this post was submitted on 08 Sep 2023
141 points (95.5% liked)

Privacy

32456 readers
502 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I wish to convince my friends and family to avoid using privacy-invading ad-based services and apps. Seeing people discuss how much data these companies collect off of us, I want to know if there is a way you could get a sample of that data by yourself and show it to them for them to realize the gravity of the situation themselves.

The closest thing is Google's ad personalization panel in the Google Account Dashboard. It literally lists out the information of the account holder by the things they've browsed, including their gender, age, occupation, interests etc. I could've used it to show to my family but I turned off ad personalization for all their accounts a few years back so they aren't even aware of it.

The next closest thing to this could be browser fingerprinting tests but they wouldn't be able to understand the tech jargon from the results anyway. Also I am not planning to go to the 'deep web' for this. Is there any other way I could get this done, like a website/app specifically designated for this purpose, for opening some sort of userlog in the accounts page?

top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 46 points 1 year ago (2 children)

https://tosdr.org/

Show them exactly what the company says the collect in plane language not legalese.

[–] [email protected] 18 points 1 year ago (1 children)

Haha plane language. Like whats up my Airbus?

[–] [email protected] 9 points 1 year ago (1 children)
[–] [email protected] 2 points 1 year ago* (last edited 1 year ago) (1 children)

Comac C919 here, what is this "Privacy" you speak of ?

[–] [email protected] 2 points 1 year ago (2 children)

I guess not everyone can be an SR-71. I'll give you a transcript of everything they've been saying for the past 9 hours, hopefully it should bring you up to speed.

[–] [email protected] 2 points 1 year ago

But at least with plane language it's not Boeing anymore.

[–] [email protected] 5 points 1 year ago

That's a nice web to check. Thanks

[–] [email protected] 37 points 1 year ago

I personally like to show how easy it can be to cyberstalk someone.

I pulled up a friend's LinkedIn and pasted their bio text into Google line-by-line until I got a trail to a very old LiveJournal which had links to a NSFW Tumblr (before the purge). What led me there was a phrase that they used frequently in conversation and on the bio. It was their "bone apple tea" moment that made it VERY easy to pin down. I also followed the username trail to some fanart on DeviantArt, and a snapshot of an old website on archive.org.

I present that, then tell them if I can build a profile like this with less than an hour's work, imagine what data processors can do with the amount of data harvested from voluntarily accepting an "invasion" policy, especially if they (the data processors) are able to automatically match speech patterns to users!

[–] [email protected] 33 points 1 year ago (1 children)

Just send them the new report on Nissan of the Mozilla foundation 😂

[–] [email protected] 25 points 1 year ago (1 children)

Not just Nissan so many of the car companies do this.
Here is the Mozilla listing https://foundation.mozilla.org/en/privacynotincluded/categories/cars/

[–] [email protected] 5 points 1 year ago (1 children)
[–] [email protected] 20 points 1 year ago (1 children)
[–] [email protected] 1 points 1 year ago

How bout in a Datsun? ;)

[–] [email protected] 21 points 1 year ago

IMO the problem is rather "What they gonna do with my data? Show me better ads? Nice."

[–] [email protected] 20 points 1 year ago* (last edited 1 year ago)

I've met a ton of people that just don't care. The problem often isn't that they don't know companies are collecting a shit-ton of data. That's really not new or isolated to tech companies.

"If I get better ads and it saves me time, what do I care?"
"I'm getting something for free. What does it matter if they know?"

"It's too much work to avoid"

[–] [email protected] 18 points 1 year ago (1 children)

Have them open Google maps if they use it and show them the timeline. That usually freaks people out a bit. Then you can say sites are doing this same tracking with their digital information or something.

[–] [email protected] 9 points 1 year ago

I know that long time ago this was one of the things that freaked me out. I went into google account privacy settings and there is a lot of info about you. It really creeps you out when you see info from years ago.

[–] [email protected] 17 points 1 year ago (3 children)

If you're willing to spend 40$, various data brokers will sell you all the information people in this thread have mentioned

[–] [email protected] 10 points 1 year ago (1 children)

Buy Congress data weekly and make it public. Watch some privacy laws happen damn fast.

