I sat recently at the Grand Opening Ceremony at CeBIT 2012 in Hannover, Germany. There was a huge crowd of dignitaries, business people and captains of German industry. They were waiting to hear from the President of Brazil, the Chancellor of Germany and the Executive Chairman of Google, Eric Schmidt. Each gave a keynote. It seemed salient for me to listen specifically to Schmidt, perhaps one last time. It’s not that I don’t respect the German Chancellor or the President of Brazil, but I wasn’t trying to divorce myself from the organizations they represent.
You see, I’m leaving Google, in total — meaning in every single possible personal way. What you’re reading is the first seven days in the attempt, which is ongoing.
If you live in the modern world, leaving Google is both heresy and damn difficult to do. My primary motivation is that I don’t believe Google’s privacy protection claims. But you should know I cannot know the truth of its claims; I simply don’t trust them. I was raised to be sceptical.
Day one: Inventory
The content industry is tied to Google Analytics, which is the oil well in Google’s basement that fuels and funds many things that Google does. It’s a brilliant system. It serves ads based on demographics gleaned from analysis of user behaviour and advertiser needs. The more an ad is targeted and salient or relevant for the user, the better chance a user will click on the ad for whatever purposes the ad portends. It’s automated in such a way that it has become a vast machine. Lots of money is made with targeted clicks.
That machine is charged with robbing most of your personal characteristics in a quest to make the ads better. The problem is: it also robs you of your privacy. The price of privacy is ostensible excellent and often free content that’s subsidised by the oil well in the basement and the economic engines that it fuels in terms of sales for advertisers. In my mind, it’s a robber baron of dignity.
Day one was spent totalling the way Google has permeated my online life. I had to add up the ways I go about my work day. Google is glued to my life (and perhaps yours) like barnacles to a boat. The situation is exacerbated by the fact that I have a personal mobile phone based on Android and Google has tremendous involvement in Android’s attachment to its analytic (and therefore privacy robbing) engines. Removing the barnacles can be done. I’ve largely done it, although there are unfortunate ways that I unwittingly must still face seeing Google and its products online. Losing one user, Tom Henderson, won’t hurt Google in any discernible way; as the body of data that Google has is monstrously huge.
Day two: Leave no tracks, start to delete cookies
It’s this immense body of data that’s the ideological problem. Law enforcement agencies seem to have easy access to the data. That data includes: where I surfed via Google Search. Who I called. My participation and 3000+ friends on Google+. My location, via what Android tells Google. I hope and mostly believe that Google doesn’t know ALL my contacts and their phone numbers and in some instances, their location. I cannot know the true extent of what Google knows about me. I believe that Google Corporate may not be able to tell me how much they know.
When I sit at home, Google (unless I consciously prevent it) knows where I sit, on what machine and what time of day I’m there. Data is collected not only from the search engine site, but sites that I visit that have Google maps and so forth. The penetration of Google’s ability to sniff a single individual’s location and preferences is unprecedented. Google knows more about me than my mother. Google “deserves” this knowledge because of the EULA they mandate and because it’s their business model.
First, I had to remove the cookies. There were several dozen of them with Google’s address or name on them. I have three browsers (for research purposes) based on different software engines. Each has a slightly different way of exorcising the cookies. It should be noted here that Google isn’t the only one tracking me for demographic purposes. It’s just the big dog and the one with the largest reach.
I’ll avoid references to the “old days” when people didn’t relinquish their privacy and details to gain free access to applications and services. Some people believe this is benign, but they’re wrong. I won’t argue these points, rather explain how to get yourself free. After you rid yourself of the cookies as an exercise, you’ll be much more aware of how much was being tracked.
Day three: Reality check, delete more cookies, install redirected host files
You can’t use Google products. If you use one Google product, a single agreement covers your use of them and Google can basically use the information it gleans from what you do, where you surf online, where you were when you surfed it, any other information kept in your browser that it can read and use it for any purposes that Google wants. So you can’t go to http://anything.google.anywhere. To prevent accidental Google application use, one must actively prevent a computer from going to Google sites. The cookies will reappear, as if by magic. Day Three consisted of destroying Google’s tracks on my machine(s).
