER PROSSER: Er – ah!
ARTHUR DENT: It’s not exactly a noted social venue is it? And even if you had popped in on the off chance that some raving bureaucrat wanted to knock your house down, the plans weren’t immediately obvious to the eye were they?
MISTER PROSSER: That depends where you were looking.
ARTHUR DENT: I eventually had to go down to the cellar!
MISTER PROSSER: That’s the display department.
ARTHUR DENT: With a torch!
MISTER PROSSER: The lights, had… probably gone.
ARTHUR DENT: So had the stairs!
MISTER PROSSER: Well you found the notice didn’t you?
ARTHUR DENT: Yes. It was "on display" in the bottom of a locked filing cabinet, stuck in a disused lavatory, with a sign on the door saying “Beware of the Leopard!”. Ever thought of going into advertising?
ARTHUR DENT: Yes yes I did. It was on display at the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying beware of the leopard.
You shell out money to your bank, and they still sell your information.
> Why is this so hard to understand for people?
Because an extremely large amount of money is spent on UX and PR conducted by some of our brightest minds, to make it as hard to understand as possible.
Conflating security and privacy to use 2FA to get phone numbers out of people is a great example. HN and tech news sites were/are awash with security experts telling people to protect their personal information by enriching their identifiers for surveillance companies.
If this surprises you you’re going to be flabbergasted by how the Trips label works.
Oh yeah also Gmail and Now work together to bring you those reminders to pay your bills.