[–] fuzzzerd 3 points 1 year ago

If it were that easy, someone would have done it already.

[–] [email protected] 4 points 1 year ago (1 children)

Can dou you name some? I highly doubt that you can buy data from a specific person.

You would need a lot of data and the know how to trace that data back to a specific account/user

[–] [email protected] 2 points 1 year ago

Maybe with good targeting it can be done with buying less data

[–] [email protected] 3 points 1 year ago

Disgusting that we need to pay for it

[–] [email protected] 16 points 1 year ago (1 children)

Facebook Offline Activity page. It displays the activity you have performed on external websites. This was the trigger for me to disable my FB account

[–] [email protected] 2 points 1 year ago

but now you can't see what they collect about you 😐

[–] [email protected] 15 points 1 year ago* (last edited 1 year ago) (1 children)

If it's worth $3 to you, I recommend "Take This Lollipop".

It used to be free, but I guess they gotta eat too.

It's basically a creepy interactive movie that uses a person's own personal data to scare them about privacy and what they put on the net.

[–] [email protected] 3 points 1 year ago (1 children)

Seems cool. Are there many jumpscares?

[–] [email protected] 4 points 1 year ago

Nah, the horror comes from how much data people leak online.

[–] [email protected] 15 points 1 year ago (2 children)

Show them the consequeces. You might scare a few people who are already anxious by showing data collected, but most people will be apathetic. Illustrate why its bad. Be systemic about it.

The stunt outlined elsewhere of texting someone with their info is good, but "we all know google isn't going to threaten us" is the prevailing attitude. Demonstrate what google is going to do and how it hurts people individualy and directly. Until there are personal consequences, peopae won't really care.

[–] [email protected] 6 points 1 year ago (4 children)

Coming from an outsider, could you give an example of a way Google attacks people individually and directly?

Preferably something more common than traffic accidents, since people drive cars regardless

[–] [email protected] 5 points 1 year ago

Google scans all the photos you upload or send to other users, multiple times they have accused people of uploading CSAM and completely nuked their accounts simply because they were sending something to their pediatrician or their doctor.

In one case they have reported them to the police who then obtained a search warrant for all the (obscene amount of) data that google has collected on them.

They then disabled and deleted all his google related accounts including his phone number (he used google fi)

In December 2021, Mark received a manila envelope in the mail from the San Francisco Police Department. It contained a letter informing him that he had been investigated as well as copies of the search warrants served on Google and his internet service provider. An investigator, whose contact information was provided, had asked for everything in Mark’s Google account: his internet searches, his location history, his messages and any document, photo and video he’d stored with the company

Louis rossman has a video on those incidents on youtube.

Google could have potentially and very easily destroyed this persons life. With them you are guilty until proven innocent, actually your always guilty. This mark guy sent the police report that exonerated him to google, yet they still think he's a pedo....

[–] [email protected] 4 points 1 year ago (2 children)

Imagine that you buy a phone from Google's Google Fi MVNO cellular service. You order a phone and it's to be delivered. The phone was part of a promotion for signing up. You paid a reduced rate for it because you are a new customer. Then the phone is stolen out of the package while in the custody of the shipping company. You make a complaint to Google because the phone never arrived and you can't activate service and fullfill your end of the bargain without it. They say that it's the responsibility of the shipper. You then make a complaint with the shipper who claims that although they may be at fault (not likely that they admit that), they are not on the hook for reimbursement. That you must contact Google. You go back to Google. They "escalate" your case to the next tier of customer support. You wait months. They charge you the full cost of the phone even though you never received it. They do this because per the terms of your agreement with them you did not activate service with the phone and maintain that service for the specified period of time and within a specified time limit. You contact your credit card company. They offer you the option of doing a charge back.