If you go to Google or a site accidently uses a Google product access, you’re back to square one because the cookies, the tracks of your use, will be re-established. You have to teach your computer to stanch requests made to Google because you can use Google by accident. In doing so — stopping unwitting access — you can also add protection from other web sites that track you like a pack of trained dogs. There’s a way of preventing your computer from going to these sites in a technical way that’s a holdover from the old days of computing. It’s called a redirected hosts file. Ask your geek friends about them.
In Windows, Mac and Linux systems, this means using something called a hosts file. Your local geek knows how to modify your hosts file so that if your computer system accidently goes to Google without you realising it, the request re-routes back to your computer, effectively preventing accidental Google use. The WinHelp WinHelp2002 portion for the MVPS.ORG site contains a general purpose ad-restriction hosts file that will reroute literally hundreds of ad (and privacy-sucking) sites in this way.
Once installed, these hosts files reroute requests to the machine where the file is installed, rather than blurt information regarding browser data, cookies, location and so forth — your private information.
Day four: Removing supercookies, install cookie and tracking blocker
Ridding your machine of Google means also removing traces of Google and other applications. Sites that use Google products inside of them can leave cookies. Cookies are settings and information files deposited on your computer when you visit websites. Cookies can be read by websites you visit and if Google is there, it can read the cookies and therefore the information.
You must then learn how to remove all of their cookies from your devices and use non-Google products and applications, including Chrome, Google Plus+ and so forth. Each browser’s method is different. Then there is the problem of supercookies, which can actually resurrect cookies you’ve deleted. Selectout is a website that yanks most cookies (I haven’t checked it exhaustively) and includes SuperCookies. SuperCookies act as “agents” for various tracking bloodhounds and seemingly unrelated cookies can re-appear by magic if just a few of them do. It’s subterfuge to keep you tracked. Tracking is money.
Once cookies are gone, you’ll need a cookie and tracking blocker. I chose an application called Ghostery. Ghostery blocks trackers, adware cookies and most of the barnacles. It’s made by a maker of barnacles and so far, has been faithful in blocking undesired cookies in my experience. Ghostery is a browser application that works with many browsers and slows down response noticeably. The response slows because as each web page is loaded, it’s examined for the scripts and destinations associated with ads, trackers and so forth. It has the ability to foil and largely fool the web page into doing no evil on your machine, while not giving up any information regarding the user, machine, browser, etc. Light testing has shown it to be effective and Ghostery is updated frequently to allow new and novel tricks to be thwarted.
The warning here is that although Ghostery seems to work, it can cause certain web pages that depend on tracking to suddenly not work. If you use Discus, as an example, you must turn it back on by adding an exception for your site. I have no idea what Discus does with the data it garners. Sometimes Ghostery lights up with a dozen or more tracking elements on every page I load from some sites. A page reload (including going back to a page) will trigger Ghostery all over again. Some pages simply crawl because of the extra tracking junk Ghostery must stop.
Day five: Android
First some background is needed. At least for now, ridding one’s self of Google doesn’t mean you have to give up your Motorola mobile phone. As Google now owns them, I’m guessing that Motorola’s phone policies will change. I own a Motorola Droid 2, which runs Android. You can use Android without Google, but doing so is tough and there’s work to do. Having done so, your privacy and dignity will be preserved. Lacking these steps and using Android or Google products, your privacy and dignity will be usurped — by your permission.
Scrubbing Google from your phone is at least temporarily do-able. It’s beyond the scope of what I’m writing about here. The basic steps require you to scrape a lot of stuff after going through a process called rooting-your-phone, which gives you, the owner of the phone, control back over the use of the phone. You must then use non-Google apps and no more Google Maps, Android Marketplace (unless the app you select is known to behave) apps and must carefully watch downloaded apps for stuff they request to do.
