When you set up an Android phone you have the option of not using Google Services. Secondly, you can disable Google Play Services anytime you want. You can also turn off location history and tracking anytime you want so I'm not sure where you get the idea that none of these services or apps can be turned off or disabled.
I am not sure what comment you think you are replying to. Google Play Services cannot be uninstalled on a stock Android phone, like I said, only disabled; and disabling it means the vast majority of Android apps won’t work, like I said. These are facts that anyone can verify for themselves; you merely claiming otherwise doesn’t change this.
You also seem to be confusing Google’s various services with Google Play Services specifically.
You can, however, disable the location tracking across your device pretty easily, or even just disable location history if you want other tools to be able to use your location.
Yes, disabling core features of your device results in a worse user experience, this should not come as a surprise.
I believe there are power and compute related reasons that you actually do need there to be a central service that manages location data.
And I guess at that point you could say "but then there should be a single tool that does location management for apps and location tracking should be entirely separate", but I'm not sure why that's any better than "there's one app but you can toggle off the objectionable parts in a really straightforward way".
Or perhaps you mean that they could just provide raw GPS data and the app developers could handle everything else, but that too runs into power and usability issues. Android handles geocoding and reverse geocoding in relatively energy efficient (and reliable!) ways. If every app had to do its own geocoding, you'd have disparate experiences in apps. (Note that Apple does almost the same thing: there are builtin geocoder objects provided by the OS that convert from GPS to address over the network). You could make that a separate thing, but then you'd get people complaining that "none of my location based apps work even though I have GPS enabled".
So I guess I'm curious what your suggestion on what they should do instead is.
> I believe there are power and compute related reasons that you actually do need there to be a central service that manages location data.
That may be, but they could open up that service for me to run on my own server, rather than through them.
> And I guess at that point you could say "but then there should be a single tool that does location management for apps and location tracking should be entirely separate", but I'm not sure why that's any better than "there's one app but you can toggle off the objectionable parts in a really straightforward way".
I'm not following what you mean by this. Can you expand?
> If every app had to do its own geocoding, you'd have disparate experiences in apps.
And? I already have disparate experiences in apps for tons of reasons.
>And? I already have disparate experiences in apps for tons of reasons.
So because some things are a bad experience, we should make more things a bad experience? I don't follow. Or do you mean that you as an end user, not an app developer, should be able to configure the server used to look up the mapping of gps coordinates to street addresses used system wide, as though that isn't a giant security vulnerability? (as in, if I were Uber or Lyft, I wouldn't want to deploy my app on a platform where another app with root privileges could, for example, change the GPS lookup location to something adversarial whenever uber was in the foreground, leading to bad end user experiences).
As far as I know, apps can already do their own geocoding (no one could really stop them), they just don't because the built in ones are better and give consistent experiences.
>I'm not following what you mean by this. Can you expand?
I guess I'm not clear on what the problem with "I get my location through google play services" is. Like I understand why one might take issue with "the only way to get location data is to opt in to Google having my location history". But that's not what happens, since you can turn that off. So I'm unclear on why Play Services being the source of location data, as opposed to something else.
> So because some things are a bad experience, we should make more things a bad experience?
I don't see how disparate experiences are bad experiences. Those are two entirely different things.
> if I were Uber or Lyft, I wouldn't want to deploy my app on a platform where another app with root privileges could, for example, change the GPS lookup location to something adversarial whenever uber was in the foreground, leading to bad end user experiences
Is there any reason this can't be done today? I already have root on my platform, and, afaik, I can spoof my gps coordinates. Besides, if you don't like how a platform has set up its permissions, then don't develop for that platform.
> But that's not what happens, since you can turn that off
You can flag a button, that tells you that it is turned off. There's no way of knowing whether or not they actually keep my data.
>I don't see how disparate experiences are bad experiences. Those are two entirely different things
Inconsistent experiences is perhaps the single biggest complaint about Android as a platform. This is on comparison to iOS which has much stricter controls on how things can look and what you can do. Unified interfaces are better experiences. Predictability is a part of good ux.
>Is there any reason this can't be done today? I already have root on my platform, and, afaik, I can spoof my gps coordinates. Besides, if you don't like how a platform has set up its permissions, then don't develop for that platform
I'm honestly not 100% sure, but it wouldn't surprise me if it's the kind of thing that only possible via BusyBox or whatever.
As for the second part of your comment: losing Uber for a feature that will be used by 6 people is not a reasonable trade-off for a platform to make.
>There's no way of knowing whether or not they actually keep my data.
Well yes there is. You can see all the data Google has one you via takeout. For location specifically, there's timeline.
Unless you mean that you think they are lying and secretly storing your data in which case there's a plethora of legal reasons they can't do that. You're veering off into conspiracy territory.
(I work at Google but these opinions are mine alone)
>Than it stands that Google values money more than they value designing a system with their user's best interests in mind.
No, they value their average user over you specifically. If the average user will gain more from Uber than from the feature you suggest, it is in Google's users' best interest to not implement that feature.
>Yeah, because Google never lies about what they do with data, or how they collect it. /sarcasm
Then you can certainly name all the other times? There are a number of complaints about Google that I've heard, but being secretive about what data they collect is a new one.
> No, they value their average user over you specifically. If the average user will gain more from Uber than from the feature you suggest, it is in Google's users' best interest to not implement that feature.
No, they don't. They could make this an optional feature, and they choose not to. And I can't think of any way that preventing users from controlling there own data could be good for users.
> Then you can certainly name all the other times?
I can't name all the other times, but they misuse our data so often, they publish statistics about it:
>No, they don't. They could make this an optional feature, and they choose not to.
