The quote I have been seeing – and using a lot lately is critical in describing Google’s behavior working around browser security settings and the very desires of users in insinuating their advertising into Safari as they were caught doing last week:
Despite being thought of as a tech company, Google is actually an ad agency.
Last week Google was caught bypassing user settings and Safari security as noted here:
– Google secretly developed a way to circumvent default privacy settings established by a hated competitor, Apple
– Google enabled this workaround to further its own advertising (revenue) and social-networking goals.
– Google then used the workaround to drop ad-tracking cookies on the Safari users, which is exactly the sort of practice that Apple was trying to prevent
This allowed them to use cookies to put ‘+1’ buttons on advertisements which were served by their subsidiary DoubleClick. But predictably their quest for money, regardless of user privacy, couldn’t stop there:
Google then took advantage of this Safari workaround to drop cookies on Safari users’ computers for advertising clients–the exact sort of behavior that Apple’s privacy settings were designed to prevent.
Of course, as soon as they were caught with their hand in the cookie jar, Google plugged the hole, and has been churning out spin from it being unintended to ‘a known feature’ to a ‘limited workaround’. But one thing they made clear in a public statement:
Users of Internet Explorer, Firefox and Chrome were not affected.
Naturally, THAT was a lie as well. Is ANYONE surprised?
At MSDN blog today, we get this:
When the IE team heard that Google had bypassed user privacy settings on Safari, we asked ourselves a simple question: is Google circumventing the privacy preferences of Internet Explorer users too? We’ve discovered the answer is yes: Google is employing similar methods to get around the default privacy protections in IE and track IE users with cookies. Below we spell out in more detail what we’ve discovered, as well as recommendations to IE users on how to protect their privacy from Google with the use of IE9’s Tracking Protection feature. We’ve also contacted Google and asked them to commit to honoring P3P privacy settings for users of all browsers.
We’ve found that Google bypasses the P3P Privacy Protection feature in IE. The result is similar to the recent reports of Google’s circumvention of privacy protections in Apple’s Safari Web browser, even though the actual bypass mechanism Google uses is different.
So we know that Google bypassed basic privacy settings … for money. And that they hid it and lied about it and wound out the spin machine – and the millions of Google-fanboys who will defend them regardless of what they do. And then we learned they did it AGAIN, even after getting caught once!
What is hilarious is that they don’t offer a ‘cookie opt-out’ for Safari, because …
While we don’t yet have a Safari version of the Google advertising cookie opt-out plugin, Safari is set by default to block all third-party cookies. If you have not changed those settings, this option effectively accomplished the same thing as setting the opt-out cookie.
Well, it would be hilarious if it wasn’t nefarious. And as MSDN says, it isn’t even clear that the cookie opt-out helps. And Google? Naturally a non-denial denial intended to cast Microsoft as the villain by having a “widely non-operational cookie system”, and saying that ‘Facebook does it too’ … since we all know that Facebook is that great bastion of privacy and security and personal accountability.
And again, there is a HUGE difference between ‘this isn’t a problem for IE’ and ‘everyone else is doing it’. Bottom line – they are like a little kid spinning lies so quickly they can’t even see how obvious those lies become when pieced together.
What I have been reading today is that this ‘isn’t a huge deal’. In and of itself – absolutely true. In general this is small potatoes, certainly not like a real hack of a data stream or stealing account info. But there is an inherent conflict of interest for Google that provides the tools to do things and then monetizes those actions.
Again, Google isn’t a tech company. They aren’t your friend. They are an ad agency, selling your eyeballs, and monetizing your actions to the highest bidder. They don’t care about you, they are using you. They don’t care about privacy or security or your settings – they have smarter programmers who can hack your settings and STILL get information you have told them NOT to collect.
They are a for-profit company selling YOU. The ends – their profits – justify whatever means are necessary, including compromising your security and personal information. The worst thing for a public company is what the constant expectation of MORE does to the way you run business. Again, 95% of their money comes from ads, and more and more companies want a chunk of that pie, and there is a finite amount advertisers will spend. The choices are to grow thee 5% or work to monopolize their other non-revenue products for the 95%. They get no money for Android, and it is established that Android users are a lousy revenue source, and their worst-in-class music service only gets noticed when they offer up loss-leader sales … not too many solid prospects.
But why not just use the normal methods of cookie tracking? Because they have their operations broken up into separate domains in order to maintain the appearance that things are truly separate. In other words, when appearing before government panels trying to explain actions, having DoubleClick separate from Google.com is important to avoid regulation. But when running their everyday business it is inconvenient because they actually WANT to do the stuff that they are accused of … so they hacked browsers as an end-run. This way they get to BE the nefarious company some people recognize them for while appearing much more compliant.
This past week we have also learned more about Google pushing their own brand of ‘search engine optimization’ that focuses very highly on ‘+1’ numbers. So if you run a site and get loads of hits but don’t have a ‘+1’ button to feed hits back to Google (read: kickbacks), your site will fall below others that have fewer hits but DO provide kickbacks to Google. And since they are already pushing their own so-called ‘social network’ over the established ones (I showed evidence before of how a Google + page with 2000 +1’s showed up instead of the Facebook page for the same person with >1,000,000 ‘Likes’), we also are learning that they are pushing ‘brand’ pages even more heavily. That makes sense – you and I provide indirect money … someone like Nike provides REAL money. Google search results become more ‘pay to play’ with each passing week.
Every time I point out something about Google, I immediately hear that it is unfair attention compared to other evil companies like Apple or Microsoft. I disagree – Apple and Microsoft are like the toddler going for that fragile item on the end table: obvious and slow.
For example, Apple wants you to come into their huge building and choose from the items on their shelves as if nothing else exists. People look for more nefarious stuff in EULAs and whatnot, but all they want to be sure of is that if you make something for their store using their tools you can’t sell that exact object elsewhere, and that if you are selling to someone in the building that they get a cut. That is pretty much it.
I have heard the tired arguments that their stuff is ‘free’, so ads are the price, and that you can simply opt out or use AdBlock. Guess what – time to wake up Google apologists, you’ve been fooled. Google is STILL tracking you. And if you believe that this actually stopped this week after we learn pretty much the same thing at least once a month … you are only fooling yourself.