Braedon Profile picture
22 Mar, 26 tweets, 8 min read
This whole conversation between Justin and Robin is incredibly frustrating to read, and reinforces my lack of trust in Google/Chrome around #privacy issues, particularly in relation to their #PrivacySandbox proposals.
A little bit of context first - this isn't just some argument between random dudes on the internet.

Justin was "Engineering Director on Chrome Security & Privacy" for the last 11+ years, retiring just under a month ago. Screenshot of Justin's Link...
Justin's original assertion is that Chrome's privacy label on the Apple app store shows so much data being collected because the *sites* you visit via Chrome can collect that data, and all other browsers should be listing the same labels. Screenshot of a tweet from ...
There's a lot we could contest there, but lets focus on the implied conclusion - that Chrome doesn't collect/use this data itself (at least more than any other browser).

This simply isn't true, as pointed out by Robin and others.
If you enable sync on Chrome, all your synced data (other than passwords) will be sent to Google unencrypted by default. It's stored against your Google account, and (at least) your browsing history will be used to "personalise Search, ads, and other Google services".
Lets try enabling sync in Chrome and see how the process works. I'll be using an account I created a couple of years ago, and haven't used since. I haven't used it for Chrome sync before, or changed any privacy settings on the account. Screenshot of Google Chrome...
I want to enable the sync feature, so I click the "Turn on sync..." button, and am prompted to log in - so far so normal. Screenshot of the Google ac...
Once I'm signed in, I'm asked if I want to turn on sync.

But notice the light grey text under the description of sync - it's not just sync I'm enabling:

"Google may use your history to personalise Search, ads and other Google services" Screenshot of the Chrome &q...
This "personalisation" is not the feature I'm trying to enable - I'm trying to enable sync. Bundling them together is clearly a ploy to trying and sneak in consent for personalisation along with an actually useful feature.
The "Yes, I'm in" button (that consents to and enables both "features") is bright blue, and it's already focused - pressing enter on your keyboard clicks it.

It's designed to get people to click through without really understanding what they're agreeing too.
There is some more (light grey) text that says you can "...choose what to sync in settings", but personalisation isn't a type of data being synced - it's a separate feature that uses the synced data.

There's no indication you can enable sync without enabling personalisation.
Regardless, I'll click the "Settings" button to see if I can disable personalisation.

Just to check the above, I'll first try "Manage what you sync". Sure enough, no mention of personalisation. Screenshot of the Chrome &q...Screenshot of the Chrome &q...
Presumably, if I disabled "History" sync it'd effectively disable personalisation, since it's indicated elsewhere that it's your browsing history that's used for personalisation. However, I want to sync history - I just don't want it used for personalisation.
The next option - "Control how your browsing history is used to personalise Search, ads and more" - looks more promising. Note that it's not part of Chrome settings - it's an external link to a Google site.
The "Web & App Activity" switch apparently controls all "activity" data collection and personalisation across Google services.

A checkbox extends this to your synced Chrome history (and any other third party site/app that uses Google services).

Both are enabled by default. Screenshot of the "Act...
Disabling the "Include Chrome history..." checkbox is presumably what I'm after. Once I've done that, I should be able to enable sync without having Google mine my browsing history to "personalise" my experience.

I wonder how many people find this option?
But wait, we're not done. De-selecting this checkbox opens another modal with a wall of confusing text.

Apparently, this only "pauses" collecting "activity" from your Chrome sync data (and elsewhere) - it won't remove any that's already been collected. Screenshot of the "Pau...
It's rather unclear, but it's implied that any existing "activity" on your account will still be used for personalisation.

So unless this is the first time you're enabling sync, you'll need to go and purge all that "activity" data from your account as well.
Anyway, back to Chrome settings to finally finish enabling sync.

Wait, there's another another entry in the "Sync" section - "Encryption Options". Lets check that, just in case. Screenshot of the Chrome &q...
The description says "... Google Chrome will encrypt your data", but if you expand it you find it'll only encrypt your synced passwords by default. The rest of your data is unencrypted unless you change this hidden setting. Screenshot of Chrome "...
Even after all the hassle of disabling personalisation, Chrome sync is still sending Google all my browsing history (and all other synced data other than passwords) in pain text.

This is not normal. Other browsers - e.g. @firefox - always encrypt synced data end-to-end.
OK, so enabling encrypting synced data seems like a good idea. In fact, just doing that would probably have been a faster way to disable personalisation, right?
Well, not so fast. End-to-end encryption prevents Google reading your sync data on their servers, but there's nothing stopping them accessing that data in other ways.

After all, the two "ends" are both Chrome, which they control.
They could analyse it in Chrome (#FLoC et al.), or send it to their servers in other ways.

In fact, we can see at least one way of doing this further down the same settings page, (once again) enabled by default!

"Sends URLs of pages that you visit to Google" Screenshot of the "Oth...
To summarise, Google is absolutely using Chrome to collect a wide range of data on users, and exploiting it in other products (including search and ads).

The idea that browsers have to include data that sites can collect in Apple's privacy labels is a disingenuous distraction.
The convenience of sync is used as a carrot to get users to share their data with Google.

Feature bundling, bad defaults, confusing terminology, misleading descriptions, and other dark patterns ensure most users have no idea what they're consenting to.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Braedon

Braedon Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!