If adding such an optional feature causes Uber to leave the Android platform, adding the optional feature is a net loss to Android users. "You are not the user" rings true here.
To put this another way, if your "feature" harms the ecosystem, it is not, in fact, a feature.
I asked for examples of Google lying about data collection, which was the accusation you levied. You responded with Google being transparent about responding to legally binding government requests.
While you may feel that handing data over to the government is a misuse, Google is not secretive about this. They're very straightforward about the fact that they will obey lawful requests, and they're transparent both with affected users, and the general public, about when and how they comply with those requests, as evidenced by the report you just linked.
So I'll try this again: since you accused Google of lying about collecting data or lying about what they do with it, can you substantiate that accusation, by giving examples of Google lying about what data it collects, or lying about what it does with that data?
> If adding such an optional feature causes Uber to leave the Android platform, adding the optional feature is a net loss to Android users. "You are not the user" rings true here.
That's a big if. I highly suspect that Uber wouldn't want to leave one of the biggest platforms just because of a simple option that might already exist. What if Uber demanded to be able to have root on Android phones? Would Google be willing to bow to that because losing them would be a "net loss to Android users"?
I'd have to ask you to point out why giving user's more ways to manage their data "harms the ecosystem".
> I asked for examples of Google lying about data collection, which was the accusation you levied. You responded with Google being transparent about responding to legally binding government requests.
Yeah. I did. It doens't matter why they lie, it matters that they lie. Especially If they are willing to lie to me about how they use my data, they why wouldn't they be willing to lie to me about how they collect my data? And I fully admit that I have no direct proof of them lying about how they collect data, but I don't see why you would trust a company that regularly lies to it's users about what it does with that data.
You haven't actually shown an example of them lying though. Are you saying that complying with lawful requests for data, as Google explicitly stares it will do and then publicly announcing the ways it complied, as well as when lawful, announcing to the affected users, is lying? I find that difficult to believe.
> Are you saying that complying with lawful requests for data, as Google explicitly stares it will do and then publicly announcing the ways it complied, as well as when lawful, announcing to the affected users, is lying?
By not notifying their users that their data was breached they aren't being honest about how how data is being used. They could also set up the system in such a way that their user's data couldn't be mishandled, but they choose not to.
Not exactly the actions of a company that I would consider trustworthy.
>By not notifying their users that their data was breached they aren't being honest about how how data is being used.
But they do notify the user unless doing so is illegal (and then, they do so when it becomes legal). You still haven't substantiated this claim of lying, unless you are claiming that "obeying the law" is lying about how data is being used. But again, Google is clear that they will obey court orders.
> They could also set up the system in such a way that their user's data couldn't be mishandled, but they choose not to.
This is also one of those things that appeals to a small group of privacy enthusiasts, but isn't actually a good thing for the average user. The same set of changes that make it impossible to as you describe it "mishandle" data, also make it impossible to recover data in the case of user error. If you're willing to make that tradeoff that's fine, but for most people, the looming spectre of a court order is a much less worrying issue than forgetting one's password.
That may not be the case for you, and that's fine. But to say that not doing that is unethical is a stretch. See this thread[1], where a number of security professionals who to my knowledge aren't Google-affiliated (and me, who is neither a security professional, nor independent) discuss this.
It comes down to the average user's threat model not involving state level actors. Designing a broadly appealing service to respond to that threat is a disservice to the average user, because it comes at the cost of other features.
You personally may have a different threat model, and that's ok. But to claim that anyone who does not follow your exact threat model is lying or mishandling data is disingenuous and potentially harmful.
I'm not ignoring any facts. You haven't substantiated any of your accusations. You're the one who is transforming "transparently obeying lawful warrants as they disclose they will" into "lying about data usage", or at least that's the best interpretation of what you're saying I can come up with.
If you want me to engage with facts, please provide some first! I can't ignore what isn't there.
Fact: They are willing to lie to me, and are unwilling to set up their systems in such a way that they don't have to lie to me.
Fact: They could also set up the system in such a way that their user's data couldn't be mishandled, but they choose not to.
Bonus Fact: They say that they store our data securely, but it's clear that they don't, if they can comply with a NSL.
You keep making up excuses for them, but those don't matter. The facts matter. If I'm wrong, then it would be easy to prove, and I'd ask you to do so.
> You're the one who is transforming "transparently obeying lawful warrants as they disclose they will" into "lying about data usage", or at least that's the best interpretation of what you're saying I can come up with.
And what is factually wrong about that? If I ask them if my data is being mishandled, they'll tell me it isn't. And by not notifying me of breaches of my data, they are lying about the quality of the security of their system.
Because Google states that it will comply with such orders. That means that they do not lie to you about complying with court orders. They tell you in advance that they will comply with them. This isn't a case of Google saying "we will never give your data to the government" and then walking back on that. That would be lying. But they don't do that, they say
> We will share personal information with companies, organizations or individuals outside of Google if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to meet any applicable law, regulation, legal process or enforceable governmental request
(edited for formatting from [1])
So again, what is the lie?
I already explained why 'designing a system so you can't comply with an NSL' is a nonstarter. The design requirements to do that make such a system untenable for most clients, for example most corporate clients need data recovery features that are impossible in a system designed to meet your requirements.
> Because Google states that it will comply with such orders.
So Google saying that it will lie to me means that they aren't going lying to me? OK
> I already explained why 'designing a system so you can't comply with an NSL' is a nonstarter.
No, you gave a poor excuse as to why Google won't do it. That doesn't mean it can't be done. In fact, many other organizations do it all the time. Google simply chooses not to.
