According to the probe, some Google apps automatically save locations data without user permission and this privacy issue affects some two billion users that run Google’s Android operating system. Sputnik has discussed this with Matthew Setter — Ethical Hacker, Online Privacy Advocate, and a Software Engineer.
Sputnik: So what’s your take on this latest revelation about Google, was it surprising to you?
So you want to get as much information as possible to make that advertising as effective as possible. It is partly surprising though that someone can believe that they’ve disabled location services because they want to opt out or whatever reason, but the information in other ways continues to be stored.
Sputnik: Can you tell us about how this is technically possible? And how the apps actually override the setting where you have — do not store location history?
Matthew Setter: When someone disables location services, whether through one of the Google sites or on an Android phone, that’s only disabling certain amounts of information storage.
There's other aspects or other apps and parts of Android and Google services that track different but related kinds of information. From that perspective it’s just a series of services that collect information.
The problem that I see is, that for a user, when they believe they've disabled something, it’s not quite so cut and dry if you will. From other information Google does make different services available where users can across these services manage all that information, and some of these things came as a surprise to myself.
Sputnik: Is this kind of like this fine print when you sign a bank contract or you sign a contract for insurance and there’s a lot of fine print and it’s basically everything that’s intended by the company that you’re signing a contract with, it’s there, but it’s just very difficult to see it, or do you think that Google has failed to make it possible for anybody, somebody who is technically very, very savvy or a lay user to block that function?
Matthew Setter: Without ever having worked for Google or an organization of this sort I can’t say what their decisions may have been or are, or what they were motivated by. What I can say is that it’s just not clear.
Yes, these things are there, and if you go digging for them you can find them, and Google can, hand on heart, say we provide users with all the resources they need to manage these things, but it’s not necessarily obvious that they exist, and not necessarily obvious that you have to put in quite an effort to manage this information.
So I think in relation to your first point, I think it’s like the fine print of insurance legislation or the typical software user license that Google can say we put all the information there, but it’s not necessarily easy for a user to find it and to know for sure what’s going on.
Sputnik: How legal is this current policy of Google?
Matthew Setter: 100%, over say the GDPR or how that would affect it or various other global privacy legislation such as the Australian privacy act, or the Canadian, or the Californian privacy acts.
So, technically I think it follows the guidelines, but it might be a little questionable. It would be interesting to see, taking the GDPR as an example, if someone brought a case what the judgement was.
Views and opinions expressed in this article are those of Matthew Setter and do not necessarily reflect those of Sputnik.