Google doesn't like that you charged back. Now your entire personal and professional google accounts and anything linked to them are gone. They nuked them. There is no customer service to contact to review what's happened. You can't get into company email. You can't get into private email. You can't get 2fa codes sent to you via email for any of your bank or other web based accounts linked to that email. Anything and everything in Google drive? Gone. Your family photos? Gone. If you use an android phone you are no longer logged into a Google account rendering your phone only partially functional. They can't serve you with personalised ads anymore. But on the other hand you also have no recourse other than hiring a lawyer (which may be exceptionally cost prohibitive) to get revenge porn of you removed from Google search results in compliance with right to be forgotten laws and anti-revenge porn laws. Meanwhile your data still allows them to target other people you interact with. They get ads for things like the same toothpaste that was on your shopping list in Google Keep. Movies you like. Shows you've purchased. That data you gave them free and clear can still be used by other people and agencies to track you. Your employment history. Your rental history. Whether you've ever been evicted.

They won't sell it. But they'll still use it. And you will have less avenues to delete it or otherwise change it.

load more comments (2 replies)
[–] [email protected] 4 points 1 year ago

This is a "simple" question, but unfortunately the answer isn't as simple. Much of this isn't necessarily Google "individually and directly attacking people", but instead Google providing others with the (otherwise unavailable) means to do so.

Regardless, is this an example that you were looking for? https://www.nbcnews.com/news/us-news/google-tracked-his-bike-ride-past-burglarized-home-made-him-n1151761

[–] [email protected] 3 points 1 year ago (1 children)

I mean, to be open, I don't actually see many consequences, so I don't really do any particular things to protect privacy from like, google. I was sort of hoping someone here would give me one.

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago) (1 children)

This site covers the social cooling effect of these services and how the data you give out may be used against you by banks, insurance companies etc. It's worth reading through (4 minutes). https://www.socialcooling.com/

[–] [email protected] 2 points 1 year ago

Oh thanks. This is exactly what I was looking for.

[–] [email protected] 10 points 1 year ago

John Oliver's Edward Snowden interview where they talk about the fact that the government collects people's dick pics. If that doesn't make them care, nothing will.

[–] [email protected] 8 points 1 year ago* (last edited 1 year ago)

Honesty I've kinda given up trying to show normies that privacy is important. And have started to focus on making my own digital life as private as I can. Some will wake up and come ask you, and then you can share what you know with them and help them switch to privacy respecting tech and practises.

For example I recently converted a friend to Linux and they even bought a System76 laptop and has been very happy with it( I'm an old Thinkpad lover).

Or they will simply suffer the eventually inevitable consequences due to how little people care, and how much big companies and governments are willing to take advantage of that.

It's not that I don't think it's a worthy fight and won't continue to at least get called crazy for mentioning that it matters. But don't be surprised how little most people care.

[–] [email protected] 8 points 1 year ago (1 children)

Way back in the early days of Justin/Twitch, if people wouldn't listen about their data security being important, what I did was simply look up their home addresses and phone numbers and texted them the information.

Had them get on fixing their digital footprint quite fast.

[–] [email protected] 3 points 1 year ago (4 children)

Yeah OP, just dox them, what could go wrong?

load more comments (4 replies)
[–] [email protected] 6 points 1 year ago

I used to have a plugin that mapped how many companies were getting data from the website I was on. I'm not sure if it still exists.

One eye opener that's easily accessible is going into their Facebook third party data agreements. If it's not turned off they'll probably be shocked about how permissive the data is. Just visiting a website can result in a Facebook agreement to share data with that company. It's one of the reasons apps suddenly know random things you were just talking to somebody about. It gets keyed up instantly and they start that whole analysis of shadow profiles stuff industry experts talk about.

[–] [email protected] 3 points 1 year ago

Amiunique is a good one that demonstrates how just with the specs of the device you are using (os, browser, screen size, browser version, user agent, color pallette, js engine, language, keyboard type, etc) you can create a totally unique fingerprint that can be used to track you without ever knowing your name, or who you are as a person.

[–] [email protected] 2 points 1 year ago

Have them install duck duck go on their phones and turn on the app tracking protection and then they can see the data collected by companies they have never heard of. It will show how they try to collect your full name, email, and exact gps coordinates.

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago)

Most people aren't going to care anyway. I do not care whatsoever and I build ELT and ML systems.

load more comments
view more: next ›