One of my great disappointments is that updates to Angry Birds now want access to your location, your phone contact list and the names of all your high school classmates whose last names begin with the letter “S”. Each app you download will ask for permissions. You must decide whether to grant them or not. There are listed payloads of basic apps that will work well with Android phones, but at the whim of a telco, the telco may try and assert an update to your phone’s operating system that will wipe out all of that work. You must either resist the upgrade request or succumb to it and clean it up again immediately afterwards — if you want to ensure your privacy. Even then, phones report all sorts of things that are privacy robbing to the telcos, who in turn, do with that data as they will. You have no choice as there is no such thing as a do-not-track for many personally-identifying characteristics of phone use.
Using a different operating system than Android may not improve your privacy position. Microsoft and to a lesser extent, Facebook, have attempted to compete with Google’s product lines. Microsoft has operating systems and phones. Facebook has social networking and to an extent, search and voice (in partnership with Microsoft). So you’ll need to decide if the replacement, as a cure, isn’t worse than the Google “problem”. In some cases they are — and it’s a matter of trust to use these products, even if you agree to the terms of their licensing.
Why bother to read the agreements? They’re legally binding. Vendors of the products you use, subject to the licensing agreements that you agree to, can use the information in ways you didn’t intend. This means both with your desires, but also against them for the desires of others. Can an insurance company deny you a policy because you’ve been searching extensively on diabetes and cancer? Perhaps performing a query on low cost legal services or learning about HIV might peg you as an undesirable. Findings might be quotient of a decision process that you have no control over. It might be best to move on.
Where ever you go with a mobile phone that’s turned on, that phone broadcasts its location and that location is tracked. If you use the GPS functionality of a mobile phone, then you’re now in a very precise location-based tracking system. The GPS chip will rat out your location. This was originally a function to help telcos serve your phone with the best tower location. Now it can be used for whatever purposes the telco wants.
In the US, telcos will give up a history of your calls and location (of your phone) to law enforcement officials. Burglary some place? Were you nearby? You’re a potential suspect. Calling people with conviction records? Oh dear.
Talking to someone with a conviction near the scene of a crime? Oh my. The telcos have a history of releasing location-based system (LBS) information with hardly a warrant. Governments can keep track of your location and in some places, listen in on your calls, you terrorist. How long do they keep the data? I sense that data is forever.
Day six: The replacements
Here’s a list of possible application replacements for things Google might be currently doing for you:
Google Search: Duck Duck Go, doesn’t store info or cookies; no location-based tracking
Google Plus +: Social Networking Portal, numerous alternatives
Google Docs: Numerous alternatives
Google Mail: Numerous alternatives
Google Translate: See alternativeTo for other choices
Android: Boot-to-Gecko, Ubuntu, Windows 8 Mobile, iOS/iPhone
Google TV: See alternativeTo for other choices
The alternatives to Google are available. Sometimes these products are under the umbrella of another site, like Bing or Yahoo. Other times, they’re a bit of a mixture of applications, each with their own user agreement and privacy principles. The problem is that each legal term must be read and evaluated. Applications originating in the EU and especially Germany, have a stronger privacy legal principle behind their use.
Finding the applications has been both painful and a moveable feast– some of them can be a joy to use, like Oovoo- for its video qualities.
Day seven: A few withdrawal pains, but otherwise good
The search engine is the first part of my use that needed getting used to. I’m not sure that I wanted to use an engine called duckduckgo, but after a while, it’s not bad. It lacks some sophistication. It has sponsored results, but leaves no cookies if desired. It doesn’t seem to be twigged from prior searches that I can tell — so far. Its results aren’t as complete as Google’s, but in truth, I rarely look beyond the first two pages of results anyway. I generally refine or alter a search if I don’t find what I’m looking for.
I miss Google+, but not much. Some of my friends might read this and believe that I’ve abandoned them. I’m still on Linked-In, Twitter and Facebook. So far, I’m ok with the privacy policies of each of these, although I have to watch them like a hawk and make seemingly weekly adjustments to privacy settings somehow. The user-base seems to be sensitive to this and gives explicit instructions on how to maximise privacy and personal information conservation.
The biggest loss so far is YouTube. I’m going to have to figure out how to watch YouTube videos by proxy. How do I use Youtube? I’m considering a proxy. Anonymous proxy use may satisfy the need for privacy, but at the price of latency and principle. After all, my son posts his music videos there and they’re fun (if deafening) to watch.